Message Signing in 250 words or less

Let’s say you are electronically communicating with someone else via email. How do you actually know that the email you receive was actually sent from that other person?

One way to do that is to “sign” the messages electronically using the properties of asymmetric encryption!

In this example, Ryan will “sign” the message with his private key. This would be similar to the encryption process discussed in RSA Encryption in 250 words or less except that the difference is that the sender, Ryan, signs the message with his own private key.

Once Ryan signs the message, he sends it to the receiver Jack. At this point Jack has an email of scrambled, encrypted data and thinks it’s from Ryan, but is not totally sure. Ryan has also sent his public key to Jack so Jack can use that public key and decrypt the message using RSA. Since Ryan’s private key encrypted the message, and only Ryan has access to that private key, if the public key decrypts the message, Jack can be assured that the message can from Ryan.

In this example, Ryan signed the complete message. If the message is large, this is not a trivial task for the encryption algorithm. So, one proposal is to hash the message first, sign the hashed message and then send it to the receiver, Jack. This is also known as Digital Signatures.