What?
Similar to an actual digital signature in the real world, it’s a cryptographic string that mathematically proves that something is coming from a specific person. It’s a similar method to the double encryption thing.
How?
- We take the document that requires a signature.
- We hash it.
- We add padding
- We then encrypt that with our private key. (Because if our public key opens it, then it was from us).
Why does this work?
- We sign our hash with our private key. Since only our public key would reveal it, then it must have been us (this is the actual signature part).
- The recipient of the document can be sure that the public key is authentic thanks to the Certificate Authority, and the PKI in general.
- If the attacker would try to change anything, the hash would look different.
How would this look in actuality?
- We’d send bunch of messages
- We’d take a summary of the ones we sent, hash them and encrypt them with our private key.
- Thus anyone receiving can take those messages, do the same and decrypt with our public key. If they were truly from us, they’ll be the same.
- Pretty neat, eh?