https://asecuritysite.com

Digital Signing in the Cloud

In digital signing, we use our private key to sign for a message, and then the proof of signing is done with our public key. This happens for a Bitcoin transaction, and where we take the private key from our wallet and then sign for a transaction. The public key is then used to prove that the user signing the transaction.

Generating the signing key pair

With digital signing we often use ECDSA. With this, Bob uses his private key to sign a hash — along with a nonce value (k), and produces a signature (r,s). This is passed to Alice and who takes the message, Bob’s public key, and the signature, and can determine if the signature is correct:

Creating an elliptic curve key pair

Initially, in AWS, we create a new customer-managed key:

We then select a public key (asymmetric) and one which can sign and verify: