- Purpose:
- Integrity: Ensures that the document has not been modified after being signed.
- Authentication: Allows the recipient to verify the identity of the sender.
- Process:
- Hashing: The document is first hashed using a one-way hash function such as SHA1, MD5, or HMAC.
- Encryption: The hash (also known as the message digest) is then encrypted with the sender’s private key.
- Sending: Both the plaintext document and the encrypted hash are sent to the recipient.
- Algorithms:
- Hash Functions: SHA1 (512-bit blocks), MD5 (128-bit digest), HMAC (uses a key).
- Encryption Algorithms: DSA, RSA, ECDSA.
- Correct Usage:
- Step 1: Hash the document using a one-way hash function.
- Step 2: Encrypt the resulting hash with the sender’s private key.
- Step 3: Send both the plaintext document and the encrypted hash (digital signature) to the recipient.
This method ensures that the document’s integrity is preserved, the identity of the signer is verified, and any unauthorized modifications can be detected.