Download the BYJU'S Exam Prep App for free GATE/ESE preparation videos & tests - Download the BYJU'S Exam Prep App for free GATE/ESE preparation videos & tests -
× DOWNLOAD NOW

Digital Signature in Cryptography

Because it isn’t encrypted, a simple digital signature refers to a digital signature in its most basic form. The most typical instance is a wet signature that has been scanned by a machine and then put into a document.

In this article, we will look more into Digital Signature in Cryptography according to the GATE Syllabus for (Computer Science Engineering) CSE. We will read ahead to find out more about it.

Table of Contents

What is Digital Signature in Cryptography?

The public-key primitives used in message authentication are digital signatures. In written or typed texts, handwritten signatures are frequently used in the physical world. They serve to bind the message’s signatories.

A similar method that ties a person or entity to digital data is a digital signature. The receiver and any other party may independently verify this binding. Data and a secret key, known only to the signer, are used to calculate the digital signature, which is a cryptographic value.

In the actual world, the recipient of a message needs confirmation that it originates from the sender and shouldn’t be able to deny its legitimacy. This condition is absolutely essential for business applications because there is a significant probability of a dispute arising from the sharing of data.

Model of Digital Signature

As already explained, public key cryptography serves as the foundation for the digital signature system. The following illustration shows a sample digital signature scheme:

diagram 1

The complete procedure is thoroughly explained in the following points:

  • Each user of this scheme has a set of public and private keys.
  • The key pairs used for decryption as well as encryption and signing/verification are often distinct from one another. The public key is referred to as the verification key, and the private key is referred to as the signature key.
  • Data is fed into the hash function by the signer, which produces the hash.
  • The signature algorithm then generates the digital signature on the supplied hash using the hash value and signature key. The data is given a signature, and both are subsequently sent to the verifier.
  • The verification algorithm is fed by the verifier together with the digital signature and verification key. The outcome of the verification algorithm is something useful.
  • On the data it receives, the verifier likewise uses the same hash algorithm to produce a hash value.
  • This hash value and the results of the verification process are compared for verification. The verifier determines if the digital signature is valid based on the results of the comparison.
  • No one else can use the signer’s “private” key to establish a digital signature; hence, the signer cannot later retract their signature of the data.

It should be noted that typically a hash of the data is constructed rather than signing the data directly by the signing method. It is enough to sign the hash instead of the original data because the hash represents a distinctive representation of the original data. The effectiveness of the system is the main justification for using the hash instead of data for signing directly.

Let’s assume that the signing algorithm is RSA. Modular exponentiation is used in the RSA encryption/signing process, as was covered in the chapter on public key encryption.

Modular exponentiation is a computationally expensive and time-consuming method for signing huge amounts of data. Since the hash is a relatively brief digest of the original material, signing a hash is more effective than signing the original data as a whole.

Importance of Digital Signature

Public key cryptography-based digital signatures are regarded as one of the most crucial and practical tools for achieving information security out of all the cryptographic primitives.

The digital signature also offers data integrity and message authentication in addition to non-repudiation of the message. Let’s take a quick look at how the digital signature does this:

Message Authentication: When a sender’s public key is used to authenticate a digital signature, the verifier is confident that the signature has only been created by that sender and no one else.

Data Integrity: The digital signature verification at the receiving end is ineffective if an attacker gains access to the data and alters it. The output of the verification procedure will not match the hash of the updated data. Therefore, presuming that data integrity has been compromised, the receiver can safely reject the message.

Non-Repudiation: The signer can only produce a unique signature on the given data because it is presumed that only the signee knows the signature key. As a result, if a dispute ever occurs, the receiver can show data as well as the digital signature to the third party as proof.

We can develop a cryptosystem that would provide the four fundamental components of security – privacy, authenticity, integrity, and non-repudiation – by incorporating public-key encryption into digital signature schemes.

Encryption with Digital Signature

To achieve confidentiality in many digital conversations, it is preferable to exchange encrypted messages rather than plaintext. A public (encryption) key of the sender is made available in the public domain in a public key encryption method, allowing anyone to spoof the sender’s identity or send an encrypted message to the recipient.

Due to this, users who utilise PKC for encryption should look for digital signatures in addition to encrypted data in order to ensure message authenticity and non-repudiation.

By combining a digital signature and encryption technique, this can be archived. Let’s quickly go over how to fulfil this condition. There are two options: sign first, then encrypt, and vice versa.

However, the sign-then-encrypt crypto technique can be used by the recipient to forge the sender’s identity and deliver the data to a third party. Therefore, this approach is not recommended. Encrypt-then-sign is a more dependable and widely used approach. The example that follows shows this:

diagram 2

After receiving the encrypted data with the sender’s signature, the receiver first checks the signature using the sender’s public key. He retrieves the data by using his private key to decrypt it after making sure the signature is legitimate.

Keep learning and stay tuned to BYJU’S to get the latest updates on GATE Exam along with GATE Eligibility Criteria, GATE 2024, GATE Admit Card, GATE Application Form, GATE Syllabus, GATE Cutoff, GATE Previous Year Question Paper, and more.