A method for proving the authenticity of a digital communication.
What Is a Digital Signature?
If a signature is deemed valid, it can be assumed that the communication is from the person it says it’s from (known as authentication,) that the sender cannot reasonably deny that the communication is from them (non-repudiation,) and that the communication has not been changed or tampered with (integrity.)
To sign a message with a digital signature, the sender uses software to create a hash of the message, which is then encrypted using their private key. To verify a message, the encrypted hash is decrypted using the sender’s public key. Then, a second hash of the message is created; if this hash matches the decrypted one, the message is valid.
Electronic signature simply refers to any digital mark that is intended to represent a signature. Common examples of this include HelloSign and Adobe Sign. However, some electronic signature tools may include digital signature technology — meaning an element of public key cryptography may have been used.
Digital signatures are widely used online, for example to authenticate network connections. They are also becoming increasingly common in government. For example, key documents are now published by the U.S. Government Printing Office with accompanying public signatures to verify their authenticity.