This section describes what is a digital signature and what is the process of generating and verifying digital signature from a message.
What Is a Digital Signature?
A digital signature is an electronic analogue of a written signature
to provide assurance that the claimed signatory signed the information.
In addition, a digital signature may be used to detect whether or
not the information was modified after it was signed (i.e., to detect the integrity of the signed data).
The digital signature process can be divided into 2 parts:
1. Signature Generation:
Generating a pair of public key and provide key by the sender of the message.
Generating the message digest from the message using a hash function.
Generating the digital signature from the message digest with the private key.
Sending the message, the digital signature, and the public key to receiver.
2. Signature Verification:
Generating the message digest from the message using the same hash function.
Verifying the digital signature with message digest using the public key.
Here is a diagram showing the digital signature process:
There are 2 popular algorithms that are used to generate and verify digital signature using public keys:
RSA (Rivest, Shamir and Adleman) algorithm developed by Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman in 1976.
DSA (Digital Signature Algorithm) algorithm developed by US government in 1991.