A Digital Signature is a type of signature that guarantees that the contents of a message have not been altered in transit. It validates the authenticity and integrity of a message (e.g., an email, a credit card transaction, or a digital document). For example when Bob has to digitally sign a file or an email and send it to Alice.
- Bob selects the file to be digitally signed or clicks on ‘sign’ in his email application
- The hash value of the file content or the message is calculated by Bob’s computer
- This hash value is encrypted with Bob’s Signing Key (which is a Private Key) to create the Digital Signature.
- Now, the original file or email message along with its Digital Signature are sent to Alice.
- After Alice receives the signed message, the associated application (such as email application) identifies that the message has been signed. Alice’s computer then proceeds to:
- Decrypt the Digital Signature using Bob’s Public Key
- Calculate the hash of the original message
- Compare the (a) hash it has computed from the received message with the (b) decrypted hash received with Bob’s message.
- Any difference in the hash values would reveal tampering of the message.
Digital Signature Algorithm (DSA) is a US Federal Government standard which is used in Digital Signature Standard (DSS). DSA uses private key sizes of 160, 224, or 256 and public key sizes 1024, 2048, and 3072. Private key is a randomly generated number and a public key is mathematically related to a private key. The public key for DSA-RSA consists of two numbers (n,e) where n = p * q and e is an exponent. The private key consists of (n, d) d is a prime exponent and d depends on n and e. This is just a basis of the Digital Signature Algorithm (DSA).
How to use a Digital Signature Certificate?
In order to verify the authenticity of your digital signature then you must obtain a digital certificate from a reputable CA. Digital Signature Certificate (DSC) helps people to sign a document online, which means a person can fill up the form, sign in and submit the form. There are two types of digital signatures which are Adobe Supports and Microsoft Word supports. In Adobe Supports, it has two features which are Certified Signature and Approval Digital Signature. On the other hand, Microsoft Word supports two features including visible and non-visible digital signature. There are many websites that offer Digital Signature Certificate services to customers which are below (top 5):
DocuSign | $10/month – Annually |
eversign | From $9.99 to $79.99 / month |
PandaDoc | From $9 to $49 /month |
SignNow | From $8 to $50 /month |
SignEasy | From $7 to $15 /month |
There are many different websites and software tools that provide customers to use Digital Signature Certificates. The pricing depends on the services and the number of users. Thus, most of the companies are using Digital Signature as it increases the transparency of online interactions and develops trust between customers, business partners, vendors and employees.
Need Advice on Risk Management?
