Problem solve Get help with specific problems with your technologies, process and projects.

Which private keys and public keys can create a digital signature?

Identity management and access control expert Joel Dubin explains how a digital signature can help manage electronic documents.

I want to use public key X.509 certificates for digital signatures, and then have each verified with the user's...

private key. Can I use a sender's private key and receiver's public key for the digital signature?

First, let's review what a digital signature is and how it works. A digital signature is the virtual equivalent of a written signature. The purpose of a digital signature, like its physical counterpart, is to verify the authenticity of a document; it verifies that the sender is who he or she claims to be.

Supposedly, everyone's handwritten signature is unique; so when someone signs a paper document, the signature verifies the signer. But how do you "sign" an electronic document? That's where a digital signature comes in.

Digital signatures use asymmetric or public key encryptions to create their signatures. A public key encryption involves a key pair: one public and one private. The two keys are mathematically related but can't be generated from each other. The public key, as the name implies, is openly available to anyone who wants it. It can be posted to a public key server, as in a public key infrastructure (PKI) system. The private key, on the other hand, is kept on its owner's system, never to be transmitted publicly.

The sender of an electronic document uses their private key to encrypt that document; this is the digital signature. The receiver then decrypts the signature with the public key to verify that it matches the attachment. Private keys are specifically assigned and unique to each user, providing verified authenticity to the sender's message.

Public key encryption is quite slow. In practice, instead of encrypting the entire message to create the signature, messages are hashed and then encrypted with the private key. Since hashes are the same size regardless of the length of the original message, performance isn't affected.

There is one problem though -- verifying the public key. The X.509 certificates you describe are part of a PKI system that issues digital certificates to confirm public keys. Digital certificates are issued by trusted third parties called certificate authorities (CA), such as Verisign, which verifiy an applicant's identity before issuing a digital certificate.

Only the sender's private key can be used for creating the digital signature. The corresponding public key -- verified with the certificate -- is used to confirm the digital signature. The recipient can only use his or her key if he or she is encrypting the message. Affirming the message is done solely with the sender's public key.

For more information:

This was last published in April 2007

Dig Deeper on PKI and digital certificates

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

How client (say browser) verifies that the certificate it received from server is indeed issued by CA? What information it uses it to verify it? Do browser have any information in it that verifies it?