The digital signature is one of the best techniques to secure messages sent through digital media. Technically, digital signatures are rooted in public key cryptography. The public key (digital signature) provides data security and validation. Digital security also provides non- repudiation, which means that the identity of the signature holder/ sender is well known so he/she cannot deny about sending of the documents from his /her device or ID. Due to this feature authenticity of the sender is enhanced.
Digital signature performs the same purpose as a handwritten signature does, but the hard copy of the name can easily tamper. In this sense, the digital signature is more advanced than its paper counterpart as it is almost impossible to copy and the identity of the sign holder is embedded to it.
The digital signal nature is used as a medium of encryption and decryption. Naturally, the message is signed using the private key which remains only with the sign holder and decrypted using the public key which is circulated among the people concerned with the news. During this process, the document is adjudged genuine only if the private and the public key are matched. But if the size of the material is large, then this process takes more time to complete.
Today, digital signatures are generated mainly using a hash function and message digest. They can be referred to as an enhancement over older techniques. The hash function is a one-way function which takes millions of bits as inputs and produces a fixed length of outputs. E.g., in 64-bit information, if a change in a bit is detected, then a completely different result is provided as output; securing the originality of the message.
The message digest is the process of generating a fixed length of data items. Here, a simple change in a few immediate data changes in the output. The signature along with the information is generated using the digest and the private key. Due to the use of the hash function, the possibility of copying someone’s signature from any document is eliminated as slightest of the changes can cause failure in the verification process of the digital signature.
It remains impossible to copy someone’s signature from one document and attach to another or alteration of a signed message also cannot be done as the hash function is involved in the signature generation process.