Digital Signatures – CompTIA Security+ Lesson 22

last time I talked about cyptographic systems. Lets finish the topic with the last subject. Digital signatures. What are thoooose?

We’re all familiar with signatures on documents. Digital signature work similar.

If you sign a contract you’re telling, that you aknowledge and aggree to it. The other party knows that because of your signature and can prove it legally. In a letter, you sign the letter so the receiver knows, that you wrote it.

With digital signatures, when a message is encrypted the signature is added to the message, so a receiver knows it’s from you.

Let’s say a sender uses a private key to create a digital signature. The message is now signed with the private key. The receiver uses the public key attached to the message to validate the digital signature and decrypt the message.

There are also other kind of signatures.

I think a checksum provided by software providers (mostyl open source) would count as a signature.

Another digital signature would be the message digest, which is similar to the checksum. They’re mostly MD5 hashes with which you can compare your downloaded file with. Just generate a message digest/ checksum from your download and compare it to the one from the provider. More information.


That’s all folks. I’m kinda running out of time since I started working again. I hope I can still catch up with my schedule 😆