Make a digital signature!

Pawel Gielmuda
2 min readNov 22, 2022

--

How can we be sure that a digitally signed document is indeed from the right person? To understand that let’s see how it works.

So to make a digital signature you need:
- asymmetric key pair — two keys, 1st secret which can only encrypt, 2nd public which can only decrypt
- certification authority where you could check if a given public key is from the sender,
- hashing function which can make from big documents a relatively small but unique identifier called digest or hash.

To sign the document you need to:
1. make a digest with a hash function for it
2. encrypt only generated digest with private key and make the signature
3. send the document with the signature and your public key

The receiver to verify the signature can:
1. generate the digest separately
2. decrypt the signature
3. compare generated digest with decrypted one — if they are matching then the signature is confirmed.

Why we can be sure of the signature:
1. unique digest ensures the integrity of the document- if someone changes the document in the middle the digest will not be the same,
2. asymmetric key pair is given by the certification authority so only the right person can have the private key and the public key could be confirmed there too,
3. and last but not least, encrypting process could be done only by the private key owner — if it would be different the decrypted digest would not match the generated one.
And that’s the whole story! Any questions or doubts?

--

--