Digital signature (or public key digital signature) is a type of method for authenticating digital information analogous to ordinary physical signatures on paper, but implemented using techniques from the field of public key cryptography. A digital signature method generally defines two complementary algorithms, one for signing and the other for verification, and the output of the signing process is also called a digital signature.
Digital signature has also been used as a broader term encompassing both public key digital signature techniques and Message authentication codes.
Digital signatures differ in some respects from their physical counterparts. The term electronic signature, although sometimes used for the same thing, has a distinct meaning in common law: it refers to any of several, not necessarily cryptographic, mechanisms for identifying the originator of an electronic message. Electronic signatures have included cable and Telex addresses, as well as FAX transmission of handwritten signatures on a paper document.
Public key cryptosystems allow anybody to send a message using the public key. A signature allows the recipient of a message to be confident that the sender is indeed who s/he claims to be. Of course the recipient cannot be 100% sure that the sender is indeed who s/he claims to be – only confident – since the cryptosystem may have been broken.
The importance of authenticity is especially obvious in a financial context. For example, suppose a bank sends instructions from its branch offices to the central office in the form (a,b) where a is the account number and b is the amount to be credited to the account. A devious customer may deposit Â£100, observe the resulting transmission and repeatedly restransmit