Digitalsignature (DSig) is an asymmetric encryption method using two cryptographic keys with mutual authentication: a private key for encrypting the signature-related data, and a public key used by the recipient todecrypt the message. Only the public key from the sender can decrypt the message.
The digital signature is a mathematical procedure that can be used to confirm the authenticity and indenity of an electronic document. It can be a digital document, transaction or software, where the digital signature is attached to the document as encrypted information. The document is thus secured in such a way that changes to the content are immediately detected. Another requirement with regard to the digital signature is that the signatory must be clearly recognized and identifiable.
The digital signature procedure
This newly encrypted document is transmitted with the original document. The recipient also calculates the hash value from the original document, decrypts the encrypted document with the public key and compares the two.
The personal assignment of the public key is carried out by a trust center, which issues a certificate. The name of the certificate holder and his or her authorization to sign can be stored in the trust center. The secret key can be stored on a smart card and secured by biometric data, passwords and the like. Trust centers are liable for the accuracy of the certificates. Member States may subject the use of electronic signatures in the public domain to additional requirements. They are considered as evidence in legal proceedings.
Digital signatures are defined in the Signature Act(SigG) as follows: A digital signature within the meaning of this Act is a seal generated with a private signature key to digital data, which can be identified with the help of an associated public key, which is provided with a signature key certificate of a certification authority or the authority and which shows the owner of the signature key and the authenticity of the data.