A digital signature is a mathematical technique which is used to validate the authenticity and integrity of a message, software or digital document. It is equivalent to handwritten signature or stamped seal, but it offers more security.
In many countries, including United States of America, digital signatures are considered as a legal signature. Indian law has recognized electronic signature or e-signature, under the Information Technology Act, 2000 (IT Act) for over 18 years
Types of Digital signature:
- Simple
- Basic
- Advanced & Qualified
Simple: A simple digital signature doesn’t follow any encryption method. Here, the example is Email signature which we put at the bottom of every email.
There are several disadvantages of this method like unable to recognize user’s identity or changes that happened in a file after a document signed. This type of signature can be easily duplicated.
Basic: Basic digital signatures are almost similar to simple one except that it shows the changes that occurred after the document signed. However, this signature also cannot guarantee the security of the identity. Although, using the Asymmetric Cryptography method, the service providers do not verify the user’s identity.
Advanced & Qualified: This type of signature is considered as the safest one legal too. It has all the features available in simple and basic along with two-way factor authentication. Using this signature, we can find out the user identity which is important in case of any fraud. The authentication method used also varies: sending one time passwords via SMS, to biometric scanning on mobile phones.
How Digital Signature Work
The digital signature consists of two keys i.e., private and public which based on asymmetric encryption. Here, the private key is used to create a digital signature and the public key is for verifying the digital signature.
For creating a digital signature, we need to take message or file and run it through Hash function. Then combine the result with private key and run it again through a signing algorithm like RSA (Rivest-Shamir-Adleman) or DSA (Digital Signature Algorithm) and as a result we found a digital signature.
The last step is to verification of the signature, so we need a public key to authenticate it. The public key is used to extract the message which was originally combined with the private key to produce the digital signature. The retrieved messaged is now compared with the recipient’s own generated hash value with the extracted message. If both values are equal, then it mean that integrity of the message has been preserved else the secret key used for signing wasn’t this public key’s pair.
Digital Signature Process Illustration
Advantages and Disadvantages
Advantages:
Speed: Digital signatures are speedy comparatively to traditional signatures. Here, we need not to wait for any paper documents to send by courier.
Costs: There is no cost involved with digital signatures in terms of document, postal charges etc.
Security: The use of digital signature reduces the risk of documents being intercepted, read, destroyed or altered while in transit.
Tracking: A digitally signed documents can easily be tracked in a short amount of time.
Disadvantages:
Certificates & Software: To use digital signature, both sender and receiver have to buy a digital certificates\software from trusted certification authorities.
Law: In some countries, cyber law regarding the digital certificates are weak and it may be a risk.
https://forms.gle/PmVfpTqhBZAvjxav6Happy Learning!!!
Andrew Jackson
Mirza Husain
Mirza Husain 
You must be logged in to post a comment.