A digital signature is a mathematical technique used to validate the authenticity and integrity of

a digital document, message or software. It's the digital equivalent of a handwritten signature or

stamped seal, but it offers far more inherent security. A digital signature is intended to solve the

problem of tampering and impersonation in digital communications.

Digital signatures are based on public key cryptography, also known as asymmetric
cryptography. Using a public key algorithm -- such as Rivest-Shamir-Adleman, or RSA -- two
keys are generated, creating a mathematically linked pair of keys: one private and one
public.

Digital signatures work through public key cryptography's two mutually authenticating
cryptographic keys. For encryption and decryption, the person who creates the digital
signature uses a private key to encrypt signature-related data. The only way to decrypt that
data is with the signer's public key
 If the recipient can't open the document with the signer's
public key, that indicates there's a problem with the
document or the signature. This is how digital signatures
are authenticated.

Digital certificates, also called public key certificates, are

used to verify that the public key belongs to the issuer.
Digital certificates contain the public key, information
about its owner, expiration dates and the digital signature
of the certificate's issuer. Digital certificates are issued by
trusted third-party certificate authorities (CAs), such as
DocuSign or GlobalSign, for example. The party sending the
document and the person signing it must agree to use a
given CA.

Digital signature technology requires all parties trust that

the person who creates the signature image has kept the
private key secret. If someone else has access to the
private signing key, that party could create fraudulent
digital signatures in the name of the private key holder.
The first part of the DSA algorithm is the public key and private key generation through some steps, which can be told

as:

• Firstly, choose a prime number q, which is called the prime divisor in this.

• Then, choose another primer number p, such that p-1 mod q = 0. p is called the prime modulus in this.

• Then, choose an integer g, such that 1 < g < p, g**q mod p = 1 and g = h**((p–1)/q) mod p. q is also called g's

multiplicative order modulo p in this algorithm.

Then, choose an integer, such that 0 < x < q for this.

• Now, compute y as g**x mod p.

• Thus, Package the public key as {p,q,g,y} is this.

• And, Package the private key as {p,q,g,x} is this.

Then, the second part of the DSA algorithm is the signature generation and signature verification in this algorithm, which can be
told as:
• Firstly, to generate a message signature, the sender can follow these further steps:
• Firstly, generate the message digest h, using a hash algorithm like SHA1.
• Then, generate a random number k, such that 0 < k < q.
• Then, Computer as (g**k mod p) mod q. If r = 0, select a different k.
• And, Compute i, such that k*i mod q = 1. i is called the modular multiplicative inverse of k modulo q in this.
• Then, Compute s = i*(h+r*x) mod q. If s = 0, select a different k.
Thus, Package the digital signature as {r,s}.
• Then, to verify a message signature, the receiver of the message and the digital signature can follow these
further steps as:
• Firstly, Generate the message digest h, using the same hash algorithm.
• Then, Compute w, such that s*w mod q = 1. w is called the modular multiplicative inverse of s modulo q in this.
• Then, Compute u1 = h*w mod q.
• And, Compute u2 = r*w mod q.
• Then, Compute v = (((g**u1)*(y**u2)) mod p) mod q.
Wherever, If v == r, the digital signature is valid.
 Thank you
for your time