Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Digital signature
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{Short description|Mathematical scheme for verifying the authenticity of digital documents}} {{About|a cryptographic construct derived from a mathematical scheme which is hard to forge|a data record not secured by cryptographic scheme|Electronic signature}} [[File:Private key signing.svg|alt=Alice signs a message—"Hello Bob!"—by appending a signature which is computed from the message and her private key. Bob receives the message, including the signature, and using Alice's public key, verifies the authenticity of the signed message.|thumb|Alice signs a message—"Hello Bob!"—by appending a signature which is computed from the message and her private key. Bob receives both the message and signature. He uses Alice's public key to verify the authenticity of the signed message.]] A '''digital signature''' is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature on a message gives a recipient confidence that the message came from a sender known to the recipient.<ref name="bellare-goldwasser2008digsigs">{{cite book |title=Lecture Notes on Cryptography |first1=Mihir |last1=Bellare |author-link1=Mihir Bellare |first2=Shafi |last2=Goldwasser |author-link2=Shafi Goldwasser |date=July 2008 |url=https://cseweb.ucsd.edu/~mihir/papers/gb.pdf#page=168 |chapter=Chapter 10: Digital signatures |page=168 |access-date=2023-06-11 |archive-date=2022-04-20 |archive-url=https://web.archive.org/web/20220420003617/https://cseweb.ucsd.edu/~mihir/papers/gb.pdf#page=168 |url-status=live }}</ref><ref name="katz-lindell2007digsigs">{{cite book |title=Introduction to Modern Cryptography |first1=Jonathan |last1=Katz |author-link1=Jonathan Katz (computer scientist) |first2=Yehuda |last2=Lindell |author-link2=Yehuda Lindell |date=2007 |chapter=Chapter 12: Digital Signature Schemes |page=399 }}</ref> Digital signatures are a standard element of most [[cryptographic protocol]] suites, and are commonly used for software distribution, financial transactions, [[contract management software]], and in other cases where it is important to detect forgery or [[Tampering (crime)|tampering]]. Digital signatures are often used to implement [[electronic signature]]s, which include any electronic data that carries the intent of a signature,<ref name="cEMCl">{{Cite web |url=http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=106_cong_public_laws&docid=f:publ229.106.pdf |title=US ESIGN Act of 2000 |access-date=2006-05-10 |archive-date=2011-05-22 |archive-url=https://web.archive.org/web/20110522212411/http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=106_cong_public_laws&docid=f:publ229.106.pdf |url-status=live }}</ref> but not all electronic signatures use digital signatures.<ref name="6TaHP">[http://enterprise.state.wi.us/home/strategic/esig.htm State of WI] {{webarchive|url=https://web.archive.org/web/20060925104000/http://enterprise.state.wi.us/home/strategic/esig.htm |date=2006-09-25}}</ref><ref name="uExGJ">[http://www.naa.gov.au/recordkeeping/er/Security/6-glossary.html National Archives of Australia] {{webarchive|url=https://web.archive.org/web/20141109180215/http://www.naa.gov.au/recordkeeping/er/Security/6-glossary.html|date=November 9, 2014}}</ref> Electronic signatures have legal significance in some countries, including [[Brazil]], [[Canada]],<ref name="iwENG">{{cite web|title=Secure Electronic Signature Regulations SOR/2005-30|url=https://laws-lois.justice.gc.ca/eng/regulations/SOR-2005-30/FullText.html|website=Justice Laws Website|date=10 March 2011|access-date=19 May 2020|archive-date=28 February 2020|archive-url=https://web.archive.org/web/20200228123232/https://laws-lois.justice.gc.ca/eng/regulations/SOR-2005-30/FullText.html|url-status=live}}</ref> [[South Africa]],<ref name="TZv4Q">{{cite journal |title=Electronic Communications and Transactions Act [No. 25 of 2002] |url=https://www.gov.za/sites/default/files/gcis_document/201409/a25-02.pdf |journal=Government Gazette |publisher=[[South Africa|Republic of South Africa]] |volume=446 |issue=23708 |date=2 August 2002 |access-date=23 September 2019 |archive-date=1 April 2019 |archive-url=https://web.archive.org/web/20190401025101/https://www.gov.za/sites/default/files/gcis_document/201409/a25-02.pdf |url-status=live }}</ref> [[Russia]],<ref>{{Cite web |title=Федеральный закон "Об электронной подписи" от 06.04.2011 N 63-ФЗ (последняя редакция) \ КонсультантПлюс |url=https://www.consultant.ru/document/cons_doc_LAW_112701/ |access-date=2024-10-27 |website=www.consultant.ru}}</ref> the [[United States]], [[Algeria]],<ref name="9wrdi">{{cite web|title=Law 15-04|url=http://www.algerianbanks.com/index.php/environnement-juridique/principaux-codes-juridiques/la-signature-et-a-la-certification-electroniques|website=Official Journal, February 1, 2015|access-date=February 20, 2018|archive-date=November 5, 2018|archive-url=https://web.archive.org/web/20181105202747/http://www.algerianbanks.com/index.php/environnement-juridique/principaux-codes-juridiques/la-signature-et-a-la-certification-electroniques|url-status=live}}</ref> [[Turkey]],<ref>{{cite web|title=Elektronik İmza Kanunu|url=https://www.mevzuat.gov.tr/mevzuatmetin/1.5.5070.pdf|website=Mevzuat Bilgi Sistemi|publisher=Resmî Gazete|date=2004-01-23|access-date=2022-03-11|language=tr|trans-title=Electronic Signature Law|archive-date=2022-03-22|archive-url=https://web.archive.org/web/20220322012649/https://www.mevzuat.gov.tr/mevzuatmetin/1.5.5070.pdf|url-status=live}}</ref> [[India]],<ref name="fN2Ic">{{cite web|title=The Information Technology Act, 2000|url=http://www.dot.gov.in/sites/default/files/itbill2000_0.pdf|website=Department of Telecommunications, Ministry of Communication, Government of India|publisher=The Gazette of India Extraordinary|access-date=17 September 2017|archive-date=18 September 2017|archive-url=https://web.archive.org/web/20170918053132/http://www.dot.gov.in/sites/default/files/itbill2000_0.pdf|url-status=live}}</ref> [[Indonesia]], [[Mexico]], [[Saudi Arabia]],<ref name="LplND">{{cite web|title=Electronic Transaction Law|url=http://www.citc.gov.sa/en/RulesandSystems/CITCSystem/Pages/ElectronicTransactionsLaw.aspx|website=Communication and Information Technology Commission|access-date=17 September 2017|archive-date=17 September 2017|archive-url=https://web.archive.org/web/20170917170649/http://www.citc.gov.sa/en/RulesandSystems/CITCSystem/Pages/ElectronicTransactionsLaw.aspx|url-status=dead}}</ref> [[Uruguay]],<ref name="Xf3lW">{{Cite web | url=https://www.agesic.gub.uy/innovaportal/v/5834/13/agesic/firma-electronica.html | title=Cómo se usa | access-date=2018-02-01 | archive-date=2018-02-02 | archive-url=https://web.archive.org/web/20180202012559/https://www.agesic.gub.uy/innovaportal/v/5834/13/agesic/firma-electronica.html | url-status=live }}</ref> [[Switzerland]], [[Chile]]<ref name="4h0yN">{{Cite web|url=https://www.leychile.cl/Navegar?idNorma=196640|title=Ley-19799 Sobre Documentos Electrónicos, Firma Electrónica y Servicios de Certificación de Dicha Firma|date=2002-04-12|website=Ley Chile – Biblioteca del Congreso Nacional|language=es|access-date=2020-01-21|archive-date=2019-12-26|archive-url=https://web.archive.org/web/20191226165830/http://www.leychile.cl/Navegar?idNorma=196640|url-status=live}}</ref> and the countries of the [[European Union]].<ref name="Cryptomathic_MajorStandardsDigSig">{{cite web|last1=Turner|first1=Dawn|title=Major Standards and Compliance of Digital Signatures – A World-Wide Consideration|url=http://www.cryptomathic.com/news-events/blog/major-standards-and-compliance-of-digital-signatures-a-world-wide-consideration|publisher=Cryptomathic|access-date=7 January 2016|archive-date=9 February 2016|archive-url=https://web.archive.org/web/20160209203857/http://www.cryptomathic.com/news-events/blog/major-standards-and-compliance-of-digital-signatures-a-world-wide-consideration|url-status=live}}</ref><ref name="CryptomathicDigSigServicesAshiqJA">{{cite web|last1=JA|first1=Ashiq|title=Recommendations for Providing Digital Signature Services|url=http://www.cryptomathic.com/news-events/blog/recommendations-for-providing-digital-signature-services|publisher=Cryptomathic|access-date=7 January 2016|archive-date=9 February 2016|archive-url=https://web.archive.org/web/20160209203856/http://www.cryptomathic.com/news-events/blog/recommendations-for-providing-digital-signature-services|url-status=live}}</ref> Digital signatures employ [[asymmetric key algorithm|asymmetric cryptography]]. In many instances, they provide a layer of validation and security to messages sent through a non-secure channel: Properly implemented, a digital signature gives the receiver reason to believe the message was sent by the claimed sender. Digital signatures are equivalent to traditional handwritten signatures in many respects, but properly implemented digital signatures are more difficult to forge than the handwritten type. Digital signature schemes, in the sense used here, are cryptographically based, and must be implemented properly to be effective. They can also provide [[non-repudiation]], meaning that the signer cannot successfully claim they did not sign a message, while also claiming their [[private key]] remains secret.<ref>{{Cite journal |last1=Chia |first1=Jason |last2=Chin |first2=Ji-Jian |last3=Yip |first3=Sook-Chin |date=2021-09-16 |title=Digital signature schemes with strong existential unforgeability |journal=F1000Research |volume=10 |page=931 |language=en |doi=10.12688/f1000research.72910.1 |pmid=36798451 |pmc=9925878 |s2cid=239387758 |doi-access=free }}</ref> Further, some non-repudiation schemes offer a timestamp for the digital signature, so that even if the private key is exposed, the signature is valid.<ref name="G18bg">{{Cite journal|last1=Fang|first1=Weidong|last2=Chen|first2=Wei|last3=Zhang|first3=Wuxiong|last4=Pei|first4=Jun|last5=Gao|first5=Weiwei|last6=Wang|first6=Guohui|date=2020-03-04|title=Digital signature scheme for information non-repudiation in blockchain: a state of the art review|journal=EURASIP Journal on Wireless Communications and Networking|volume=2020|issue=1|doi=10.1186/s13638-020-01665-w|s2cid=212613803|issn=1687-1499|doi-access=free}}</ref><ref name="U844i">{{Cite journal|last1=Zhou|first1=J.|last2=Lam|first2=K.Y.|date=May 1999|title=Securing digital signatures for non-repudiation|url=http://dx.doi.org/10.1016/s0140-3664(99)00031-6|journal=Computer Communications|volume=22|issue=8|pages=710–716|doi=10.1016/s0140-3664(99)00031-6|issn=0140-3664|access-date=2020-10-26|archive-date=2023-07-01|archive-url=https://web.archive.org/web/20230701101034/https://www.sciencedirect.com/science/article/abs/pii/S0140366499000316?via%3Dihub|url-status=live|url-access=subscription}}</ref> Digitally signed messages may be anything representable as a [[bitstring]]: examples include electronic mail, contracts, or a message sent via some other cryptographic protocol.
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)