The term “digital signature” doesn’t refer to a service like DocuSign that allows someone to sign a contract or other document on a computer. A digital signature is a cryptographic construct that is designed to authenticate the identity of the signer and protect the integrity of the signed data.

### How Do Digital Signatures Work?

The term “digital signature” refers to a concept more than a specific algorithm. A digital signature algorithm is made up of the combination of a hash function and an asymmetric encryption algorithm. Many such algorithms exist and can be used in varying combinations. However, the different implementations operate similarly and work because of the properties of the underlying cryptographic algorithms.

### Hash Functions for Digital Signatures

The first step in generating a digital signature is calculating the hash of the message to be signed. Hash functions are used in digital signature algorithms because they are one-way, collision-resistant functions that produce a fixed-size output.

The fact that hash functions are one-way and collision-resistant is important because the integrity of a digital signature depends on it being infeasible to find two messages that hash to the same value (a “collision”). Modern hash functions are designed to make this virtually impossible, making them “collision resistant”. If a hash function collision is found for a digital signature algorithm, it may be possible to generate a fake digital signature using it.

The fact that hash functions produce a fixed-size output is mainly useful for convenience. It means that messages of any size can be reduced down to a small amount of data. For example, the SHA-256 hash function produces a 256-bit output. This makes digital signatures efficient, while hash functions’ collision resistance protects their security.

### Asymmetric Cryptography and Digital Signatures

Encryption algorithms can be divided into two categories. Symmetric encryption algorithms use the same secret key for encryption and decryption, while asymmetric cryptography uses a public and a private key.

The public and private keys are related. The public key is derived from the private key to be its inverse for a particular operation (like 5 and -5 are for addition). An algorithm built using this operation can use the private key to do something and the public key to undo it or vice versa.

For encryption, this means that a public key can be used to convert a plaintext message to a ciphertext, and the related private key - known only to its owner - can reverse this encryption to transform the ciphertext to the original plaintext.

Digital signature algorithms use this same relationship in reverse. They take the hash of a message and “encrypt” it with the user’s private key, producing a digital signature value.

At the other end, the original hash value can be extracted by using the corresponding public key to undo this operation. The verifier can then calculate the hash of the associated message for themselves and compare the two hashes. If they match, then the digital signature is valid. If not, the message either does not come from the alleged sender or has been modified in transit.

### Common Uses for Digital Signatures

Digital signatures are valuable because they provide authentication, integrity protection, and non-repudiation. Some of the most common uses for digital signatures in everyday life include:

● **Authenticated Emails**: In some organizations, emails will come with a digital signature. This verifies that the email originated from the alleged sender’s email account and has not been tampered with in transit.

● **Code Signing**: Software and software updates are commonly secured using digital signatures which computers verify before running. This is why you need to explicitly allow third-party applications on Windows and all iOS apps must be approved by Apple.

● **Website Certificates**: The difference between HTTP and HTTPS for websites is the use of certificates that prove that the website is legitimate. This verification is based upon certificate chains where each link in the chain is a digital certificate containing a public key. Each of these certificates is digitally signed using the public key of the certificate above up to a root certificate authority (CA) trusted by your computer.

These are only some examples of how digital signatures can be and are used today. The concept of public key infrastructure (PKI) and certificate chains (like those used for websites) is useful for any situation where trust needs to flow and be delegated from a centralized authority.

### The Security of Digital Signatures

Used together, hash functions and asymmetric cryptography can create verifiable, unforgeable digital signatures. The security of digital signatures rests on three assumptions:

● **Hash Function Collision Resistance**: Two messages with the same hash value have the same digital signature, making it possible to substitute a fake message for a real, signed one.

● **Security of Asymmetric Cryptography**: If asymmetric cryptography is broken, an attacker could generate a fake signature for a message.

● **Secrecy of Private Keys**: Anyone with access to a user’s private key can generate a valid digital signature on their behalf.

These three assumptions are organized from strongest to weakest. Digital signature security is most commonly broken by compromised private keys. These compromises could occur if keys are stored insecurely on a device or if they are based upon an easily-guessable password.

After that, asymmetric cryptography is the next biggest weakness since these algorithms are more fragile than their symmetric counterparts, and face the future looming threat of attack via quantum computing. Hash functions, on the other hand, require no keys and are secure against quantum computing, making them the strongest part of the equation.

### Using Secure Digital Signatures with Ciphr

Ciphr Text and Ciphr Mail are well-protected against all of these potential attack vectors.

Ciphr’s private signing keys are randomly generated, internally encrypted by the device unlock system and never leave the device. This makes it very difficult for an unauthorized user to gain access to or use them.

Digital signature algorithms in Ciphr Text and Ciphr Mail use the ed448 and NTRU algorithms. Of these algorithms, ed448 (which uses the SHAKE256 algorithm internally) and NTRU are secure with no known vulnerabilities.

Ciphr is committed to the security of its products and actively works to stay abreast of the state of the art in cryptography. This includes working to transition to more secure algorithms when available and to integrate post-quantum cryptographic algorithms into its products well in advance of when quantum computing threatens cryptographic security.