Digital Signature

Signing

• Hash the original data (messages, digital media, etc.).
• Sign the hash with private key.

Verifying Signature

• End user receives the data and compute the hash.
• Decrypt the signature with public key.
• Compare the decrypted hash with the computed hash.

NOTE

Here the cryptographic hashes are collision-resistant, meaning it is computationally infeasible (practically impossible with current computing power) to deliberately find two different inputs that hash to the same output.

Collisions must exist in theory (because the input space is infinite but the output space is finite).

But a good cryptographic hash makes it so hard to find one that it’s practically impossible.