Digital Signature

cryptography

Definition

Digital Signature

A digital signature is a cryptographic mechanism that provides authentication, integrity, and non-repudiation for digital messages or documents. The signer creates the signature with their private key; anyone can verify it using the corresponding public key.

Non-Repudiation

Why Signatures, Not MACs

A MAC provides data integrity and authenticity, but it can only be verified by parties who share the secret key. Since both sender and receiver can compute a valid MAC, neither can prove to a third party which of them created it. A digital signature uses an asymmetric key pair: only the holder of the private key can produce a valid signature, while anyone with the public key can verify it. This provides public verifiability and non-repudiation.

Mechanism

To sign a message $m$, the signer computes $\sigma =\text{Sign}(sk,m)$ using their private key $sk$. To verify, any party checks $\text{Verify}(pk,m,\sigma )$ using the public key $pk$, outputting true if and only if the signature is valid for the message.

Hash-then-Sign

In practice, the signature of a document is typically computed over the hash of the document rather than the document itself. This speeds up computation and allows signing messages of arbitrary length.