Signature Schemes

Signature schemes are cryptographic schemes, that allow us to sign some piece of data, and someone else can verify our signature. Think of signature schemes as a very modern version of signing for example a contract, which does not rely on your unique hand movement, but on math. There are many different signature schemes. They vary in efficiency and security.

The main goal of signature schemes is to ensure the authenticity, non-repudiation, and integrity of digital messages.

• Authenticity: Authenticity ensures that the signature authenticates the origin of the message and verifies that it was indeed created by the claimed sender. A valid signature on a message proves that the signer owns the private key associated with the public key used for the signature.

• Non-Repudiation: Non-repudiation ensures that the signer cannot deny their involvement in the transaction. In other words, they cannot later claim that they didn't authorize or sign the message. Therefore, signing the message is a binding commitment.

• Integrity: Integrity ensures that the message has not been tampered with or modified during transmission. Validating a changed message, no matter how small the difference, with the signature will not be successful.

Public and Private Key

These signatures are generated using a private key known only to the sender. They can be verified by anyone who possesses the corresponding public key associated with the sender. This dual-key structure, consisting of a private key for signing and a public key for verification, forms the basis of asymmetric or public-key cryptography.

Methods of Signature Schemes:

Signature schemes consist of three methods:

• Generate Key Pair() => Private Key, Public Key: This algorithm is used to generate a pair of keys for the user. One key is the private key, which is kept secret, and the other is the public key, which is made available to others. The private key is used for signing messages, while the public key is used to verify the signatures.
• Sign(Message, Private Key) => Signature: This algorithm is used by the owner of the private key to create a digital signature for a message. The signature is generated based on the private key and the content of the message. The signature is typically appended to the message before transmission.
• Verify(Message, Signature, Public Key) => Valid/Invalid: This algorithm is used to verify the authenticity of a received message with the public key of the sender and its associated signature. The result is that the signature is either valid or invalid for the given private key.

In some signature schemes, there may also be a "recover" algorithm:

• Recover(Message, Signature) => Public Key: This algorithm can be used to recover the public key corresponding to the private key that has been used to create the signature for a message.

The signature can be verified by comparing the public key returned by the recover algorithm with the public key of the message's sender. If there is an exact match, the signature is valid.

In the following activity, you can interact with a signature scheme to learn more.

Formats of Keys and Signatures

Using these methods we can create keys and signatures. But what does that mean? At the end of the day, signatures and keys are just (very long) series of bits (0 and 1s) that can be interpreted as numbers and represented as hexadecimal strings.

0c29dd3d37fc2f1f26609d4088023b25618cdded6fc7b4eb75d75898aba2cd3a

b470edf87dc8decad6a39ed105a6a6411b88275c6a0ac06c0dea3144980eaf0635fabda79ceda360583acd0802adb27e

8efb19ca904a1d061a84070d5bad61ce1ea44d0e1d9c0a2ecced89692a5546ea39bb02ff1563186767d0903901d5304c126c2ad97dc2efe97c2d528039aff266e9337646498e90b089a4ebfa624e2f353aceca545b7f14b7c2707f3340bd6827

Interactive Demo

Before you start, understand the inputs (blue), the algorithms (red), and outputs (green). Follow the lines to see how they are connected. Then follow these steps:

• Generate a new Key Pair and check out Private Key and the Public Key / Address.
• Sign a message and view the signature. See that the signature is valid.
• Change the message and see what values change and if the signature is valid.