Digital signature
A digital signature or digital signature scheme is a
mathematical scheme for demonstrating the authenticity of a digital
message or document. A valid digital signature gives a recipient reason
to believe that the message was created by a known sender, and that it
was not altered in transit. Digital signatures are commonly used for
software distribution, financial transactions, and in other cases where
it is important to detect forgery or tampering.
electronic signatures, a broader term that refers to any electronic data that carries the intent of a signature, but not all electronic signatures use digital signatures. In some countries, including the United States, Indiaand members of the European Union, electronic signatures have legal significance.Digital signatures employ a type of asymmetric cryptography.
For messages sent through a nonsecure channel, a properly implemented
digital signature gives the receiver reason to believe the message was
sent by the claimed sender. Digital signatures are equivalent to
traditional handwritten signatures in many respects, but properly
implemented digital signatures are more difficult to forge than the
handwritten type. Digital signature schemes in the sense used here are
cryptographically based, and must be implemented properly to be
effective. Digital signatures can also provide non-repudiation,
meaning that the signer cannot successfully claim they did not sign a
message, while also claiming their private key remains secret; further,
some non-repudiation schemes offer a time stamp for the digital
signature, so that even if the private key is exposed, the signature is
valid nonetheless. Digitally signed messages may be anything
representable as a bitstring: examples include electronic mail, contracts, or a message sent via some other cryptographic protocol.
Main article: Public-key cryptography
A digital signature scheme typically consists of three algorithms:- A key generation algorithm that selects a private key uniformly at random from a set of possible private keys. The algorithm outputs the private key and a corresponding public key.
- A signing algorithm that, given a message and a private key, produces a signature.
- A signature verifying algorithm that, given a message, public key and a signature, either accepts or rejects the message's claim to authenticity.