Digital signature

This article is about a cryptographic construct derived from a mathematical scheme which is hard to forge. For a data record not secured by cryptographic scheme, see Electronic signature.
Alice signs a message—"Hello Bob!"—by appending a signature computed from the message and her private key. Bob receives the message, including the signature, and using Alice's public key, verifies the authenticity of the signed message.
Alice signs a message—"Hello Bob!"—by appending a signature computed from the message and her private key. Bob receives both the message and signature. He uses Alice's public key to verify the authenticity of the signed message.

A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature on a message gives a recipient confidence that the message came from a sender known to the recipient.[1][2]

Digital signatures are a standard element of most cryptographic protocol suites, and are commonly used for software distribution, financial transactions, contract management software, and in other cases where it is important to detect forgery or tampering.

Digital signatures are often used to implement electronic signatures, which include any electronic data that carries the intent of a signature,[3] but not all electronic signatures use digital signatures.[4][5] Electronic signatures have legal significance in some countries, including Brazil, Canada,[6] South Africa,[7] Russia,[8] the United States, Algeria,[9] Turkey,[10] India,[11] Indonesia, Mexico, Saudi Arabia,[12] Uruguay,[13] Switzerland, Chile[14] and the countries of the European Union.[15][16]

Digital signatures employ asymmetric cryptography. In many instances, they provide a layer of validation and security to messages sent through a non-secure channel: Properly implemented, a digital signature gives the receiver reason to believe the message was sent by the claimed sender. Digital signatures are equivalent to traditional handwritten signatures in many respects, but properly implemented digital signatures are more difficult to forge than the handwritten type. Digital signature schemes, in the sense used here, are cryptographically based, and must be implemented properly to be effective. They can also provide non-repudiation, meaning that the signer cannot successfully claim they did not sign a message, while also claiming their private key remains secret.[17] Further, some non-repudiation schemes offer a timestamp for the digital signature, so that even if the private key is exposed, the signature is valid.[18][19] Digitally signed messages may be anything representable as a bitstring: examples include electronic mail, contracts, or a message sent via some other cryptographic protocol.

  1. ^ Bellare, Mihir; Goldwasser, Shafi (July 2008). "Chapter 10: Digital signatures". Lecture Notes on Cryptography (PDF). p. 168. Archived (PDF) from the original on 2022-04-20. Retrieved 2023-06-11.
  2. ^ Katz, Jonathan; Lindell, Yehuda (2007). "Chapter 12: Digital Signature Schemes". Introduction to Modern Cryptography. p. 399.
  3. ^ "US ESIGN Act of 2000" (PDF). Archived (PDF) from the original on 2011-05-22. Retrieved 2006-05-10.
  4. ^ State of WI Archived 2006-09-25 at the Wayback Machine
  5. ^ National Archives of Australia Archived November 9, 2014, at the Wayback Machine
  6. ^ "Secure Electronic Signature Regulations SOR/2005-30". Justice Laws Website. 10 March 2011. Archived from the original on 28 February 2020. Retrieved 19 May 2020.
  7. ^ "Electronic Communications and Transactions Act [No. 25 of 2002]" (PDF). Government Gazette. 446 (23708). Republic of South Africa. 2 August 2002. Archived (PDF) from the original on 1 April 2019. Retrieved 23 September 2019.
  8. ^ "Федеральный закон "Об электронной подписи" от 06.04.2011 N 63-ФЗ (последняя редакция) \ КонсультантПлюс". www.consultant.ru. Retrieved 2024-10-27.
  9. ^ "Law 15-04". Official Journal, February 1, 2015. Archived from the original on November 5, 2018. Retrieved February 20, 2018.
  10. ^ "ELEKTRONİK İMZA KANUNU" [Electronic Signature Law] (PDF). Mevzuat Bilgi Sistemi (in Turkish). Resmî Gazete. 2004-01-23. Archived (PDF) from the original on 2022-03-22. Retrieved 2022-03-11.
  11. ^ "THE INFORMATION TECHNOLOGY ACT, 2000" (PDF). Department of Telecommunications, Ministry of Communication, Government of India. The Gazette of India Extraordinary. Archived (PDF) from the original on 18 September 2017. Retrieved 17 September 2017.
  12. ^ "Electronic Transaction Law". Communication and Information Technology Commission. Archived from the original on 17 September 2017. Retrieved 17 September 2017.
  13. ^ "Cómo se usa". Archived from the original on 2018-02-02. Retrieved 2018-02-01.
  14. ^ "LEY-19799 SOBRE DOCUMENTOS ELECTRONICOS, FIRMA ELECTRONICA Y SERVICIOS DE CERTIFICACION DE DICHA FIRMA". Ley Chile – Biblioteca del Congreso Nacional (in Spanish). 2002-04-12. Archived from the original on 2019-12-26. Retrieved 2020-01-21.
  15. ^ Turner, Dawn. "Major Standards and Compliance of Digital Signatures – A World-Wide Consideration". Cryptomathic. Archived from the original on 9 February 2016. Retrieved 7 January 2016.
  16. ^ JA, Ashiq. "Recommendations for Providing Digital Signature Services". Cryptomathic. Archived from the original on 9 February 2016. Retrieved 7 January 2016.
  17. ^ Chia, Jason; Chin, Ji-Jian; Yip, Sook-Chin (2021-09-16). "Digital signature schemes with strong existential unforgeability". F1000Research. 10: 931. doi:10.12688/f1000research.72910.1. PMC 9925878. PMID 36798451. S2CID 239387758.
  18. ^ Fang, Weidong; Chen, Wei; Zhang, Wuxiong; Pei, Jun; Gao, Weiwei; Wang, Guohui (2020-03-04). "Digital signature scheme for information non-repudiation in blockchain: a state of the art review". EURASIP Journal on Wireless Communications and Networking. 2020 (1). doi:10.1186/s13638-020-01665-w. ISSN 1687-1499. S2CID 212613803.
  19. ^ Zhou, J.; Lam, K.Y. (May 1999). "Securing digital signatures for non-repudiation". Computer Communications. 22 (8): 710–716. doi:10.1016/s0140-3664(99)00031-6. ISSN 0140-3664. Archived from the original on 2023-07-01. Retrieved 2020-10-26.