A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit. Digital signatures are commonly used for software distribution, financial transactions, and in other cases where it is important to detect forgery or tampering. In some countries, including the United States, India, and members of the European Union, electronic signatures have legal significance. Uses of digital signatures
• Authentication: Although messages may
often include information about the entity sending a message, that information
may not be accurate. Digital signatures can be used to authenticate the source
of messages. When ownership of a digital signature secret key is bound to a
specific user, a valid signature shows that the message was sent by that user.
The importance of high confidence in sender authenticity is especially obvious
in a financial context. For example, suppose a bank's branch office sends
instructions to the central office requesting a change in the balance of an
account. If the central office is not convinced that such a message is truly
sent from an authorized source, acting on such a request could be a grave
mistake.
• Integrity: In many scenarios, the sender
and receiver of a message may have a need for confidence that the message has
not been altered during transmission. Although encryption hides the contents of
a message, it may be possible to change an encrypted message without
understanding it. (Some encryption algorithms, known as nonmalleable ones,
prevent this, but others do not.) However, if a message is digitally signed,
any change in the message after signature will invalidate the signature.
Furthermore, there is no efficient way to modify a message and its signature
to produce a new message with a valid
signature, because this is still considered to be computationally infeasible by
most cryptographic hash functions (see collision resistance).
• Non-repudiation: Non-repudiation, or
more specifically non-repudiation of origin, is an important aspect of digital
signatures. By this property, an entity that has signed some information cannot
at a later time deny having signed it. Similarly, access to the public key only
does not enable a fraudulent party to fake a valid signature.