Figure 1.5 : Digital Signature

Working of digital signatures

Handwritten signatures are unique to each signer, and so are digital

signatures. The protocol followed by digital signature solution provider

DocuSign is PK I, which requires the provider to use an algorithm to

generate two long numbers, called keys; one is public and the other is

private.

The signature is created using the signer’s private key. The key is always

kept securely by the signer when he/ she electronically sign a document. A

cipher creates data matching the signed document called a hash and

encrypts that data using an algorithm. The digital signature is the result of

encrypted data. The time that the document was signed is also marked with

the signature. Any changes after signing the document make the digital

signature invalidated.

The integrity of the signature needs to be protected and often requires the

services of a certificate authority (CA). As per the requirement of PK I, the

keys should be created, conducted, and saved in a secure manner.

The PK I requirement for safe digital signing is met by DocuSign, the digital

signature provider.

Creating a digital signature

A signing software creates a one-way hash of the electronic data to be

signed and is required to create a digital signature. The private key is used