A digital signature or digital signature scheme is a type of asymmetric cryptography. For messages sent through an insecure channel, a good implementation of digital signature algorithm is the one that makes the receiver believe that the message was sent by the claimed sender, and trust the message.
Digital signatures are equivalent to traditional handwritten signatures in many respects; properly implemented digital signatures are more difficult to copy than the handwritten type. Digital signature are implemented using cryptography. Digital signatures can also provide acknowledgement, meaning that the signer cannot successfully claim they did not sign a message, while also claiming their private key remains secret;
Digital signatures are often used to implement electronic signatures, a broader term that refers to any electronic data that holds a meaning of a signature, but not all electronic signatures use digital signatures. In some countries, including the United States, and in the European Union, electronic signatures may have legal significance.
Digital signatures scheme[change | change source]
A digital signature system typically consists of three algorithms:
- A key generation algorithm that selects a private key uniformly at random from a set of possible private keys. The algorithm outputs the private key and a corresponding public key.
- A signing algorithm which inputs a message and a private key to output a signature.
- A signature verifying algorithm which given a message, public key and a signature, then decide either accepts or rejects.
Two main properties are required by the digital signature system:
- A signature generated from a fixed message and fixed private key should verify on that message and the corresponding public key.
- It should be computationally infeasible to generate a valid signature for a person who does not own the private key.
Digital signature security and attacks[change | change source]
The GMR signature scheme:
In 1984, Shafi Goldwasser, Silvio Micali, and Ronald Rivest became the first to strictly define the security requirements of digital signature schemes. They described a hierarchy of attack models for signature schemes, they also present the GMR signature scheme. GMR scheme was proven to be secure against adaptive chosen-message attacks — even when an attacker receives signatures for messages of his choice, this does not allow him to copy a signature for a single additional message.
In their foundational paper, Goldwasser, Micali, and Rivest lay out a hierarchy of attack models against digital signatures:
- In a key-only attack, the attacker is only given the public verification key.
- In a known message attack, the attacker is given valid signatures for a variety of messages known by the attacker but not chosen by the attacker.
- In an adaptive chosen message attack, the attacker first learns signatures on arbitrary messages of the attacker's choice.
They also describe a hierarchy of attack results:
- A total break results in the recovery of the signing key.
- A universal forgery attack results in the ability to forge signatures for any message.
- A selective forgery attack results in a signature on a message of the adversary's choice.
- An existential forgery merely results in some valid message/signature pair not already known to the adversary.
The strongest notion of security, therefore, is security against existential forgery under an adaptive chosen message attack.
Other pages[change | change source]
A digital signature is an electronic signature.
It can be used to authenticate the identity of the sender of a message.
It ensures that the original content of the message or document that has been sent is unchanged.
Digital signatures cannot be imitated by someone else.
It can be automatically time-stamped.
The sender too cannot deny sending the message whether it is encrypted or not.
It ensures the receiver of the sender's identity.
It demonstrates the authencity of a digital message or document.
These are commonly used for software distribution, financial transactions etc.
Digital signatures are equivalent to hand written signatures but are more difficult to forge than handwritten signatures.
USES OF DIGITAL SIGNATURES:
Digital signatures can be used to authenticate the source of messages.
If a message is digitally signed, any change in the message after signature will invalidate the signature .
The message cannot be modified, and if modified a new message with a valid signature cannot be produced.
c) Non - repudiation :
It is an important aspect of digital signatures.
A sender cannot deny having sent the document after signing it.
References[change | change source]
- US ESIGN Act of 2000
- The University of Virginia
- State of WI
- National Archives of Australia
- "A digital signature scheme secure against adaptive chosen-message attacks.", Shafi Goldwasser, Silvio Micali, and Ronald Rivest. SIAM Journal on Computing, 17(2):281-308, Apr. 1988.
Other websites[change | change source]
- Introduction to cryptography from the PGP international website