How Digital Signature Work And Use In Blockchain
The likelihood of a dispute over the exchanged message in crucial business applications is very high. Therefore, the receiver needs assurance that the message came intact from the intended sender and s/he should not be able to repudiate the origination of that message.
It is common practice in real-world to use handwritten signatures on a paper to bind an agreement since pen-and-paper signatures are hard to tamper. For example, say Bob buys a Car for $10,000 and writes a cheque as payment. The signature guarantees that only Bob could have signed the cheque. Therefore, Bob’s bank must pay the cheque.
Similarly, a digital signature is a cryptographic technique that binds a person to the digital data. i.e. provide verification that message was created by a known person and the message was intact and not altered in transit.
In financial transactions, software license distribution, etc digital signatures are used to implement electronic signatures. NOTE: Not all electronic signatures use digital signatures.
Electronic signatures have legal significance in countries like the United States Of America, Algeria, Turkey, India, Brazil, Indonesia, Mexico, Saudi Arabia, Uruguay, Switzerland and the countries of the European Union.
The following process illustrates how a digital signature works:
Generate the hash of the data
Produce digital signature
Send to recipient
The receiver checks the hash value generated by the sender
Regenerate hash value from the data and match with hash sent by the sender
You can try experimenting with digital signature here: https://www.signinghub.com
Advantages of Digital Signatures
Digital signatures are the most secure cryptography method for achieving information security. The receiver confirms message authentication by validating the digital signature with the public key of the sender. Also can be sure that s/he is communicating with whom they intend to.
Also, in case an attacker has access to the data and modifies it, the hash of modified data and the output provided by the verification algorithm will not match. Hence, the receiver can safely deny the message assuming that data integrity has been breached.
Apart from providing message authentication and data integrity, digital signatures also provide non-repudiation of message. Since it is assumed that only the signer (sender) has the knowledge of the signature key, thus the receiver can present the data and digital signature to a third party as evidence if any dispute arises in the future.
How it relates to Blockchain:
- Consensus algorithm. In pBFT consensus, the leader uses the digital signature to collect votes from the nodes to confirm the new block.
- Digital signatures as a legal binding. Signers use their private key to sign the digital legal contract. Thus the parties involved can present digital signature as evidence.
- Multisignature used in exchange wallets. A digital signature scheme with the requirement of more than one signee to approve a transaction. A joint signature means that no single person could access the wallet without the awareness of at least one other person.