Asignature, ordigital signature, is aprotocol showing that a message is authentic.

From thehash of a given message, thesigning process first generates a digital signature linked to the signing entity, using the entity's privatekey.

On receiving the message, theverification process

• authenticates the sender - uses the sender's public key todecrypt the signature and recover the hash, which can only be created with the sender's private key, and
• checks message integrity - compares the hash with a newly calculated one from the received document (the two hashes will differ if the document has been tampered with)

The system fails if the private key is compromised or the recipient is deceitfully given the wrong public key.

Digital signatures rely on asymmetric cryptography, also known aspublic-key cryptography.

See also

• Digital signature on Wikipedia
• Related glossary terms:
  • Hash function
  • Encryption