A digital signature is an encoded form of a message, which is used to validate digital information such as e-mail messages, PDF documents by the sender or the signature holder and ensure that the message sent is not altered.
It is the digital equivalent of a stamped or a handwritten signature, but provides far better security, preventing duplication and tampering in communication. A digital signature can ensure the events to its origin, status of any electronic documents, identity of the sender.
In many countries, digitally signed documents have legal identity at par with the traditional paper signed documents. In those countries, public private law budget are issued in their electronic version.
Generally, digital signatures are based on cryptography systems such as private and public cryptography. Most of them are based on private keys also known as asymmetric cryptography. Using algorithms such as RSA, two keys are generated that are mathematically enclosed; one as a private key for encryption purpose and another as a public for decryption. To generate digital signatures, software like e-mail hash function create a one-way hash of the data to be signed. The private key is used to encrypt the hash along with the other required information such as a hashing algorithm. The benefit of encryption using hash is that it can convert any length of data in fixed length format, so the memory space is saved and the signing process becomes faster.
The value of each hash is unique. The hash value of the same data may possess different hash value; so it is more secure to execute. Any kind of alteration in data; even deletion or change of a single character results in difference in the hash value. This kind of attribute helps to authenticate the integrity of the data by the use of public key to decrypt the data when required. The received is genuine only when the decrypted data is matched with its hash value, else it signifies that the data has been altered on the way, or the signature assigned the private key does not match with the public key provided by the signature holder.
Irrespective f the encryption of the message, digital signature can be used with any type of messages. If the message arrives in correct from with digital signature embedded on it, the receiver can be assured about the validity of the message and the identity of the sender. A digital signature is a unique identification code, so its authenticity cannot be argued. The documents with digital signature is bonded with a public which can be used by parties who intend to verify the document.
Digital signature feature is supported by majority of e-mailing applications. So digital signature can used broadly across many platforms. Digital signature also maintains the authenticity of the data integrity and non-refusal of e-transactions is also maintained by it over the internet.