# Explanation of Digital Signature and Public/Private Key

• February 2, 2020
• 1521 Views
• 26 0

# Explanation of digital signature

## Digital Certificate?

Here is the explanation.

We will explain everything here but
First let’s understand Cryptography, if the same key is used to encrypt the data and to decrypt as well, then it is called symmetric encryption and key is called symmetric key. For e.g… Our normal home locking keys… But if one key is used to encrypt the data and another key to decrypt that data…or Vice-Versa.. Then it is called Asymmetric Encryption and keys are called Asymmetric keys
[i.e. private and public keys] ….

Suppose key 1 is used to encrypt the data, then key 2 will be used to decrypt that data. But key 2 can also be used to encrypt the data where key 1 will decrypt that data. Meaning data encrypted by key 1 can ONLY be decrypted by key 2 and data encrypted by key 2 can ONLY be decrypted by key 1, provided that key 1 and key 2 are the pair of asymmetric keys.

Let us give further explanation.

So, let’s suppose I want a secure communication with my friend. So, for that what i would do is…. I will encrypt the message using key 1 and send it to him/her, so what s/he will do is, s/he will use key 2 for decrypting that message. So, here in this example: key 1 is my private key and key 2 is my public key.

Again if my friend wants to send me a message. Then what s/he will do is s/he will use key2 for encrypting the message and will send it to me. And after receiving, I will decrypt it using key 1. So, in this case key 2 is my friend’s private key and key 1 will be my friend’s public key. Though it depends on the condition and frame of reference.

IN GENERAL, you can understand private key as a key used to encrypt the data while the public key as a key used to decrypt the data. IN GENERAL OKAY.
Till now you understood about symmetric and asymmetric Cryptography.

Now let’s understand the digital signature and digital certificate. But at first we need to know its necessity… Why do we need it….. We need it mainly for digital verification i.e. to verify whether a message is really from an authenticated source or not.

Like in many cases the message might have be modified or altered by the hackers using man in the middle attack. So, concept of digital signature helps to verify the original sender of the message or the original issuer of any document.

But let me clear one misconception at first. Digital certificate is NOT the scanned picture of any documents which many people might think. So, digital certificate is the electronic document used to prove the ownership of the public key.

Let’s understand the explanation by an example. Suppose I completed my B.E. and TU [my University] gave my Mark sheet in the form of digital certificate. So, what TU will do for that is. It will convert all of my details like name, symbol no, marks etc.

In fact it will convert the whole data of my Mark sheet into the hash code. AND UNDERSTAND ONE THING HASH IS A NON REVERSIBLE FUNCTION SO, ANY DATA PASSED THROUGH THE HASH FUNCTION CANNOT BE DECRYPTED. IT IS A ONE WAY FUNCTION.

Now i was in the hash code, right??
So, after converting the whole data of my Mark sheet into the hash code. NEXT STEP WHAT TU WILL IS…. IT WILL ENCRYPT THAT HASH CODE USING ITS PRIVATE KEY. SO, THIS PROCESS OF ENCRYPTING THE HASH CODE OF ANY CERTIFICATE DATA OR ANY IMP DATA, USING A PRIVATE KEY BY THE ORGANISATION IS CALLED DIGITAL SIGNATURE OR TO SIGN ANY CERTIFICATE DIGITALLY.

Now TU will give me the DIGITAL CERTIFICATE of my Mark sheet which will contain three things… [it will contain other details too but they are just additional, main are these 3 things]

[1] Unencrypted plain data as it is in my Mark sheet.

[2] Hash code of data in the Mark sheet along with the name of hash function used like md 5, SHA  Etc.

[3] Encrypted data of that Hash code which was encrypted using issuer’s private key.

Now suppose i applied for the job in Any Telecom company. And i will show my digital certificate. So, to verify it.What they will do is they will pass the details of no. 1 above through the mentioned hash function, and they will check, if it matches no. 2 above or not. If it matches then remember TU will keep its private key as a secret but its public key will be known to everyone.

So, in second step of verification telecom company will use no. 3 code of my digital certificate and they will decrypt it using public key of TU. After doing this decryption they will check if output of this decryption matches to no. 2 code or not. If it matches, then it is verified that it was really issued by TU and was not modified by anybody else..

Now understand, what happens if i modify any of these above 3 things in my digital certificate…. Suppose i can increase my marks [no.1 modified ].
I can also change the hash code as per the increased marks [no. 2 modified] Now to modify detail of no. 3, i need the private key of TU…. WHICH I DON’T HAVE…. ONLY TU WILL HAVE ITS PRIVATE KEY AS A SECRET. So, i cannot modify no. 3. I mean I can modify it but i would not know what to write there…. I wouldn’t know what would be the output after encrypting my modified hash code with private key of TU because I don’t have the private key.

So, this is how Cryptography works today. And this is how digital signature works. We hope the above explanation gave you some ideas.
Even if u have any confusion in this topic then feel free ask us in the comment below..