Are you one of those people who actually dares to look under the bonnet of a car? Do you like to know exactly how things work? Then this article is definitely something for you.
Are you one of those people who actually dares to look under the bonnet of a car? Do you like to know exactly how things work? Then this article is definitely something for you.
You have undoubtedly already heard about digital signatures. You may have even affixed one already. But how does such a signature actually work, in purely technical terms?
Digital signatures are based on a specific protocol known as public key infrastructure (PKI). This underlying technology uses cryptographic algorithms to create two long numbers or codes. These are called keys. One of the keys is public and makes it possible to share documents with other parties. The other is private and known only to the owner. Both keys are inextricably linked.
The digital signature is unique to you as a signer. Every time you sign a document, you create your signature with your private key. This private key is also included in the signature when you sign. In short: as a signer, you link the digital signature securely to a document by means of an encrypted message.
Before you sign, a unique overview or summary of the encrypted message known as hash is created by means of cryptography. It is then encrypted or signed with your private key and included in your digital signature.
When the document arrives at the recipient, another hash is created. The recipient can compare both parts by decrypting the hash that was included in your signature. If they do not match, the recipient knows that the document has been tampered with, and the signature is invalid.
Last but far from least, the digital signature also uses a certificate based digital ID issued by an accredited Certificate Authority (CA), such as Isabel, or a Trust Service Provider (TSP). In such a digital certificate, the certification service providers record exactly which public key belongs to which person — and therefore to which private key.
In addition to your private key, each digital signature also contains the digital certificate and the corresponding public key, plus some additional information such as the date and time when the document was signed. Each digitally signed document is secured with a public key so that only the owner of the matching private key can decipher and open it.
If you sign a document digitally, your identity is linked to yourself in a unique manner, while your signature is linked to the document through encryption. You can then verify all this nicely by means of the underlying PKI technology, i.e. the combination of public and private keys.
Got the urge to start using the digital signature already? Our own solution, SignHere, is perfectly suitable.
Read the testimonial by Artes Group