Digital signature verification is the process of collation the digital signature by reference to the original message and a given public key, in that way determining whether the digital signature was created for that same message using the private key that corresponds to the referenced public key.
Verification of a digital signature is completed by calculating a new hash result of the original message by means of the same hash function used to create the digital signature. Then, using the public key and the new hash result, the verifier checks:
1) whether the digital signature was created using the corresponding private key;
2) whether the newly computed hash result matches the original hash result which was transformed into the digital signature during the signing process.
The verification software will confirm the digital signature as "verified" if:
1) the signer's private key was used to digitally sign the message, which is known to be the case if the signer's public key was used to verify the signature because the signer's public key will verify only a digital signature created with the signer's private key;
2) the message was unchanged, which is known to be the case if the hash result calculated by the verifier is identical to the hash result extracted from the digital signature during the verification process.
2007/11/28
Digital Signature Verification
Labels:
Digital Signatures,
Electronic Signatures
