What is a digital signature?

A digital signature is a cryptographic mechanism used to verify the authenticity and integrity of digital data. We can think of it as a digital version of conventional handwritten signatures, but with a higher level of complexity and security.
Simply put, we can describe a digital signature as a code attached to a message or document. Once generated, the code acts as proof that the message has not been tampered with on its way from sender to receiver.
Although the concept of securing communications using cryptography dates back to ancient times, digital signature schemes became a possible reality in the 1970s with the development of public key cryptography (PKC). So, to learn how digital signatures work, we need to first understand the basics of hash functions and public key cryptography.

Hash functionsHashing is one of the main elements of a digital signature system. The process of hashing is converting data of any size into output data of a fixed size. This is done using a special kind of algorithms known as hash functions. The output generated by the hash function is known as the hash value or digest of the message.
In combination with cryptography, so-called cryptographic hash functions can be used to generate a hash value (digest) that acts as a unique digital fingerprint. This means that any change to the input (message) will result in a different output (hash value). It is for this reason that cryptographic hash functions are widely used to verify digital data.

Public Key Cryptography (PKC)Public key cryptography or PKC refers to a cryptographic system that uses a pair of keys: one public key and one private key. The two keys are mathematically related and can be used for both data encryption and digital signatures.
As an encryption tool, PKC is more secure than simpler symmetric encryption methods. While older systems rely on the same key to encrypt and decrypt information, PKC allows data to be encrypted with a public key and data to be decrypted with the corresponding private key.
In addition, the PKC scheme can also be used when creating digital signatures. Essentially, the process consists of hashing the message (or digital data) together with the signer's private key. The recipient of the message can then verify that the signature is valid using the public key provided by the signer.
In some situations, digital signatures may contain encryption, but this is not always the case. For example, the Bitcoin blockchain uses PKC and digital signatures, but contrary to what many believe, there is no encryption involved. Technically, Bitcoin uses the so-called Elliptic Curve Digital Signature Algorithm (ECDSA) to authenticate transactions.

How digital signatures workIn the context of cryptocurrencies, a digital signature system often consists of three main steps: hashing, signing, and verification.
Data hashingThe first step is to hash the message or digital data. This is done by sending the data using a hashing algorithm to create a hash value (ie a digest of the message). As mentioned, messages can vary greatly in size, but when they are hashed, all their hash values ​​are the same length. This is the main property of the hash function.
However, hashing the data is not required to create a digital signature, as it is possible to use a private key to sign a message that has not been hashed at all. But for cryptocurrencies, data is always hashed because working with fixed-length digests simplifies the whole process.
SignatureAfter hashing the information, the sender of the message needs to sign it. This is where public key cryptography comes into play. There are several types of digital signature algorithms, each with its own mechanism. But essentially, the hashed message will be signed with a private key, and the recipient of the message can then verify its authenticity using the corresponding private key (provided by the signer).
In other words, if the private key is not enabled when the signature is created, the recipient of the message will not be able to use the corresponding public key to verify its authenticity. Both the public and private keys are generated by the sender of the message, but the public key is transmitted to the recipient.
It is worth noting that digital signatures are directly related to the content of each message. Therefore, unlike handwritten signatures, which are generally the same regardless of the message, each digitally signed message will have a different digital signature.
AuditLet's take an example to illustrate the whole process up to the last step of verification. Imagine that Alice writes a message to Bob, hashes it, and then combines the hash value with her private key to create a digital signature. The signature will act as a unique digital fingerprint of this message.
When Bob receives the message, he can verify the validity of the digital signature using the public key provided by Alice. So Bob can be sure that the signature was created by Alice, because only she has a private key that matches this public key (at least that's what we expect).
Therefore, it is very important for Alice to keep her private key secret. If another person obtains Alice's private key, they can create a digital signature and impersonate Alice. In the context of Bitcoin, this means that someone can use Alice's private key to move or spend her Bitcoins without her permission.

Why are digital signatures important?Digital signatures are often used to achieve three outcomes: data integrity, authentication, and failover.
Data integrity. Bob can verify that Alice's message has not changed along the way. Any modification of the message will lead to the creation of a completely different signature.
Authenticity. Provided that Alice's private key is kept secret, Bob can use her public key to verify that the digital signatures were created by Alice and no one else.
Reliability. Once the signature is generated, Alice cannot deny that she signed it in the future, unless her private key is compromised.

Options for useDigital signatures can be applied to various types of digital documents and certificates. As such, they have several uses. Some of the most common uses are:
Information technologies: improving the security of Internet communication systems.
Finance: Digital signatures can be applied to audits, expense reports, credit agreements and more.
Legal regulation: Digital signing of all types of business contracts and legal agreements, including government documents.
Healthcare: Digital signatures can prevent counterfeiting of prescriptions and medical records.
Blockchain: Digital signature schemes ensure that only the legitimate owners of a cryptocurrency can sign a transaction to move funds (provided their private keys are not compromised).

LimitationThe main challenges facing digital signature schemes are based on at least three requirements:
Algorithm: The quality of the algorithms used in a digital signature scheme is important. This is, in particular, the choice of reliable hash functions and cryptographic systems.
Implementation: If the algorithms are good and the implementation is lacking, the digital signature system is likely to be flawed.
Private key: If the private keys are lost or compromised in some way, the authenticity and non-failure properties will be nullified. For users of cryptocurrencies, the loss of a private key can cause significant financial losses.

Electronic signatures vs. digital signaturesDigital signatures refer to one specific type of electronic signatures that belong to any electronic method of signing documents and messages. Therefore, all digital signatures are electronic signatures, but not vice versa.
The main difference between them is the authentication method. Digital signatures use cryptographic systems such as hash functions, public key cryptography, and encryption techniques.

ResultsHash functions and public-key cryptography are at the heart of digital signature systems, which currently have many uses. When applied correctly, digital signatures can improve security, ensure integrity, and facilitate authentication of all types of digital data.
In the blockchain field, digital signatures are used to sign and authorize crypto-transactions. They are especially important for Bitcoin because signatures ensure that coins can only be spent by people who have the corresponding private keys.
Although we have been using both electronic and digital signatures for many years, we still have room to grow. Much of today's bureaucracy is still paper-based, but we are likely to see greater adoption of digital signatures as we move to a more digital kind of data processing systems.