Digital signature is one of the best techniques to secure messages sent through digital media. Technically, digital signatures are rooted from public key cryptography. The public key (digital signature) provides data security and validation. Digital security also provides non- repudiation, which means that the identity of the signature holder/ sender is well known so he/she cannot deny about sending of the documents from his /her device or ID. Due to this feature authenticity of the sender is enhanced.
Digital signature performs the same purpose as a handwritten signature does, but the hard copy of the signature can be easily tampered. In this sense, digital signature is more advanced than its paper counterpart as it is almost impossible to copy and the identity of the signature holder is embedded to it.
Basically, digital signature is used as a medium of encryption and decryption. Simply, the message is signed using the private key which remains only with the signature holder and decrypted using public key which is circulated among the people concerned with the message. During this process the document is adjudged genuine only if the private and the public key are matched. But if the size of the document is large then this process takes more time to complete.
Today, digital signatures are generated mainly using hash function and message digest. They can be referred as an enhancement over older techniques. Hash function is a one-way function which takes millions of bits as inputs and produces fixed length of outputs. For e.g.: in a 64 bit input if a change in a bit is detected then a completely different result is produced as output; securing the originality of the message.
Message digest is the process of generating fixed length of data items. Here, a simple change in a bit of data prompt change in the output. The signature along with the information is generated using the digest and the private key. Due to use of hash function the possibility of copying someone’s signature from any document is eliminated as slightest of the changes can cause failure in the verification process of the digital signature.
It remains impossible to copy someone’s signature from one document and attach to another or alteration of a signed message also cannot be done as hash function is involve in the signature generation process.