We use cookies to personalize your experience on our websites. By using our website, you agree to the use of cookies as described in our Cookies Policy

Learn about electronic signatures with KeepSolid Sign

Easy, time-saving, and secure eSignature Software

What is a digital signature

Since ESIGN Act (Electronic Signatures in Global and National Commerce Act) was adopted in 2000 and electronic and digital signatures were given legal recognition, businesses have been moving away from paper-based processes at an increasing rate. Though far from complete takeover, e-signatures keep spreading steadily.

What is the difference between an electronic signature and a digital signature?

Digital signatures are, technically, an implementation of electronic signatures. But conventionally the terms are largely different. Simply put, an electronic signature can be, as defined by the ESIGN Act, “an electronic sound, symbol, process attached to or logically associated with a contract or other record” that convey the intent of consent. A digital signature leverages asymmetric cryptography algorithms and involves a trusted third party that issues cryptographic certificates to bind the identity to the content.

Crypto-fact: Asymmetric encryption of large amounts of data is slow and requires high CPU usage. Processing speeds are much slower (about 1,000 times slower) than symmetric key encryption.

How does a digital signature work?

Let’s suppose Alice wants to send Bob a message that is digitally signed so as to ensure its authenticity. Her first step would be generating a pair of encrypting keys: a public and a private one. Then she’d apply a hash function to the message. A hash function shrinks any message to a, so called, message digest of a fixed length. Digitally signing a document usually means encrypting its digest (or a hash) rather than a document itself.

Thus, she encrypts the digest and sends the result along with the message to Bob. Alice makes her public key available to anyone. Having downloaded the encrypted message digest, the original message, and Alice’s public key, Bob wants to authenticate the signature. For that, he, first, computes a cryptographic hash of the message using the same hash function as did Alice to the message and, second, decrypts Alice’s encrypted digest. He compares the two digests he now has. If they match, the document and the signature are authentic.

Suppose a third party, say Mary, tries to tamper with the document and forge the digital signature in the transition. Mary only has Alice’s public key at her disposal and thus can’t legitimately modify the document. If she does anyway, Bob, having compared hashes of both the original message and the modified one, will know the signature is forged.

Issuance of digital certificates that bind a signer’s identity to the content being signed is controlled by Certificate Authorities (CA) that represent a public key infrastructure (PKI).

Related articles

How to add a signature to a PDF

Much like it was with mobile phones revolutionizing the way business was done, a paperless office is an idea with similar potential.

Read more > > >

What is electronic signature software

If something is electronic, it is digital, right? Well, not really, not always.

Read more > > >

Are electronic signatures legal

Albeit revolutionary and convenient, eSignature technology’s novelty still raises certain concerns within users unfamiliar with it.

Read more > > >

As you can see, electronic signatures are just as reliable as usual ones, and are much more convenient than those. So what are you waiting for? Download KeepSolid Sign, get a 14-day free trial, and see how dramatically your paperwork improves!

or try it on other platforms