Digital Signatures :
- A quick explanation of a digital signature is an encrypted hash.
- With that said, we can review our situation so far: – To ensure that only certain people can read our data, we can encrypt the data. — Otherwise —
- 1) To ensure that plaintext data hasn’t been tampered with, we generate a message digest.
- 2) To ensure that the message hasn’t been replaced, we will encrypt the message digest (which is a digital signature).
- A digital signature gives us two things:
- 1) Validation that the data has not been tampered with.
- 2) Proof that the data received is in fact from the expected sender.
- When a message digest is encrypted using a sender’s private key (this prevents tampering), the receiver can decrypt the digest using the sender’s public key (this is proof of the sender’s identity).
- The following is a diagram of how a digital signature is used: