The private testing has started!

Library What is a digital signature

Verifying the digital signature on a message's body ensures that the author sent the message and that it was not tampered with or changed.

Liverado uses multiple methods to protect your privacy and security. One way to protect data from being read by outsiders is encryption. However, only encryption does not guarantee the authenticity of the data. To this end, Liverado uses a technology called digital signatures.

A digital signature is like a physical signature on a specific piece of data, such as a contact or a message's body. Successfully verifying the digital signature on the message's body ensures that the author sent the message not tampered with or changed. As far as your contacts are concerned, they are signed with your private key, and verification of the contact's digital signature ensures that no one but you has modified the contact.

Signing

Signing the data involves a couple of steps:

First, the hash function is used to generate a unique string ("hash") from the data.

Some essential characteristics of hash functions are that each input data will have a different output. It is impossible to recover the original data from this output (these functions are "one-way").

The next step is to sign the hash. The signature of this hash is calculated using a signature algorithm (such as RSA or DSA) together with the signer's private key.

Verification

To verify the signature, the verifier needs three things:

  • The signature itself

  • The data signed by the signature

  • The public key belonging to the content author

For OpenPGP, the decrypted content is signed, so the signature can only be verified if the decryption is successful.

The next step is to generate a hash of the data using the hash function selected by the signature type.

Then, the verification algorithm will verify the signature in a method that depends on the algorithm.

After this step, the algorithm completes the verification by ensuring that the received data's hash value is equal to the hash value contained in the digital signature.

Learn more

Ready to join Liverado? Start your free 14-day trial today.