How does a digital signature work?
A digital certificate explicitly associates the identity of an individual/device with a pair of electronic keys – public and private keys – and this association is endorsed by the CA. The certificate contains information about a user’s identity (for example, their name, email address, the date the certificate was issued and the name of the Certifying Authority that issued it.). These keys complement each other in that one does not function in the absence of the other. They are used by browsers and servers to encrypt and decrypt information regarding the identity of the certificate user during information exchange processes. The private key is stored on the user’s computer hard disk or on an external device such as a smart card. The user retains control of the private key; it can only be used with the issued password. The public key is disseminated with the encrypted information. The authentication process fails if either one of these keys in not available or do not match. This means th
Suppose that the famous Bob and Alice wish to correspond electronically. Bob wants to assure Alice that he originated the electronic message, and that its contents have not been tampered with. He does so by signing the message with a digital signature. When Bob clicks on the digital signature option on his e-mail application, special software applies a mathematical formula known as a hash function to the message, converting it to a fixed-length string of characters called a message digest. The digest acts as a “digital fingerprint” of the original message. If the original message is changed in any way, it will not produce the same message digest when the hash function is applied. Bob’s software then encrypts the message digest with his private key, producing a digital signature of the message. He transmits the message and digital signature to Alice. Alice uses Bob’s public key to decrypt the digital signature, revealing the message digest. Since only Bob’s public key can decrypt the di
