Handwritten signatures are used to sign documents as an acknowledgement that the person has read over, understood, and agreed to everything.
Digital signatures work in the same way. A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A person adds their digital signature next to a transaction to prove that they have seen it and approved of it. It is impossible for anyone to forge someone else’s signature.
But, how does this digital signature work? If the signature is digital wouldn’t it simply be able to be copy-pasted, and used elsewhere? Why exactly isn’t it forgable?
Well, this is where key cryptography comes in. Everyone generates a public key/private key. Keys are a string of letters and numbers and they are used to encrypt data. The private key is also referred to as a secret key because it’s something you want to keep to yourself. Just like handwritten signatures, each private key is unique.
However, unlike handwritten signatures the digital signature changes depending on the content of the message. Thus, digital keys are stronger. Producing a digital signature involves a function that depends both on the message and on the private key.
Altering the message slightly will completely change your signature on that message.
The private key ensures that only you can produce that signature, and since the signature also changes depending on the message, no one can just copy one of your signatures and forge it on another message.
This digital signature is completely random, but would always yield the same output in accordance with a specific input.
But, couldn’t someone just reverse engineer the public key to find the private key?
To derive the public key an extremely complicated mathematical algorithm is used, yet, reversing this process is even more complex. Using the world’s most powerful computer, in order to successfully reverse the process, you would need 40000000000000000000000000000000 years (that’s 31 zeroes!) to complete this calculation.
Public key verifies whether the signature is valid or not. It outputs true or false to indicate if the signature was created by the private key associated with the public key. It is impossible to find a valid signature if you don’t know the secret key. Public key cryptography uses a pair of keys to encrypt and decrypt data to protect it against unauthorized access or use. The public key is used to encrypt the message, and to send it to the recipient. When the message arrives, the recipient decrypts it using a private key, to which no one else has access. If you verify a signature against a given message to see if it’s valid, you can be assured that the only way someone could have produced the signature is if they knew the secret key associated with the public key you used for verification.
Here at CryptoChicks, we believe in educating women in blockchain, cryptocurrency and other emerging technologies. To learn more about the key principles and concepts of Blockchain, Public Key Cryptography, and Cryptocurrency, visit our online academy: http://cryptochicksacademy.com/