Cryptographic Signature

In commercial practice, the validity of a contract is guaranteed by handwritten signatures. The essence of a signature is that only one person can produce it, but anybody can recognize. In a digital replacement, a user should be able to produce a message whose authenticity can be checked by anyone, by cannot be produced by anyone else.

A cryptographic signature of a message is code dependent on a secret is known only to the signer and on the content of the message being signed. A verifier can check the validity of the signature without revealing the secret.

Asymmetric encryption from public key cryptography provides a solution to the signature problem. Since in symmetric encryption, the two ends have the same key, so both the sender and receiver could have produced the encrypted message.

Encrypting a message only to prove authenticity is inefficient, a one-way hash function can map arbitrarily large data into smaller ones.

Digital signatures are a basic requirement for trust over the internet.