What is Digital Signature ?
Digital Signature :
A digital signature or digital
signature scheme is a mathematical scheme for demonstrating the
authenticity of a digital message or document. A valid digital signature gives
a recipient reason to believe that the message was created by a known sender,
and that it was not altered in transit. Digital signatures are commonly used
for software distribution, financial transactions, and in other cases where it
is important to detect forgery and tampering.
Below are some common reasons for
applying a digital signature to communications:
Authentication
Although messages may often
include information about the entity sending a message, that information may
not be accurate. Digital signatures can be used to authenticate the source of
messages. When ownership of a digital signature secret key is bound to a
specific user, a valid signature shows that the message was sent by that user.
The importance of high confidence in sender authenticity is especially obvious
in a financial context. For example, suppose a bank's branch office sends
instructions to the central office requesting a change in the balance of an
account. If the central office is not convinced that such a message is truly
sent from an authorized source, acting on such a request could be a grave
mistake.
Integrity
In many scenarios, the sender and
receiver of a message may have a need for confidence that the message has not
been altered during transmission. Although encryption hides the contents of a
message, it may be possible to change an encrypted message without
understanding it. (Some encryption algorithms, known as nonmalleable ones, prevent this, but
others do not.) However, if a message is digitally signed, any change in the
message after signature will invalidate the signature. Furthermore, there is no
efficient way to modify a message and its signature to produce a new message
with a valid signature, because this is still considered to be computationally
infeasible by most cryptographic hash functions
