{"id":10309,"date":"2022-11-26T14:23:09","date_gmt":"2022-11-26T14:23:09","guid":{"rendered":"https:\/\/mdr.foobrdigital.com\/?p=10309"},"modified":"2022-11-26T14:23:09","modified_gmt":"2022-11-26T14:23:09","slug":"importance-of-digital-signature","status":"publish","type":"post","link":"https:\/\/mudassirbackup.infinitycodestudio.com\/index.php\/2022\/11\/26\/importance-of-digital-signature\/","title":{"rendered":"Importance of Digital Signature"},"content":{"rendered":"\n<p>Out of all cryptographic primitives, the digital signature using public key cryptography is considered as very important and useful tool to achieve information security.<\/p>\n\n\n\n<p>Apart from ability to provide non-repudiation of message, the digital signature also provides message authentication and data integrity. Let us briefly see how this is achieved by the digital signature \u2212<\/p>\n\n\n\n<ul>\n<li><strong>Message authentication<\/strong>&nbsp;\u2212 When the verifier validates the digital signature using public key of a sender, he is assured that signature has been created only by sender who possess the corresponding secret private key and no one else.<\/li>\n\n\n\n<li><strong>Data Integrity<\/strong>&nbsp;\u2212 In case an attacker has access to the data and modifies it, the digital signature verification at receiver end fails. The hash of modified data and the output provided by the verification algorithm will not match. Hence, receiver can safely deny the message assuming that data integrity has been breached.<\/li>\n\n\n\n<li><strong>Non-repudiation<\/strong>&nbsp;\u2212 Since it is assumed that only the signer has the knowledge of the signature key, he can only create unique signature on a given data. Thus the receiver can present data and the digital signature to a third party as evidence if any dispute arises in the future.<\/li>\n<\/ul>\n\n\n\n<p>By adding public-key encryption to digital signature scheme, we can create a cryptosystem that can provide the four essential elements of security namely \u2212 Privacy, Authentication, Integrity, and Non-repudiation.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Encryption with Digital Signature<\/h2>\n\n\n\n<p>In many digital communications, it is desirable to exchange an encrypted messages than plaintext to achieve confidentiality. In public key encryption scheme, a public (encryption) key of sender is available in open domain, and hence anyone can spoof his identity and send any encrypted message to the receiver.<\/p>\n\n\n\n<p>This makes it essential for users employing PKC for encryption to seek digital signatures along with encrypted data to be assured of message authentication and non-repudiation.<\/p>\n\n\n\n<p>This can archived by combining digital signatures with encryption scheme. Let us briefly discuss how to achieve this requirement. There are&nbsp;<strong>two possibilities, sign-then-encrypt<\/strong>&nbsp;and&nbsp;<strong>encrypt-then-sign<\/strong>.<\/p>\n\n\n\n<p>However, the crypto system based on sign-then-encrypt can be exploited by receiver to spoof identity of sender and sent that data to third party. Hence, this method is not preferred. The process of encrypt-then-sign is more reliable and widely adopted. This is depicted in the following illustration \u2212<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/www.tutorialspoint.com\/cryptography\/images\/encryption_with_digital_signature.jpg\" alt=\"Encryption With Digital Signature\"\/><\/figure>\n\n\n\n<p>The receiver after receiving the encrypted data and signature on it, first verifies the signature using sender\u2019s public key. After ensuring the validity of the signature, he then retrieves the data through decryption using his private key.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.tutorialspoint.com\/cryptography\/message_authentication.htm\"><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Out of all cryptographic primitives, the digital signature using public key cryptography is considered as very important and useful tool to achieve information security. Apart from ability to provide non-repudiation of message, the digital signature also provides message authentication and data integrity. Let us briefly see how this is achieved by the digital signature \u2212 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580],"tags":[],"_links":{"self":[{"href":"https:\/\/mudassirbackup.infinitycodestudio.com\/index.php\/wp-json\/wp\/v2\/posts\/10309"}],"collection":[{"href":"https:\/\/mudassirbackup.infinitycodestudio.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mudassirbackup.infinitycodestudio.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mudassirbackup.infinitycodestudio.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mudassirbackup.infinitycodestudio.com\/index.php\/wp-json\/wp\/v2\/comments?post=10309"}],"version-history":[{"count":0,"href":"https:\/\/mudassirbackup.infinitycodestudio.com\/index.php\/wp-json\/wp\/v2\/posts\/10309\/revisions"}],"wp:attachment":[{"href":"https:\/\/mudassirbackup.infinitycodestudio.com\/index.php\/wp-json\/wp\/v2\/media?parent=10309"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mudassirbackup.infinitycodestudio.com\/index.php\/wp-json\/wp\/v2\/categories?post=10309"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mudassirbackup.infinitycodestudio.com\/index.php\/wp-json\/wp\/v2\/tags?post=10309"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}