Digital Signatures

Up to this point, this Chapter has primarily focused on how symmetric and asymmetric encryption is used for confidentiality. Now let's focus on how asymmetric algorithms can be used for authentication. The application of asymmetric encryption for authentication is known as a digital signature. Digital signatures are much like a signature in real life, as the signature validates the integrity of the document and the sender. Let's look at an example of how the five basic steps work in the digital signature process:

1. Jay produces a message digest by passing a message through a hashing algorithm.
2. The message digest is then encrypted using Jay's private key.
3. The message is forwarded, along with the encrypted message digest, to the recipient, Alice.
4. Alice creates a message digest from the message with the same hashing algorithm that Jay used. Alice then decrypts Jay's signature digest by using Jay's public key.
5. Finally, Alice compares the two message digests, the one originally created by Jay and the other that she created. If the two values match, Alice has proof that the message is unaltered and did come from Jay.

Figure 12.6 illustrates this process and demonstrates how asymmetric encryption can be used for confidentiality and integrity.

Figure 12.6. The digital signature process.

Exam Alert

Digital signatures provide integrity and authentication.