Sie sind auf Seite 1von 10



Why do we need Digital Signature ???

A MAC can provide message integrity and message authentication. MAC has a drawback. It needs a symmetric key that must be establish between the sender and the receiver.

A digital signature on the other hand, can use a pair of asymmetric key (one public and a private key).

What is Digital signature ???

A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and was not altered in transit. Digital signatures are commonly used for software distribution, financial transactions, and in cases where it is important to detect forgery and tampering .

Various methods of employing Digital Signature:

Using asymmetric key Cipher. Using Keyed Hash function.

Public key Cryptography

Public-key cryptography involves the use of asymmetric key algorithms. Asymmetric key algorithms used to create a mathematically related key pair. A secret Private key and a published Public key. Protects the confidentiality and integrity of a message. The message is Encrypted using the Public key, which can only be Decrypted using the Private key.

Digital Signature using Keyed Hash Function:

The electronics/equivalent of the document and finger print pair is the message and digest pair. To preserve the integrity of a message. The message is passed through an algorithm, called hash function. The hashed function creates a compressed image of the message that can be used as a fingerprint. For compatibility. For integrity. For efficiency.

Cryptographic protocol

Cryptographic protocol or Encryption protocol is an abstract or concrete protocol performing a securityrelated function and applies cryptographic methods. A cryptographic protocol usually incorporates at least some of these aspects: Key agreement or establishment. Entity authentication. Symmetric encryption and message authentication material construction. Secured application-level data transport. Non-repudiation methods.

Uses of digital signatures

1. Authentication. 2. Integrity . Additional security precautions:1. Putting the private key on a smart card. 2. Using smart card readers with a separate keyboard. 3. Other smart card designs. 4. Using digital signatures only with trusted applications.


Digital encryption of data is useful during storage and retrieval of medical history of patients involved in e-Health programs. The growth of e-commerce and the recent enactment of the Electronic Signatures in Global and National Commerce Act (E-Sign Act) has opened a new frontier. With this constant development key management is becoming an issue. Advancements in HotJava and JavaPlugin based technologies will maintain fluidity and flexibility in key management.