What is a digital signature, and how does it work? I’ve googled these questions, but the websites I’ve found make references to things I don’t understand.
A digital signature is a way that you can “sign” a piece of data (a program, a jpeg picture, the text of some contract, or any other data), such that later third parties can verify that it was truly you who signed it. It’s a virtual equivalent to your signature on a piece of paper.
There are a few intricate bits of math involved in how this is done, but it sounds like that’s not what you’re after.
Digital signatures work by allowing you to take a hash function of a given message and then encrypt that hash with a key uniquely identifiable as yours. Generally, the hash would be encrypted with a private key- decryptable with a public key.
Then, anyone can take a hash of your messages and decrypt the signature… if the two hashes match, it verifies that the text has not been tampered with since it was digitally signed… and that it was actually signed by whomever has access to the identified key.
Basically a way to verify that Alice wrote everything in the message to Bob, and that Eve didn’t change a few words around here and there, for communications that require integrity, but not necessarily security.
If you want to start using public key without requiring everyone and your mother to have a program just to read your stuff, this is a good way to start… since all it adds is a a little bit of formatting (Begin Message, End Message, and the signature block) but doesn’t prevent anyone from reading the message itself. Might lead them to asking about it, at which point maybe you can convince them to DL the program.
Signature schemes, such as those used by PGP, rely on the commutativity of encryption/decryption routines such as RSA. That is, if I encrypt then decrypt a message I get the original message (of course), but it also works if I run the decrypt on the message first, then the encrypt routine. Note that in public key systems, anyone with my public key can do the encrypting but, hopefully, only I can do the decrypting.
So if I had some text:
“I, FtG, am Jack the Ripper.”
And I ran the decrypt routine (which only I can do using my private key) on it and then emailed that to Bob. Bob then could run the encrypt routine using my public key and get the quote above back.*
Using a really good encryption algorithm would make it nearly impossible for someone else to fake a string that would could be similarly processed by Bob to get something at all meaningful.
Yes, it may seem weird to run a decrypt routine on a plain text message, but to the routines involved, it’s just bits-in, bits-out.
*Actually, a bit more stuff is thrown in so that the software can check to make nearly certain that the resulting message really is the original text.
Is a program required to check/view a digital signature? How does it actually certify that the document came from a certain person?
It just verifies that a document was signed by a given key(set).
Linking a keyset with an actual identity is all the back and forth about key exchange and control, web of trust, etc. etc.
A program is required to verify a signature. Basically, a person has a special number, a very big number that noone else has called their private key (it’s called the private key because it is kept completely secret from everyone else). One program uses this number to sign whatever it is you need to sign. The person also has a second very lage number called their public key. This public key is shared with the world. The private key and public key are related to each other in a complex way such that if a third party has the public key, they can use a program ot verify that a document was signed using the private key.
You might want to google on “public key cryptography”, or “rsa” for mathematical detals. Also, a very good book is “Applied Cryptography” by Bruce Schneier. It’s very readable and very comprehensive.
Using PGP as an example, here are the steps one would take to sign and verify a digital document, First, using a PGP application (or e-mail plugin), generate a public and private key. The private key is yours, but the public key can be shared with anyone. One is used for encrypting a message, and the other for decrypting it.
Say Bill wants to send a secret message to Sally. Sally will give Bill her public key which Bill will use to encrypt the message. Now, the only key which can decrypt the message is Sally’s private key. That’s how Sally can openly give out her password without having to worry that anyone can use the password to read a message intended for her.
To sign a digital document, the process is run in reverse. Sally will encrypt her message with her private key. The only way to read it is by decrypting it with Sally’s public key, so the message must have been encrypted by the only person who knows Sally’s private key, ie: Sally. If the message cannot be decrypted using Sally’s public key, that means that the message has been altered or was not sent by Sally.
To make matters a little more complicated, what if Sally wanted to send a digitally-signed, encrypted message. First, she’d “sign” the document with her private key, and then she’d sign it with Bill’s public key. Bill would use his private key to decrypt it, and then Sally’s public key to authenticate it.
There are some detail’s I’ve skipped over for clarity, but you get the gist.