What Are Digital Signatures?
Enabled by proven public key infrastructure (PKI) technology, digital signatures are widely recognized as a best practice for providing digital verification of electronic transactions.
Digital signatures provide “non-repudiation" — the ability to identify the author and whether the document has been changed since it was digitally signed.
This functionality is particularly useful for workflow processes where one or multiple approvals are required, such as supply-chain management or financial management of forms like expense reports. Digital signatures provide confidence to customers, citizens and consumers that the material actually came from the originating organization.
Depending on organization requirements, Computech can help you with a variety of solutions for the implementation of digital signatures. Computech also offers secure e-statement delivery via the Intelligence product portfolio.
We are all familiar with paper signatures – a hand-written signature on a paper document. Aside from legal and contractual issues, the primary properties of a paper signature are:
● it is intended to be associated with a particular individual.
● it generally shows a commitment related to a particular document, with the exact meaning depending on context.
Though far from perfect, paper signatures serve surprisingly well in many parts of the world as the basis for business and legal transactions. Societies have learned to use paper signatures in circumstances in which a physical marking on a paper document, augmented by sufficient controls and context, provides sufficient recallable evidence of a commitment related to that document by the marking party. The evidence is important in order to reconstruct circumstances, in the rare case of later disputes.
How Do Digital Signatures Work?
A digital signature is the term used for marking or signing an electronic document, by a process meant to be analogous to paper signatures, but which makes use of a technology known as public-key cryptography. Additional security properties are required of signatures in the electronic world. This is because the probability of disputes rises dramatically for electronic transactions without face-to-face meetings, and in the presence of potentially undetectable modifications to electronic documents. Digital signatures address both of these concerns and offer far more inherent security than paper signatures. Compared to all other forms of signatures, digital signatures are by far the most easily verified and the most reliable with respect to providing document integrity.
A digital signature can be thought of as a numerical value, represented as a sequence of characters, and computed using a mathematical formula. The formula depends on two inputs: the sequence of characters representing the electronic data to be signed, and a secret number referred to as a signature private key, associated with the signing party and which only that party has access to. (A matching public key, which can be published for everyone to see like a phone number in a phone directory, allows signature verification.) The resulting computed value, representing the digital signature, is then attached to the electronic data just as a paper signature becomes part of a paper document.
This has two critical results:
1. The digital signature can be uniquely associated with the exact document signed, because the first input is the precise sequence of characters representing that data.
2. The signature can be uniquely associated with the signing individual, because the second input is the private key that only that individual controls.
Verifying the authenticity of a digital signature also relies on a formula. Here the formula depends on three inputs: the sequence of characters representing the supposedly originally signed electronic data, the public key of the signing party, and the value representing the supposedly authentic digital signature. The formula produces as output a simple answer: yes or no. ‘Yes’ signifies that the digital signature is indeed an authentic digital signature on the presented electronic data and associated with the party linked to the public key used.
How is a Digital Signature Created?
1. Capturing the entire context of the electronic transaction or document, and precisely what the signer is committing to.
2. Ensuring that the data displayed to the user accurately reflects the data to be digitally signed.
3. Requiring the user to signal an understanding of the commitment being made, and a desire to be bound to this.
4. Authenticating the user in order that the user’s private key becomes available to the signing device.
5. Computing the signature based on the signer’s private key and the data being signed.
6. A timestamp server optionally appending a time-date field to the data and signer’s signature and then signing; and
7. Forwarding the signed transaction for processing, storage, or subsequent verification.
Get A Quote
Make A
Free Consultant
Latest Articles
See our latest
blog posts
In addition, Finance teams are under pressure to move faster, work with larger data sets, and produce
In addition, Microsoft has officially made Copilot Cowork generally available, and that matters for Microsoft 365 security
In addition, Microsoft 365 security is becoming essential as small businesses look for faster, safer ways to
In addition, Microsoft is continuing to refine how users interact with Microsoft 365 Copilot, and this new
In addition, Microsoft 365 security is becoming more important as AI moves from simple chat into real
In addition, Microsoft 365 Security is part of what makes Microsoft 365 Copilot useful for modern organizations.
In addition, this guide explains Microsoft 365 Security with practical details and clear takeaways. AI is changing
In addition, Microsoft Defender email security benchmarking shows how one year of real-world data can reveal gaps,
In addition, this guide explains Microsoft 365 Security with practical details and clear takeaways. Microsoft has officially
In addition, Microsoft 365 security is becoming more important as small businesses adopt AI in everyday work.