Open in app

Sign in

Write

Sign in

Digital signature

Applied Crypto Studio
3 min readJun 2, 2019

The digital signature is a frequently utilized tool in the modern IT technique, which could be regarded as a cryptographic version of electronic hand-made signature. Before our subject digital signature, let’s review the real-world scenarios of hand-made signatures.

Scenarios

  1. Alice signs the receipt of a credit card bill, which denotes not only the authorization of the transaction but also the authentication of Alice that only Alice can make the hand-made signature (assuming the signature isn’t forged).
  2. Bob signs on the right bottom corner of a contract as a proof of two things: first, the authentication of Bob (assuming the signature isn’t forged); and secondly, Bob agrees with the contract.

It is not hard to observe that the signature authenticates the signer first. If the authentication is verified, then the signed document works on behalf of the signer such as Alice approves the transaction in the first case and Bob makes deal in the second scenario.

So far, a signing architecture is taking shape that composed of a signer, a signing target and some verifiers. The signer and only the signer is able to generate a signature corresponding to a specific signing target. Then, the signature may be verified (publicly or not), which convinces the verifiers that the signature is made on behalf of the signer.

So, what is a digital signature?

Digital signature is a cryptographic tool based on the cooperation of hash functions and asymmetric encryption. Similar to hand-made signatures, digital signature is attached with a signing target with three properties:

Authentication of the signer

This is the most essential and core functionality that verifiers are convinced who signed the target.

For security aspect, the authentication relies on the unforgeability of digital signature, which is the most improved part from the hand-made signatures. In the scenarios above, it was assumed that no forging hand-made signatures exists. However, it occasionally occurs everywhere surrounds us.

In terms of digital signatures, the cryptographic unforgeability of digital signature guarantees that it’s computationally difficult (which is close to impossible in real-world) to forge a digital signature without knowing the secret key. In other words, only the signer who owns the secret key can sign the signature.

Non-repudiation of the signer

Based on the powerful unforgeability above, the signer cannot deny the signature afterward.

Integrity of the signing target

This is another import part but often missed that the signed target has to be unchanged. Assume it’s a 5-dollars bill, the payer may not be happy if the signature is still valid while it is tampered to 50 dollars. The integrity part is mostly achieved by adopting collision-resistant hash functions.

How does a digital signature work?

Now, a basic concept of digital signature has been established. We may take a closer look to realize how it works practically.

The general data flow of a digital signature.

Assume that every user already has a unique pair of secret key sk and public key pk in an asymmetric key setting. The secret key is kept privately in a secure place like offline hardwares; and the related public key could be published so that everyone in the network knows the user owns that public key. By the way, assume the signing target is a message m.

Signing steps

  1. The signer computes the hash value of input message: h=hash(m).
  2. The signer takes its secret key as well as the hash value as input, and outputs the signature sig = sign(sk, h).

With the aid of hash functions, the digital signature can take any kind of files, strings or number as the signing target. Then, everyone knows the signer’s public key can be a verifier. Once receiving the message m and signature sig, the verifying steps work as follows.

Verifying steps

  1. The verifier also computes, h=hash(m).
  2. The verifier executes the verifying algorithm that outputs one of results, valid or invalid, which is verify(pk, h, sig).

The practical implementation varies from distinct signing algorithms such as RSA, DSA and ECDSA. This story addresses the basic image of digital signatures so let’s expect the above-mentioned algorithms may appear in other stories in the near future.

If you enjoy the stories and willing to read more easily-understanding cryptographic or blockchain-related content, please give me some claps. I’ll be flattered if there are some sponsorship via Bitcoin or Ethereum.

Bitcoin: 36FmpfiDPVAJdxKtXM79Lj5G5awZgDNKar

Ethereum: 0x37fd7D56a7228344F1bca1132d7D1b1ED398FCaa

Blockchain
Cryptography
Digital Signature
Hash Function

--

--

Applied Crypto Studio

Written by Applied Crypto Studio

25 Followers

We’re a group of experts major in applied cryptography and blockchain. Contact us for enterprise consulting and education.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams