### What is included in a digital signature

Question 1: What is included in a digital signatureDigital signature technology is to encrypt the summary information with the sender’s private key and transmit it to the receiver along with the original text.

Digital signatures include the original text, the public key certificate, and the signature value (i.e., the encrypted hash)

Question 2: What is included in the full information completion of a digital signature? A software code digital signature is a way to electronically mark a file by means of information. At this point, the file will be digitally signed by the creator (publisher). A valid digital signature will contain the following two things about the file:

1) the name of the publisher;

2) that the file has not been altered since it was signed. Any tampering will invalidate the signature.

A digital signature for software code will:

* Allow you to verify the publisher of the file.

*Confirm that the file has not been changed since it was digitally signed.

Any software developer can request a software code signing certificate from a certificate authority (e.g. WoSign, etc.) listed in the “Trusted Root Certificate Authorities” section of Internet Explorer to sign the code.

Question 3: What is included in a digital signature? Digital Signature

The so-called digital signature is a series of symbols and codes generated by some kind of cryptographic operations to form an electronic code for signature, instead of writing a signature or seal, for this electronic signature can also be technically verified, and the accuracy of its verification is the general manual signature and the verification of the seal and can not be compared. Digital signature is currently the most common e-commerce, e-government in the application of the most mature technology, the strongest operability of an electronic signature method. It adopts standardized procedures and scientific methods for identifying the identity of the signer and the recognition of the content of an electronic data. It can also verify the original text of the document in the transmission process with or without change, to ensure the integrity of the transmission of electronic documents, authenticity and non-repudiation.

A digital signature is defined in the ISO 7498-2 standard as some data attached to a data unit, or a cryptographic transformation of a data unit, that allows the recipient of the data unit to confirm the origin and integrity of the data unit and to protect the data against forgery by a person (e.g., the recipient). The U.S. Electronic Signature Standard (DSS, FIPS186-2) explains digital signatures as follows: the result of the calculation of data using a set of rules and a parameter, with which the identity of the signer and the integrity of the data can be confirmed. According to the above definition PKI (PublicKeyInrastructino Public Key Infrastructure) provides can provide data units of cryptographic transformation, and can enable the receiver to determine the source of data and data verification.

PKI’s core executive body is the electronic certification services provider, that is, commonly known as the certification authority CA (CertificateAuthority), the core element of the PKI signature is issued by the CA digital certificate. The PKI services it provides are authentication, data integrity, data confidentiality and non-repudiation. Its practice is to use the certificate public key and the corresponding private key for encryption/decryption, and produce a signature on the digital message and verify the signature. Digital signature is the use of public key cryptography and other cryptographic algorithms to generate a series of symbols and codes to form an electronic code for the signature, to replace the writing of signatures and seals; this electronic signature can also be technically verified, and the accuracy of its verification is in the physical world on the verification of manual signatures and seals is incomparable. This signature method can be authenticated in a large population of trusted PKI domains or cross* authenticated in multiple trusted PKI domains, and it is particularly suitable for secure authentication and transmission over the Internet and wide area networks.

“Digital signature” and ordinary text signature of the biggest difference is that it can use the distinctive personality of the graphic files, you only need to use a scanner or graphic tools will be your personalized signatures, seals and even photographs, etc., made into a BMP file, can be used as a “digital signature” material.

Question 4: What is the definition of digital signature Simply put, the so-called digital signature is attached to the data unit on some of the data, or the data unit of the cryptographic transformation. This data or transformation allows the receiver of the data unit to confirm the source of the data unit and the integrity of the data unit and to protect the data against forgery by a person (e.g., the receiver). It is a method of signing messages in electronic form, and a signed message can be transmitted over a communications network. Based on the public key cryptography system and private key cryptography system can be obtained digital signature, at present is mainly based on the public key cryptography system of digital signatures. Including ordinary digital signatures and special digital signatures. Ordinary digital signature algorithms are RSA, ElGamal, Fiat-Shamir, Guillou-Quisquarter, Schnorr, Ong-Schnorr-Shamir digital signature algorithms, Des/DSA, elliptic curve digital signature algorithms and finite automata digital signature algorithms. Special digital signatures are blind signatures, proxy signatures, group signatures, non-repudiation signatures, fair blind signatures, threshold signatures, signatures with message recovery, etc., which are closely related to the specific application environment. Obviously, the application of digital signature involves legal issues, the U.S. federal *** based on the discrete logarithm problem on a finite field to develop its own digital signature standard (DSS).

DigitalSignature (DigitalSignature) technology is a typical application of asymmetric encryption algorithms. The application process of digital signature is that the sender of the data source uses its own private key to encrypt the data checksum or other variables related to the content of the data to complete the legal “signature” of the data, and the receiver of the data uses the other party’s public key to decrypt the “digital signature”, and decrypt the results. The receiver of the data uses the public key of the other party to decipher the received “digital signature” and use the deciphering result to test the integrity of the data to confirm the legitimacy of the signature. Digital signature technology is an important technology to confirm the identity in the virtual environment of the network system, and it can completely replace the “personal signature” in the real process, which is technically and legally guaranteed. In terms of public and private key management, digital signature application is the opposite of encrypted mail PGP technology. In digital signature applications, the sender’s public key can be easily obtained, but his private key needs to be strictly confidential.

The main functions of digital signatures are: to ensure the integrity of information transmission, authentication of the sender, and to prevent the occurrence of repudiation in transactions.

Digital signature technology is the summary information encrypted with the sender’s private key, together with the original text transmitted to the receiver. The receiver can only decrypt the encrypted summary information with the sent public key, and then the HASH function is used to generate a summary message for the received original text, which is compared with the decrypted summary information. If it is the same, it means that the received information is complete and has not been modified during transmission, otherwise it means that the information has been modified, so the digital signature can verify the integrity of the information.

Question 5: Digital signatures include? Digital signature technique involves encrypting the summarized message with the sender’s private key and transmitting it to the receiver along with the original text.

Digital signatures include the original text, the public key certificate, the signature value (i.e., encrypted hash)

Question 6: What is the role and function of the digital signature function is ① the receiver is able to verify the sender’s signature on the message

② sender can not later deny the signature on the message:

③ no one can forge the signature on the message

④ Guarantee the integrity of the data, preventing the interceptor from adding other information to the file;

⑤ Guarantee the source of the data and information to ensure the identity of the sender;

⑥ Digital signatures have a certain signing speed, which is able to satisfy the needs of all applications.

Question 7: What is the role of digital signatures 5 points digital signatures are used to verify a person’s identity when a recognized CA issued each certificate is unique and with legal support

Question 8: What are digital signatures in software 1. Digital signatures are made with digital certificates

2, Digital certificates are issued by the CA certificate

3, CA certificate authorities have a lot, but only some of the foreign is trusted by the windows operating system

4, at present in the domestic use of more foreign CA certificate authorities have verify, entrust and so on

5, verify in the country there are a number of agents, such as Tianwei honesty, you in Baidu. Such as Tianwei honesty, you can search in Baidu “verify” or “Tianwei honesty” on it!

### Message Digest Algorithm with Key – Data Signature Algorithm

Digital Signature Algorithm can be regarded as a message digest algorithm with a key (public key + private key), that is to say, the Data Signature Algorithm is a combination of asymmetric encryption algorithms and message digest algorithms. The algorithm contains two operations: signing and verifying, and follows the signature/verification method of “private key signing and public key verifying”.

1. Party A constructs a key pair and can publish the public key to Party B. The key pair can be used to sign the message.

2. Party A wants to send data to Party B and needs to attach a signature.

3. Party B verifies the data using the public key and signature.

RSA digital signature algorithm can be divided into two main categories: MD, SHA. The algorithm public key is usually shorter than the private key.

RSA digital signature example:

At the implementation level, you can think of the DSA algorithm implementation is the RSA algorithm implementation of the streamlined version of the DSA algorithm only supports the SHA series of message digest algorithms.

Example of a DSA digital signature:

ECDSA algorithm has the advantages of fast speed, high strength, and short signatures compared to traditional signature algorithms. The algorithm is used for serial number verification of Microsoft operating systems and office software.

Example of ECDSA algorithm:

### The realization of digital signatures

Digital signatures, that is, only the sender of the message can produce others can not be forged a digital string, this digital string at the same time is the sender of the message is also the sender of the message to send information on the authenticity of an effective proof. Digital signature is the application of asymmetric key cryptography and digital digest technology. A digital signature typically defines two complementary operations, one for signing and the other for verifying.

Digital signature algorithms rely on public key cryptography.

In public key cryptography, each user has a pair of keys: a public key and a private key. The public key is freely distributed, but the private key is kept secret; it is impossible to derive the private key from the public key.

An ordinary digital signature algorithm consists of three algorithms:

1. a cryptographic generation algorithm;

2. a tokenization algorithm;

3. a verification algorithm.