What is a digital signature#

A digital signature is a cryptographic result attached to data that helps a receiver verify three things:

Important: a digital signature does not hide the message. Confidentiality comes from encryption, not from the signature itself.

Simple idea: sign with the private key, verify with the public key.

Why we need it#

Without protection, a digital file can be copied, edited, or impersonated in transit. The receiver needs proof of source and integrity.

Building blocks#

How digital signatures work#

1. Hash the message
   A hash function converts the message into a short fingerprint.
2. Sign the hash
   The sender uses a private key to sign that fingerprint.
3. Verify
   The receiver recomputes the hash and uses the public key of the sender to check the signature.

Algorithms and common uses#

Limitations and best practices#

RSA Signature: Choosing Public and Private Keys#

• Choose two prime numbers: $p = 3$ and $q = 11$
• Compute $n = p \times q = 3 \times 11 = 33$
• Compute $\phi(n) = (p − 1)(q − 1) = 2 \times 10 = 20$
• Choose e such that $1 < e < \phi(n)$ and $\gcd(e, \phi(n)) = 1$. Let $\textcolor{blue}{e = 3}$
• Find d such that $e \cdot d \equiv 1 (\bmod \phi(n))$
• Here, $3 \times 7 = 21 \equiv 1 (\bmod 20)$, so $\textcolor{blue}{d = 7}$

These keys are used for signing and verifying

RSA Signature: Signing the Message#

• Let the message hash be $h = 2$
• Use the private $key (d, n) = (7, 33)$
• Compute signature: $\textcolor{blue}{s = h^d \bmod n}$

$\begin{aligned}s &= 2^7 \bmod 33 \\ &= 128 \bmod 33 \\ &= 29\end{aligned}$

Therefore, the digital signature is $\textcolor{blue}{s = 29}$

RSA Signature: Verifying the Signature#

• Receiver uses the public $key (e, n) = (3, 33)$
• Verify signature $s = 29$ by computing $h' = s^e \bmod n$
• If $\textcolor{blue}{h'}$ equals the original hash $h = 2$, the signature is valid

$\begin{aligned}h' &= 29^3 \bmod 33 \\ &= 24389 \bmod 33 \\ &= 2 \end{aligned}$

Since $\textcolor{blue}{h' = 2 = h}$, the signature is valid

Digital Signature (Activity)#

Digital Signature Activity#

Connect to CDUT_WIFI, open your browser and Enter the URL http://172.20.X.X Click on the login button and register with your Student ID and appropriate Password. Login after successful registration

---

Click on “Digital Signature” on the navigation tabs. Generate your key pairs (public key and private key)

Enter any message and click on “Sign and Store Message”

---

Click on “Class Messages” on the navigation tabs.

Verify the messages submitted by your friends on the page using their public key