A digital signature is a mathematical approach to verifying whether a digital document is authentic. A valid digital signature gives the recipient of the document reason to believe that it was sent by a known party, that the document was not altered in transit, and that the sender will not repudiate having sent the document. Thus, a digital signature ideally has the following characteristics:
Authentication. A digital signature authenticates the source of a document, since it is linked to a specific party. This feature is especially important for financial transactions, such as a request to initiate a wire transfer.
Integrity. A digital signature provides high confidence that a document was not altered during transmission to the recipient. Any change in the document will invalidate the signature.
Non-repudiation. A digital signature indicates that the entity signing a document cannot later deny having signed it. This is a critical characteristic in many jurisdictions, where digital signatures are legally binding.
Three algorithms are employed in the construction of a digital signature. These algorithms are:
Key generation algorithm. This algorithm randomly selects a private key from a set of available private keys. Its output is the private key and a related public key.
Signing algorithm. This algorithm uses the message that will be linked to the digital signature and the selected private key to produce a digital signature.
Signature verifying algorithm. This algorithm either accepts or rejects a message’s claim to authenticity, based on the message, the public key, and the digital signature.
These three algorithms are needed, as a group, to ensure that a digital signature has been properly constructed and can be verified.