In short, we can understand a digital signature as a code attached to a message or document. After the digital signature is generated, it can be used as evidence to prove that the message has not been tampered with during transmission from the sender to the receiver.
Although the concept of using cryptography to protect communication confidentiality can be traced back to ancient times, with the development of public key cryptography (PKC), the digital signature scheme did not become a reality until 1970s. Therefore, to understand the working principle of digital signature, we need to understand the basic knowledge of hash function and public key encryption first.
Hash is one of the core elements of digital signature. The operation process of hash value refers to converting data of arbitrary length into fixed length. This is achieved through a special operation called hash function. The value generated by hash function operation is called hash value or message digest.
When the hash value is combined with the encryption algorithm, that is, the hash value (abstract) is generated by the encryption hash function, which can be used as a unique digital fingerprint. This means that any change to the input data (message) will result in a completely different output value (hash value). This is why cryptographic hash functions are widely used to verify the authenticity of numbers and data.
Public key encryption or PKC refers to an encryption system that uses a pair of keys: a public key and a private key. These two keys are mathematically related and can be used for data encryption and digital signature.
As an encryption tool, PKC has higher security than symmetric encryption. Symmetric encryption systems rely on the same key to encrypt and decrypt information, but PKC uses the public key to encrypt data and the corresponding private key to decrypt data.
In addition, PKC can also be used to generate digital signatures. Essentially, the sender of this process uses his own private key to encrypt the hash value of the message (data). Next, the receiver of the message can use the public key provided by the signer to check whether the digital signature is valid.
In some cases, the digital signature itself may contain an encryption process, but this is not always the case. For example, the bitcoin blockchain uses PKC and digital signature, and it is not encrypted in this process as most people think. Technically, Bitcoin has deployed the so-called elliptic curve digital signature algorithm (ECDSA) to verify the transaction.
Under the background of cryptocurrency, digital signature system usually includes three basic processes: hashing, signing and verification.
The first step is to hash the message or data. Through the hash algorithm, the data is operated to generate a hash value (that is, a message digest). As mentioned above, the length of messages may vary greatly, but when messages are hashed, their hash values all have the same length. This is the most basic attribute of hash function.
However, just hashing the message is not a necessary condition for generating a digital signature, because messages without hashing can also be encrypted with a private key. But for cryptocurrency, it is necessary to process the message with hash function, because processing the hash value with fixed length is helpful for the program of cryptocurrency to run.
After hashing the information, the sender of the message needs to sign his message. Here is the use of public key cryptography. There are several types of digital signature algorithms, each of which has its own unique operating mechanism. Essentially, a hash message (hash value) is signed with a private key, and then the receiver of the message can use the corresponding public key (provided by the signer) to check its validity.
In other words, if the private key is not used when generating the signature, the receiver of the message will not be able to use the corresponding public key to verify its validity. Both the public key and the private key are generated by the sender of the message, but only the public key * * * is shared with the receiver.
It should be noted that a digital signature is associated with the content of each message. Therefore, unlike the handwritten signature, the digital signature of each email is different.
Let's give an example to illustrate the whole process, including the verification from the beginning to the last step. Let's assume that Alice sends a message to Bob, hashes the message to get a hash value, and then combines the hash value with her private key to generate a digital signature. The digital signature will be the unique digital fingerprint of the mail.
When Bob receives the message, he can use the public key provided by Alice to check the validity of the digital signature. In this way, Bob can be sure that the signature was created by Alice, because only she has the private key corresponding to the public key (at least this is consistent with our hypothesis).
Therefore, it is very important for Alice to keep the private key well. If another person gets Alice's private key, they can also create a digital signature and pretend to be Alice. In the context of bitcoin, this means that someone can use Alice's private key to transfer or use her bitcoin without her knowledge.
Digital signature is usually used to achieve the following three goals: data integrity, authentication and non-repudiation.
Digital signatures can be applied to various digital documents and certificates. Therefore, they have several applications. Some of the most common situations include:
The main challenges faced by digital signature schemes are mainly limited to the following three factors:
In short, digital signature can be understood as a specific type of electronic signature, especially for documents and messages. Therefore, all digital signatures can be considered as electronic signatures, but not vice versa.
The main difference between them is the authentication method. Digital signature needs to deploy encryption systems, such as hash function, public key encryption and encryption technology.
Hash function and public key encryption are the core of digital signature system, which are applied in various situations. If properly implemented, digital signature can improve security, ensure integrity, and contribute to the authentication of various data.
In the blockchain field, digital signatures are used to sign and authorize cryptocurrency transactions. They are especially important for bitcoin, because digital signatures can ensure that tokens can only be used by people who have the corresponding private keys.
Although we have used electronic signature and digital signature for many years, there is still much room for development. Today, most official documents are still based on paper materials, but as more systems migrate to digitalization, we will see more digital signature schemes.