Digital Signature Standard

DSA is a pair of large numbers that are computed according to the specified algorithm within parameters that enable the authentication of the signatory, and as a consequence, the integrity of the data attached. Digital signatures are generated through DSA, as well as verified. Signatures are generated in conjunction with the use of a private key; verification takes place in reference to a corresponding public key. Each signatory has their own paired public (assumed to be known to the general public) and private (known only to the user) keys. Because a signature can only be generated by an authorized person using their private key, the corresponding public key can be used by anyone to verify the signature.

A data summary of the information (called a message digest) is created through the use of a hash function (called the Secure Hash Standard, or SHS, and specified in FIPS 180). The data summary is used in conjuntion with the DSA algorithm to create the digital signature that is sent with the message. Signature verification involves the use of the same hash function.

Learn more about PKI and Digital Certificates

	Identity and Access Management Services, Systems and Technologies: This Security School explores critical topics related to helping security practitioners establish and maintain an effective identity and access management plan.
Can any firm or organization get a digital signature certificate?: Can any firm or organization obtain a digital signature? How is a digital signature obtained?
Securing VoIP Networks: Threats, Vulnerabilities and Countermeasures: In an excerpt from Securing VoIP Networks: Threats, Vulnerabilities and Countermeasures, authors Peter Thermos and Ari Takanen discuss the strengths and weaknesses of SRTP.
Secure user authentication: Regulations, implementation and methods: Learn about the FFIEC's mandate, how to choose the right authentication option for diverse user communities and how to implement an authentication strategy.
XML Security Learning Guide: Securing XML is an essential element in keeping Web services secure. This SearchSecurity.com Learning Guide is a compilation of resources that review different types of XML security standards and ...
Spy vs. Spy: Excerpt from Chapter 6 of Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day.
Best practices in Internet security: The Access Certificates for Electronic Services Program: The Access Certificates for Electronic Services Program (ACES) brings multiple PKI service providers together into an interoperable public key infrastructure (PKI) for use by government entitites and ...

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

More resources from around the web: - NIST provides a FIPS document, "Announcing the Standard for Digital Signature Standard (DSS)."

FILE EXTENSION AND FILE FORMAT LIST File Extension and File Format List: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

RELATED CONTENT How to encrypt passwords using network security certificates Learn the most secure way to transfer passwords to applications using network security, identity management, and application security certificates. Best Authentication Products Readers vote on the best digital identity verification products, services, and management systems, including PKI, hardware and software tokens, smart... DoD urges less network anonymity, more PKI use At Black Hat USA 2009, DoD CISO Robert Lentz says more technology is needed to protect both private and government networks from cybercriminals.

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary authentication server  (SearchSecurity.com) An authentication server is an application that facilitates authentication of an entity that attempts to access a network...(Continued) Certificate Revocation List  (SearchSecurity.com)