You use a handwritten signature to verify that you're the author or maker of a letter, check, or other paper document. You can use a digital signature to verify that you created or sent an electronic document.
Digital signatures are based on public key cryptography, also called asymmetric cryptography because it uses two keys. The pair of keys is generated by a mathematical algorithm; they're mathematically related, but the private key can't be discovered by reverse engineering the public key. You distribute the public key freely to anyone who wants it, and keep the private key secret.
When you encrypt (or "sign") a document or communication with your private key, only the public key associated with that particular private key can decrypt it. Thus, the recipient knows that if your public key decrypts it, it was you (with your private key) who encrypted it, not anyone else. This authenticates your identity as the signer of the document.
Public/private key pairs are based on digital certificates issued by certification authorities. You can get a personal email certificate to digitally sign and encrypt your email messages free from the Thawte public certification authority at www.thawte.com/email.
Related articles: private key,
public key,
security,
signature
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.