Digital Signatures

From Nokia Developer Wiki
Jump to: navigation, search
Article Metadata
Created: eswar_illuri (23 May 2007)
Last edited: hamishwillee (30 Jul 2012)

A digital signature is used to verify that a message (or data) actually came from the sender (the one who signed the message) and that it has not been tampered with.

A signature is formed by producing a fixed-length digest (hash) of the message using a hash algorithm, which is then encrypted using the sender's private key. This signature and the message are then sent to the recipient.

The receiver can then verify the signature as follows: a hash is produced of the sender's message (using the hashing algorithm sent with the signature); also, using the sender's public key, their signature is decrypted into a hash. These two hashes are compared: if they are the same, it is more or less certain that the public key used for the decryption corresponds to the private key used to create the signature, thus data integrity is validated.

This page was last modified on 30 July 2012, at 13:41.
44 page views in the last 30 days.