EDUCBA

EDUCBA

MENUMENU
  • Free Tutorials
  • Free Courses
  • Certification Courses
  • 600+ Courses All in One Bundle
  • Login

What is a Digital Signature?

By Swati TawdeSwati Tawde

Home » Software Development » Software Development Tutorials » Network Security Tutorial » What is a Digital Signature?

what is a digital signature

Introduction to Digital Signature

It is the concept of public-key encryption used for message authentication. It is a technique that is used to bind the person to digital data. The binding is digitally verified by the receiver as well as a third party. To understand, let’s take a real-life example – When we go to a bank for a deposit or withdraw money by or any action, we fill the slip and sign the paper. After that, the bank office verifies the signature with their data. If the signature match, they processed with the action; otherwise, the action will be rejected. The process happens with the digital signature. The difference is it verifies the signature digitally. A digital signature is a cryptographic value that is calculated based on the data and the secret key of the signer.

Why do we need Digital Signature?

We need a digital signature because of its following features:

Start Your Free Software Development Course

Web development, programming languages, Software testing & others

1. Message Authentication

It ensures that the message is coming from the intended sender, not other parties. It allows a receiver to verify the digital signature by using the sender’s public key; it ensures that the signature is created only by the sender who uses the secret private key to encrypt the message.

2. Non-Repudiation

As the only sender knows the secret key, i.e. signature key, he is the only one who can create a unique signature on the data. If any problem arises, the receiver can show the evidence of the data and digital signature key to the third party.

3. Data Integrity

It provides data integrity to test the modification in the message. If somehow, the attacker gets access to the message and modifies the data. Verification at the receiver side will fail. This is because the hash value of the modified message and the algorithm’s value will not match. In this case, the receiver can reject the message.

How does it Work?

The process involved in the digital signature is as follows:

Popular Course in this category
All in One Software Development Bundle (600+ Courses, 50+ projects)600+ Online Courses | 3000+ Hours | Verifiable Certificates | Lifetime Access
4.6 (3,144 ratings)
Course Price

View Course

Related Courses
CDN Training (2 Courses)OSPF Training Program (2 Courses)Penetration Testing Training Program (2 Courses)
  • The user who adopts has a pair of keys – a public key and a private key. These keys are used for the Encryption and decryption process. The private key is used for the encryption, i.e., signing the signature, or we can say that it is the signature key, and the public key is used for the decryption, i.e. verification key.
  • The user, i.e. the signer, apply the hash function on the data and creates the hash of data.
  • After that, apply a signature algorithm on both the hash value and the signature key to create the given hash’s digital signature.
  • Then the signature is appended with data, and both signature and data are sent to the verifier over the network.
  • Verifier, i.e. receiver, apply verification algorithm and verification key. This process gives value as an output.
  • Verifier also used the same hash function on the data, which the signer uses to get the hash value.
  • Then he verifies the hash value and the output, which is generated by an algorithm. Based on the result, the verifier validates it. If both are the same, the digital signature is valid; otherwise, it is invalid.

Suppose user A is a sender and user B is a receiver. A wants to send a message to B. User A takes the plain text and encrypt it using A’s private key and create a ciphertext. Then A transfer the Ciphertext to B over the network. To decrypt the ciphertext, B uses A’s public key and create plain text.

Types of Attacks on Digital Signature

Following are the three types of attacks that are attempted against the digital signature:

  • Chosen Message Attack: The attacker tricks the genuine user into digitally signing a Message that the user does not normally intend to sign. As a result, the attacker gets a pair of the original message that was signed and the digital signature. using this, the attacker tries to create a new message that she wants a genuine user to sign and uses the previous signature
  • Known Message Attack: In this type of attack, the attacker obtains some messages that the user sends and a key to create a new fault message and forge of the user.
  • Key only Attack: In this type of attack, it is assumed that the user name some information public and the attacker try to misuse this public information. Attackers try to create the user. RSA and digital signature.
  • RSA algorithm is used for performing. Here we will discuss the working of RSA.
  • The sender uses the SHA1 message-digest algorithm to create an original message digest.
  • The sender encrypts the message digest using the sender’s private key.
  • The sender send s the message to the receiver along with the digital signature.
  • After receiving the message, the receiver uses the same algorithm used by the senders to create the message digest.
  • The receiver now uses the senders public key to decrypt. The output of this process is the message digest that was created at the sender site.
  • The receiver compares both message digest, the one which he calculates and the one which the sender calculates. If both are the same, then the receiver accepts the message otherwise rejects the message.

Recommended Articles

This is a guide to What is a Digital Signature. Here we discuss why do we need a digital signature? And how does it work? Along with types of attacks. You can also go through our other suggested articles to learn more –

  1. Digital Signature Cryptography
  2. Digital Signature Softwares
  3. Digital Signature Algorithm
  4. Asymmetric Encryption

All in One Software Development Bundle (600+ Courses, 50+ projects)

600+ Online Courses

3000+ Hours

Verifiable Certificates

Lifetime Access

Learn More

0 Shares
Share
Tweet
Share
Primary Sidebar
Network Security Tutorial
  • Advanced
    • Cryptosystems
    • Configuring DHCP Server
    • Block Cipher modes of Operation
    • TCP/IP Model
    • Types of Network
    • Types of Network Devices
    • Types of Network Topology
    • Types of Intrusion Prevention System
    • Types of Proxy Servers
    • Types of Websites
    • Types of NAT 
    • Mobile IP
    • Career in Automobile Design
    • What is TFS
    • What is NAT
    • What is OSI Model
    • Data Link Layer OSI Model
    • What is Cross Site Scripting
    • Applications of Sensors
    • ARP Packet Format
    • Asymmetric Information
    • Autoencoders
    • What is FTP Server?
    • IPS Tools
    • IPv4 Header Format
    • IPv6 Header Format
    • Authentication Header
    • Kerberos
    • Network Mapper
    • Network Scanning Tools
    • Network Mapping Tools
    • Network Access Control
    • Vulnerability Assessment Tools
    • Network Sniffer
    • Networking Commands
    • Networking Devices
    • Networking Strategies
    • Digital Certificate
    • What is a Digital Signature?
    • Digital Signature Softwares
    • Digital Signature Types
    • Digital Signature vs Digital Certificate
    • PKCS
    • What is FTP
    • FTP Commands
    • What is MIME?
    • What is Smart Card?
    • Networking Ports
    • Mutual Authentication
    • Password Authentication
    • Data Masking 
    • Authentication Tokens
    • Biometric Authentication
    • What is IP?
    • IPSec
    • Secure Electronic Transaction
    • What is CIDR
    • Static Binding and Dynamic Binding
    • What is SSL
    • PKIX
    • Public Key Infrastructure
    • What is Wireshark
    • Daisy Chain Topology
    • Markov Logic Network
    • Security engineering
    • SNMP Monitoring Tools
    • Network Analysis Tools
    • Server Monitoring Tools
    • Network Discovery Tools
    • Network Management Tool
    • SIEM Tools
    • OSINT Tools
    • Multiple Ping Tool
  • Basics
    • Security Consultant Definition
    • Security Policies
    • What is Network Security
    • What is Data Security?
    • What is Cryptography
    • Cryptography Techniques
    • Cryptography Tools
    • Data Security Techniques and Privacy
    • Digital Signature Cryptography
    • Java Cryptography
    • Basics of Cybersecurity
    • What is Network Topology
    • Algorithms and Cryptography
    • HTTP Methods
    • Security Technologies
    • Security Architecture
    • Network Topologies
    • What is a Physical Address?
    • Logical Address
    • What is Storage Area Network?
    • Mobile Ad Hoc Network
    • What is Computer Networks?
    • Security Principles
    • What is Remote Access?
  • Protocols
    • What is TCP Protocol
    • What is TCP/IP
    • How do IP Addresses Work?
    • Routing Protocols Types
    • What is Telnet
    • What is TFTP
    • What is DHCP
    • What is SFTP
    • Address Resolution Protocol
    • Internet Control Message Protocol
    • Simple Mail Transfer Protocol
    • Internet Security Protocols
    • SMTP Protocol
    • Types of Networking Protocols
    • User Datagram Protocol
    • Data Link Layer
    • Data Link Layer Services
    • Network Layer
    • Transport Layer Protocols
    • What Is Networking Protocols
    • TFTP
    • What is ARP
    • Basic Fundamental Of Networking
    • What is IPv4
    • What is IPv6
    • CIFS Protocol
    • What is SMB?
    • What is EIGRP
    • What is LLDP?
  • Routing
    • What is Router
    • Types of Routers
    • Dynamic Routing
    • Routing Algorithms
    • Routing Protocol
    • What is Routing
    • What is Static Routing
    • Important Types of DNS Servers (Powerful)
  • Attacks
    • Types of Network Attacks
    • What is Trojan Horse Virus
    • What is DOS
    • Types of DOS Attacks
    • DDos Attack Mitigation
    • Ransomware Attack  
    • Types of Cyber Attack
    • What is a Brute Force Attack
    • What is a Phishing Attack
    • What is Cyber Attack
    • What is DDoS Attack
    • What is Man In The Middle Attack
    • What is Man In The Middle Attack
    • What is Ransomware
    • What is Pharming
    • What is Phishing
    • What is CSRF
    • DNS Amplification Attack
    • Denial of Service Attack
  • Algorithm
    • IDEA Algorithm
    • MD5 Algorithm
    • Symmetric Algorithms
    • Diffie Hellman Key Exchange Algorithm
    • Digital Signature Algorithm
    • Encryption Algorithm
    • Advanced Encryption Standard
    • Asymmetric Encryption
    • ElGamal Encryption
    • HMAC
    • DES Algorithm
    • Brute Force Algorithm
    • SHA Algorithm
    • RSA Algorithm
    • What is Digital Certificate?
    • Certificate Revocation
    • RC5
  • Encryption/ Decryption
    • Encryption process
    • Public Key Encryption
    • Symmetric Key Encryption
    • What is Encryption
    • What is Decryption
    • Types of Cipher
    • Transposition Techniques
    • What is Steganography
    • One Time Pad
    • Steganography Techniques
  • Hosting
    • Types of Web Hosting
    • Free Web Hosting Sites
    • What is Hosting
    • What is VPS Hosting
    • What is Web Hosting
    • Types of Domain
    • VPN Applications for PC
    • Why we use VPN?
    • What is Virtual Host?
  • Firewalls
    • What is a Firewall?
    • Types of Firewalls
    • Firewall Devices
    • Firewall Uses
  • Interview Questions
    • Network Security Interview Questions
    • Networking Interview Questions
    • EIGRP Interview Questions

Related Courses

CDN Training

OSPF Certification Training

Penetration Training Course

Footer
About Us
  • Blog
  • Who is EDUCBA?
  • Sign Up
  • Corporate Training
  • Certificate from Top Institutions
  • Contact Us
  • Verifiable Certificate
  • Reviews
  • Terms and Conditions
  • Privacy Policy
  •  
Apps
  • iPhone & iPad
  • Android
Resources
  • Free Courses
  • Java Tutorials
  • Python Tutorials
  • All Tutorials
Certification Courses
  • All Courses
  • Software Development Course - All in One Bundle
  • Become a Python Developer
  • Java Course
  • Become a Selenium Automation Tester
  • Become an IoT Developer
  • ASP.NET Course
  • VB.NET Course
  • PHP Course

© 2020 - EDUCBA. ALL RIGHTS RESERVED. THE CERTIFICATION NAMES ARE THE TRADEMARKS OF THEIR RESPECTIVE OWNERS.

EDUCBA Login

Forgot Password?

EDUCBA
Free Software Development Course

Web development, programming languages, Software testing & others

*Please provide your correct email id. Login details for this Free course will be emailed to you
Book Your One Instructor : One Learner Free Class

Let’s Get Started

This website or its third-party tools use cookies, which are necessary to its functioning and required to achieve the purposes illustrated in the cookie policy. By closing this banner, scrolling this page, clicking a link or continuing to browse otherwise, you agree to our Privacy Policy

EDUCBA

*Please provide your correct email id. Login details for this Free course will be emailed to you
EDUCBA
Free Software Development Course

Web development, programming languages, Software testing & others

*Please provide your correct email id. Login details for this Free course will be emailed to you

Special Offer - All in One Software Development Bundle (600+ Courses, 50+ projects) Learn More