Digital Signatures is considered as the safest form of authentication. Ever since PKI has come into the picture, the user can sign their documents digitally online as well as offline without any fear of alteration. These signatures act as proof of the identity of the user. Digital Signature also assures that all the shared data will stay secured and thus, justifies the integrity of the document.

The Digital Signature empowers the client to keep the entire information integrated and upgrades the authenticity of the shared data. The whole signature activity depends on asymmetric cryptography. At first, the initial information is created and the latter is encrypted using the private key. This operation is called the signature.

When it comes to the decryption of the shared data, the beneficiary extracts the encrypted information from the shared messages and later uses his public key.

Encryption and signature operation

  • At first, the user creates a file from the initially shared information
  • This thumbprint is then encrypted with the private key (Kprg) and is added to the initial information.
  • A temporary session key is then generated to encrypt the initial information.
  • The session key is then generated (Ks) which will help the user to encrypt initial information.
  • The session key for encryption (Kse) is then added to encrypt information file. So this file contains that encrypted information, the Kse and the signature.

When the recipient receives the file from the issuer, it first decodes or unencrypt the shared information and then verifies the user’s signature:

  • The recipient extracts the Kse from the received file. This key is then unencrypted with the private key to obtain session key (Ks)
  • The (Ks) is then used to encode data and give the beneficiary liberty to extract the encrypted thumbprint as well.
  • The public key (Kpug) is then used to decode the thumbprint.
  • The recipient creates a brief summary from the previously unencrypted information.
  • Later the recipient compares the unencrypted thumbprint with the unencrypted information. If they match, the signature is verified.