How to Create and Verify a Digital Signature

    Digital signatures are used to verify that electronic messages and data have come from the proper sender and to irrevocably certify that data was not tampered with or changed during transition from one place to another. The complex algorithms used to create such signatures are extremely complex—so much so that they are more difficult to forge than a person’s actual signature.

    Definite requirements apply to creating a proper digital signature for use, though. The National Institute of Standards and Technology (NIST) created a report that details the specific algorithms that must be used to generate a digital signature. This Digital Signature Standard (DSS) documentation is available in our IT Downloads. The paper explains the reasons for use, applications of, and the implementations for a digital signature.

    According to the document:

    This Standard defines methods for digital signature generation that can be used for protection of binary data (commonly called a message), and for the verification and validation of those digital signatures. Three techniques are approved. (1) The Digital Signature Algorithm (DSA)… (2) The RSA digital signature algorithm… (3) The Elliptic Curve Digital Signature Algorithm (ECDSA).

    This download contains a glossary of terms, acronyms and mathematical symbols that are integral to the DSS.  It details each of the three approved techniques with sections of information for each one. Further sections covered also include:

    • Initial Setup
    • Selection of Parameter Sizes and Hash Functions for the Digital Signature Algorithm
    • Key Pair Generation and Management

    This document contains informative dialogue on the use and creation of digital signatures, but also provides intensely technical information. IT security staff should be well versed in electronic encryption and digital signatures prior to attempting to exercise the techniques discussed in this download.

    Latest Articles