Digital
Signature
Overview
The
world today revolves around computers.
It has become necessary to have the capability to sign a digital
message. To do this, special software
is used to create a digital signature.
Privacy has become an important issue when personal information is
passed around over the Internet.
Because there are people that have the computers skills that can violate
you by using or altering your personal files, software creating digital
signatures have been developed. This
critique will discuss what is a digital signature, the components of a digital
signature, how it works, and how it relates to your personal privacy.
A
digital signature is an electronic signature that is used to authenticate the
identity of the sender of an electronic message. The signature itself is a series of ones and zeros that have been
scrambled by an encoding algorithm. The
algorithm is either secret or published.
This is called private or public keys.
By using special software, an individual can obtain these keys. One key encrypts the message and the other
deciphers it. The concept of a digital
signature is abstract, but is a useful security measure in the securing of
private documents such as medical records, legal documents, or simply
confidential messages. Using a digital
signature ensures that your message has been received by the intended
recipient, and not altered by a third party.
·
Software with the
ability to hash or crunch the data into algorithms.
·
Use of a public key
that is available to other users that need access to the information.
·
Use of a private
key.
Digital signature is
a specialized use of public Key encryption (PKE). PKE involves two related
keys, one of which only the owner knows, the private key and the other which
anyone can know, the public key. The
advantages this technology has provided are that only one party needs to know
the private key; and that knowledge of the public key by a third party does not
compromise security:
·
A digital signature
is created by processing the message contents
·
Encrypted using the
sender’s private key
·
Recipient can, by
re-creating the message from the receiver
·
Using sender’s key
to decrypt the digital signature
·
Message can only
have been sent by the concern sender
·
The sender is
irrefutably the originator of the message in question (and,cannot credibly deny
that they sent it even if they wanted).
The digital signature
does insure that a message was sent by the intended sender and remained private
and unaltered. Unfortunately, while
this is good way to keep information private, messages can still be deceptive. There are loopholes in the process of
digital signatures if someone has the knowledge and desire to do it. Even though there are loopholes, digital
certificates can be utilized to verify senders. Digital certificates are different than digital signatures
because they can be accessed by a certificate authority center in a business
situation. The certificate is created
containing personal information about a sender that is verifiable, but that is
another topic all together. Point
being, digital signatures are a positive advance in technology in our digital
age. They are transportable, can’t be
imitated, and can also be time-stamped.
·
Digital signatures
will grow ever more a part of business transactions although they have not
replaced real signatures yet.
·
They will be
replaced most likely by facial recognition and fingerprint verification
software.
·
At this day in age,
not everyone uses digital signatures.
They will gain popularity quickly like computers, which have become an
imperative asset to our communication.
·
Digital signatures
are a practical way of signing a document when you cannot do it in person.
Public Key vs. Private Key
http://www.itsecurity.com/tutor/publickeyvs privatekey.htm
What does E-Signatures Mean for You?
http://www.buisnessweek.com/bwdany/dnnasn/jun.html
What
is a Digital Signature?
http://www.youdzone.com/signature.html
Perkins Cole/Digital Signature Resource Center
<www.perkinscole.com/resource/ecomm/digsig/digsig.htm>
EFF
“Privacy-Crypto-Digital Signature, ID and Authentication” Archive
<www.eff.org/pub/Privacy/Digital_signature/>
Privacy Implications
of Digital Signatures
<www.anu.edu.au/people/Roger.Clarke/DV/DigSig>