This article concerns cryptographic signatures. For signatures in digital form, see electronic signature. In cryptography, a digital signature or digital signature scheme is a type of asymmetric cryptography used to simulate the security properties of a signature in digital, rather than written, form. Digital signature schemes normally give two algorithms, one for signing which involves the user's secret or private key, and one for verifying signatures which involves the user's public key. The output of the signature process is called the "digital signature."
Digital signatures, like written signatures, are used to provide authentication of the associated input, usually called a "message." Messages may be anything, from electronic mail to a contract, or even a message sent in a more complicated cryptographic protocol. Digital signatures are used to create public key infrastructure (PKI) schemes in which a user's public key (whether for public-key encryption, digital signatures, or any other purpose) is tied to a user by a digital identity certificate issued by a certificate authority. PKI schemes attempt to unbreakably bind user information (name, address, phone number, etc.) to a public key, so that public keys can be used as a form of identification.
Digital signatures are often used to implement electronic signatures, a broader term that refers to any electronic data that carries the intent of a signature, but not all electronic signatures use digital signatures. In some countries, including the United States, and in the European Union, electronic signatures have legal significance. However, laws concerning electronic signatures do not always make clear their applicability towards cryptographic digital signatures, leaving their legal importance somewhat unspecified.
A more secure alternative is to store the private key on a smart card. Many smart cards are deliberately designed to be tamper resistant (however, quite a few designs have been broken, notably by Ross Anderson and his students). In a typical implementation, the hash calculated from the document is sent to the smart card, whose CPU encrypts the hash using the stored private key of the user and returns it. Typically, a user must activate his smart card by entering a personal identification number or PIN code (thus providing a two-factor authentication). Note that it can be sensibly arranged (but is not always done) that the private key never leaves the smart card. If the smart card is stolen, the thief will still need the PIN code to generate a digital signature. This reduces the security of the scheme to that of the PIN system, but is nevertheless more secure than are many PCs.
Turkey had a recent triumph in digital signatures and become the forerunner of mobile signature, that is, qualified signatures that are created using mobile phones. The leading GSM operator of Turkey, Turkcell, had developed the business model of this service for consumers first in the world.