Digital Signing in Blockchain

Digital Signing in Blockchain is a process to verify the user’s impressions of the transaction. It uses the private key to sign the digital transaction, and its corresponding public key will help to authorize the sender.

In the series of understanding cryptography in Blockchain, previously, we covered public key cryptography along with the RSA algorithm. Today, we’ll go through the process of digital signing that has a utility in the blockchain network for transaction verification. It means the user has to prove that they are authorized to make the transactions. 

The below article explains the functioning of digital signing and how it uses public-key cryptography for security.

Content

• Introduction
• Confidentiality and Authentication
• What is Digital Signing?
• The process of Digital Signing
• Confidential and Authorized Digital Signing
• How is Digital Signing used in Blockchain?
• In Conclusion

Confidentiality and Authentication

In the previous article, we learned that with public-key cryptography the sender can use the receiver’s public key to encrypt the message. Afterward, only the receiver using its private key can decrypt the message. Overall, we understood that the public key encrypts the message, and the private key decrypts the message. Public key cryptography ensures the confidentiality of the message.

However, in the case of digital signing, the roles of public keys and private keys are reversed. That means the public keys can decrypt the message, and private keys can encrypt the message.

Note that digital signing intends to authenticate the sender. It does not secure the document. 

This brings us to our next concept, Authentication. It’s a process to verify the sender. That means checking if the electronic document received is from the expected sender. On the other hand, Confidentiality is a process of keeping the documents secured and private in the network. Therefore, no one other than the intended receiver can read the message.

What is Digital Signing?

Digital signing is a process to validate the authenticity and integrity of the document by the sender. In simple terms, it means to check that the document received is sent by the expected sender and it’s not changed by an intruder in the network. 

Here, the private key of the sender encrypts the message. And the corresponding public key of the sender, earlier shared with the receiver, can decrypt the message.

In order to generate a digital signature system, the sender creates a hash of the document to be signed. Then, encrypt it with his own private key and send it. The receiver decrypts the document using the sender’s public key. That ensures the expected sender sends it.

Digital Signing in Blockchain is a process to verify the user’s impressions of the transaction. It uses the private key to sign the digital transaction, and its corresponding public key will help to authorize the sender.

However, in this way, anyone with the sender’s public key can easily decrypt the document. Digital Signing targets the authenticity, not the security of the document. It’s a way to ensure the source of the message transaction. Keep this point noted for now. 

Remember, here private key encrypts the message, and the public key decrypts the message.

Now, let’s understand the process thoroughly.

The process of Digital Signing

For instance, Rachel wants Ross to send a digitally signed copy of the divorce documents for Rachel to confirm if the document sent by Ross hasn’t been changed on the way by other network participants. Digital Signing works by the following process.

Ross creates the hash of the documents. Hash is a cryptographically generated an fixed length hexadecimal ciphertext that is irriversible. Next, Ross encrypts the hash of the document using his private key. Now, when he sent the document to Rachel, he added the encrypted hash. Rachel can only decrypt the hash using Ross’s public key. 

Now on the receiver’s end, Rachel decrypted the hash. Afterward, she calculates the hash of the document by herself as well. To ensure if it’s not altered on the way. She compares her hash of the document with the decrypted hash sent by Ross. If the two hashes match, Rachel knows that both document and hash came from Ross. And haven’t been changed on the way. If not, the message got altered by a network intruder.

Above all, let’s take two cases of altering the transaction by Jill, a network intruder.

Case 1: Jill altered the document and sent it to Rachel

In this case, the hash recovered after decryption will not match with her calculated hash. So, the document will be dismissed.

Case 2: Jill changed the document and generated a new encrypted hash

In this case, when the new encrypted hash is received by Rachel. She’ll not be able to decrypt it by Ross’s public key.

So, this is the process of Digital Signing where user authentication is verified. But what about confidentiality? What if Rachel and Ross don’t want anyone in the network to know about their divorce filed, then? 

Let’s see how you can secure and privatize the digitally signed document.

Confidential and Authorized Digital Signing

So far by now, we’ve understood that digital signing is a process of authorizing the sender. However, to make it secure and confidential, we need public-key cryptography or Asymmetric cryptography. It uses the receiver’s public key for encryption and the private key for decryption. Here, The pair of keys ie, the encrypt and decrypt keys should be of the same user (receiver).

Let’s understand it by extending the previous example. Now, Rachel and Ross don’t want anyone in the network to know about the signing of divorce documents.

So now, after Ross encrypting the hash using his private key and adding the document with it. He again encrypts the document and hash using Rachel’s shared public key. 

On the receiver’s end, Rachel first decrypts documents and then encrypted hash with her private key. Then uses Ross’s public key to decrypt the hash. Afterward, she calculates her own hash of the document and matches it with the decrypted hash sent by Ross.

How is Digital Signing used in Blockchain?

Digital signing in blockchain technology aims to authenticate transactions. That means checking if the sender is authorized to make the transactions. The user has to prove to the network that he’s authorized to spend his balance. The balance is also verified by checking the transactions made to the account.

Each node in the network verifies the submitted transaction and then makes an informed decision asking the whole network to add it. And that’s how the use of digital signing network participants can authorize the transaction and account.

In Conclusion

The concept of digital signing helps to create digital certificates by certificate authorities (CA). Also, it’s used for electronic signature (or E-signature) over documents.  Moreover, adding public-key infrastructure (PKI) to digital signature generates a kind of multi-factor authentication system for the user. Various other encryption algorithms are implemented to ensure security.

The above article explains one of the biggest applications of hashing and public-key cryptography, Digital Signing. It deeply elaborates the process of digital signing using an example and how it can be secured using public-key cryptography. Moreover, it tells about how digital signing is used in blockchain networks for verifying transactions.

Hope this helped you understand some basic primitives of cryptography in the blockchain. Stay tuned to learn more concepts of blockchain. 

Recently completed any professional course/certification from the market? Tell us what liked or disliked in the course for more curated content.

Click here to submit its review with Shiksha Online.