What is digital signature?

 

A sender sends encrypted message to an intended receiver.  If the sender also wishes to send evidence of his identity to the receiver, he encrypts a piece of information that makes sense to both, using his private key and sends it to the receiver.  This encrypted piece of information is called the digital signature.  Receiver uses sender's public key to decrypt sender's digital signature and to retrieve the information.  If this information decrypts sensibly, receiver can be sure of the identity of the sender because digital signature must have been created using the private key that pairs with sender's public key.

 

This can also be used to ensure that sender does not repudiate at later stage.  The piece of information that makes sense to both is in fact related to the actual message that is the subject of transmission.

 

 

The piece of information is called the message digest and is generated from the actual message using some algorithm that the parties agree upon.  One-way hash function is generally used as the algorithm for the creation of message digest. 

 

 

If the two versions of message digest compare, sender must have signed it and receiver can be sure of sender's identity.  This also means that the sender can not later deny having sent the message (sender can not repudiate) because he must have signed the message digest.

 

Go to http://www.amazon.com.  Check their digital certificate and find out what algorithm is used to generate digital signature.

 

 

 

 

Creation of digital certificate is in essence public key cryptography in reverse.  Explain.