RSA digital signature scheme
RSA idea is also used for signing and verifying a message it is called RSA digital signature scheme.
Digital signature scheme changes the role of the private and public keys
Private and public keys of only the sender are used not the receiver
Sender uses her own private key to sign the document and the receiver uses the sender’s public key to verify it.
The signing and verifying sets use the same function, but with different parameters. The verifier compares the message and the output of the function for congruence. If the result is two true the message is accepted.
Key generation in RSA
Key generation in RSA digital signature scheme is exactly the same as key generation in RSA cryptosystem.
Working of RSA digital signature scheme:
Sender A wants to send a message M to the receiver B along with the digital signature S calculated over the message M
Step1: The sender A uses the message digest algorithm to calculate the message digest MD1 over the original message M
Step 2: The sender A now encrypts the message digest with her private key. The output of this process is called the digital signature.
Step 3: Now the sender A sends the original message M along with digital signature DS to receiver B
Step 4: After the receiver B receives the original message M and the sender A’s digital signature, B uses the same message digest algorithm which was used by A and calculate its own message digest MD2 as shown below.
Step 5: The receiver B now uses the sender’s A’s public key to decrypt the digital signature. Note that A had used his private key to decrypt the message digest MD1 to form the digital signature. Therefore only A’s public key can be used to decrypt it. The output of this process is the original message digest which was calculated by A (MD1) in step 1.
Step 6: B now compare the following two message digests.
MD2, which it had calculated in step 4
MD1, which is retrieved from A’s digital signature in step 5
If MD1 = MD2 the following facts are established:
a. B accepts the original message (M) as the correct, unaltered message from A
b. B is also assured that the message came from A and not from someone else attached, posing as A
Thus, the principle of digital signature is quite strong, secure and reliable.