Digital Signatures

Digital signatures use cryptography to verify the authenticity and integrity of digital messages or documents. They’re like electronic fingerprints, ensuring the sender is genuine and the content unaltered. This article explains their mechanics, an example, security, and uses.

How They Work

Using asymmetric cryptography (e.g., RSA):

Sender hashes the message: \( H = \text{hash}(M) \).
Sender signs \( H \) with private key: \( S = H^d \mod n \).
Receiver verifies with public key: \( H' = S^e \mod n \), checks \( H' = \text{hash}(M) \).

The signature binds the sender to the message.

RSA Signature Example

For \( p = 3 \), \( q = 11 \), \( n = 33 \), \( e = 7 \), \( d = 3 \), message \( M = 5 \):

Hash \( M \) (simplified): \( H = 5 \).
Sign: \( S = 5^3 \mod 33 = 125 \mod 33 = 26 \).
Verify: \( 26^7 \mod 33 = 5 \) (matches \( H \)).

Real systems use SHA-256 for hashing.

Security Features

Authenticity: Only the private key holder can sign.
Integrity: Hash ensures tampering is detectable.
Non-repudiation: Sender can’t deny signing.

Relies on secure key management.

Applications

Digital signatures secure:

Contracts: Legally binding e-signatures.
Software: Verifying updates (e.g., Microsoft).
Email: PGP for secure communication.

They’re vital for trust online.