Digital Signature free essay sample

A digital signature is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged. Why use certificate signatures? Many business transactions, including financial, legal, and other regulated transactions, require high assurance when signing documents. When documents are distributed electronically, it is important that recipients can: * Verify document authenticity – confirming the identity of each person who signed the document * Verify document integrity – confirming that the document has not been altered in transit Certificate-based signatures provide both of these security services. Many businesses and governments have chosen to set up a certificate-based digital signature infrastructure within their organization – using third party certificate authorities to provide independent identity validation. Examples include: * Pharmaceutical companies who need to use signatures that comply with the SAFE (Signatures amp; Authentication For Everyone) BioPharma industry standard * Companies in the European Union who need to comply with the ETSI PAdES standard (PDF Advanced Electronic Signatures) Other reasons why more and more organizations choose to use this type of digital signatures include: 1. We will write a custom essay sample on Digital Signature or any similar topic specifically for you Do Not WasteYour Time HIRE WRITER Only 13.90 / page Saving money. The electronic signing method eliminates the cost of paper, printing, and courier services. 2. Document integrity. Organizations that publish/release any kind of PDF material on the internet can now be assured that the PDF documents will not be modified in any way to alter the organization’s brand or credibility. 3. Work efficiency. Handling a document electronically (clicking a button or entering a password) is way faster than circulating it through interoffice mail or courier. A digital signature scheme typically consists of three algorithms: * A key generation algorithm that selects a private key uniformly at random from a set of possible private keys. The algorithm outputs the private key and a corresponding public key. A signing algorithm that, given a message and a private key, produces a signature. * A signature verifying algorithm that, given a message, public key and a signature, either accepts or rejects the messages claim to authenticity. Two main properties are required: 1. a signature generated from a fixed message and fixed private key should verify the authenticity of that m essage by using the corresponding public key. 2. it should be computationally infeasible to generate a valid signature for a party who does not possess the private key. H User A’s machine digests the data into a simple string of code after user A’s software has encrypted the message digest with his private key. The result is the digital signature. User A’s software then appends the digital signature to document. All of the data that was hashed has been signed. User A then passes the digitally signed document to user B. First user B’s software decrypts the signature, using User A’s public key then changing it back into a message digest. After the decryption if it has decrypted the data to digest level then verifies that user A in fact did sign the data. To stop fraud certificate authorities have been introduced. Certificate authorities can sign User A’s public key, ensuring that no one else uses Bobs information or impersonated his key. If a user is uncertain of the digital signature it is possible to verify the digital signature with the certificate authority. Signatures can also be revoked if they are abused or if it is suspected that they are abused. When a digital signature is compromised the user that suspects that the certificate is compromised should report the incident to the certificate authority.