Digital Signature | Research & Encyclopedia Articles

Digital Signature

A digital signature is a cryptographic method for verifying the identity of an individual, a process, computer system, or any other entity, in much the same way as a handwritten signature verifies the identity of a person. Digital signatures use the properties of public-key cryptography to produce pieces of information that verify the origin of data.

Cryptography is the science of using mathematics to keep information from people who should not be able to see it. Secret-key (or private-key) cryptography uses a single key for both hiding (encrypting) and revealing (decrypting) data. Public-key cryptography, in contrast, uses two keys that are related by a mathematical function.

The two keys are called the "public key" and the "private key" and the relationship between them is such that knowledge of the public key does not give sufficient information about the private key for someone to work out what it is. As the names suggest, the public key can be published and given to anyone who wants it, but the private key must be known only to its owner.

The public and private keys also share the relationship that anything encrypted with the public key can be decrypted only with the corresponding private key; conversely, anything encrypted with the private key can be decrypted only with the public key. What this means is that the owner of the private key can encrypt something that anyone who has the public key can decrypt. But as only the owner knows what the private key is, only she could have encrypted it in the first place. This is directly analogous to the handwritten signature: anyone can read it but only one person could have written it.

Handwritten signatures rely on the fact that it is very hard to find two people who have the same signature; digital signatures similarly rely in the fact that unless two people have the same public and private keys, any signature they produce for a given piece of data will be different. Since public and private keys are chosen at random from sets of numbers that comprise somewhere in the region of 600 digits, the chances of two people accidentally choosing the same keys is vanishingly small.

Computer data, whether it represents documents, pictures, text, video, or whatever, is typically a string bits, 1s and 0s, and therefore digital signatures can be derived from all of them. The potential problem that arises is that documents, pictures, and videos can be very, very large, and the process of public-key encryption is very computationally intensive, and that makes it both slow and expensive to apply to large amounts of data.

To overcome this, digital signature schemes first create what is called a "hash" or "digest" of the data. A digest is formed by taking the original data and shrinking it down to a much smaller length. Digests use functions that ensure that small differences in the input produce large changes in the output. For example, two memos that differ by only a single word will yield very different digests.

Once the digest has been obtained it can be encrypted with the private key and published as the signature for the data that yielded the encrypted digest.

On receipt of the data that is allegedly signed, the recipient can create her own version of the digest. The recipient can also use the sender's public key to decrypt the digest the sender encrypted with her private key. If the two digests match, i.e., the decrypted one is the same as the locally created one, then the recipient knows that the signature is valid and the purported sender is in fact the actual sender.

This method of operation introduces a slight flaw, however. Message digest functions suffer from what are called "collisions." A collision occurs when two very different documents coincidentally squash down to yield the same digest. Clearly in signing any given digest, the signer has also signed every other message that yields the same digest.

There are many different schemes for providing digital signatures. The Rivest-Shamir-Adleman (RSA) public-key cryptographic system can be used for both conventional encryption as well as providing digital signatures; the ElGamal system also can be used for both encryption and digital signatures. The Digital Signature Standard (DSS) is based on the Digital Signature Algorithm (DSA) and can be used only for digital signatures.

The problem for some programmers until September 2000 was that the RSA system was patented in the US, whereas ElGamal and DSA were not (DSA is actually patented, but the technology is freely available for use), and the owners of the RSA patent used to charge for licenses to use the technology. Another problem was that since RSA was suitable for encryption it was subject to the export restrictions imposed by the United States, the United Kingdom, and many other countries.

Now that the U.S. has lifted its restrictions and the patent has expired (meaning anyone can use RSA for free), the reasons for having the DSA seem to be less compelling than they have been in the past.