Digital Signatures

Question 1

What’s a digital signature

Answer 1

An attachment to any piece of electronic information that represents the identity of the owner of the information uniquely
-> made with algorithms and PKI protocol

Question 2

Why?

Answer 2

Authenticity - identification of the person who signed
Integrity - every change to message will be detected
Non-repudiation - the author can’t be denied credit of their work. The sender can’t deny having sent the message later.

Question 3

Private key

Answer 3

Accessible only to the signer -> used to generate the digital signature

Question 4

Public key

Answer 4

Made available to all who receive the signed document -> used to verify the message

Question 5

Digital certificates

Answer 5

There in case of any disputes between sender and receiver of signed messages.
Helps the receiver prove that the message was sent by the subscriber of the key pair (is this the sender?)

Question 6

where are digital signatures used?

Answer 6

E-mail
EFT
Data storage
Software distribution

Question 7

Disadvantages

Answer 7

Expiry: short shelf life. Hardly used now

Certificates: to be effective both sender and receiver need to buy digital certificates

Software: to use digital certificates certain verification software must be bought.

Question 8

Note

Answer 8

Digital signatures DONT encrypt the message itself