digital signature definition by American Heritage Dictionary
digital signature - Computer Definition
A security mechanism issued by a certificate authority (CA) and appended to a digital certificate in order to allow a receiver to verify that a message has not been altered since its creation by a sender. See also CA and digital certificate.
Representing a written signature found on paper, a digital signature is actually a digitalized code that can be included with a digital message to identify a sender. A digital signature must somehow guarantee that the person sending the digital message is really who he or she claims to be. Used in many electronic business transactions today, digital signatures must be not forgeable. Therefore, a number of encryption techniques are utilized to guarantee a high level of security with digital signatures. In the year 2000, a law was passed in the United States making it legitimate for legal documents to be signed using digital signatures.
See Also: Encryption or Encipher.
American Bar Association. Digital Signatures Guideline Tutorial. [Online, May 20, 2005.] American Bar Association Website. http://www.abanet.org/scitech/ec/isc/dsg-tutorial.html; Graham, R. Hacking Lexicon. [Online, 2001.] Robert Graham Website. http:// www.linuxsecurity.com/resource_files/documentation/hacking-dict.html.
A digital guarantee that information has not been modified, as if it were protected by a tamper-proof seal that is broken if the content were altered. The two major applications of digital signatures are for setting up a secure connection to a Web site and verifying the integrity of files transmitted (more below). An Encrypted Digest The digital signature is an encrypted digest of the file (message, document, driver, program) being signed. The digest is computed from the contents of the file by a one-way hash function, such as MD5 and SHA-1, and then encrypted with the private part of a public/private key pair (see RSA). To prove that the file was not tampered with, the recipient uses the public key to decrypt the signature back into the original digest, recomputes a new digest from the transmitted file and compares the two to see if they match. If they do, the file has not been altered in transit by an attacker. See MD5.