What is a digital signature?

[To advertise Java(tm) Events here, contact joris@esus.com!]

Java™
by example!

	Login
	Login here Become a member only $14.95/year!

	New @ Esus.com
	In-house search engine for better results! Get updates with the esus.com newsletter!

Home

Browse Categories

Ask a Java Question

Help

For Java Tips & Tricks, subscribe to the esus.com newsletter!

Search Java Q&A, Links, API's: adv

Index:Java 2 Standard Edition (J2SE):Java 2 JDK:Security (java.security.*)

Printer-friendly version

What is a digital signature?

A digital signature is an extra chunk of data send along with an (encrypted) message which tells the receiver that the message is coming from the one who claims to have sent it. It ensures that the message has not been tampered with by a man-in-the-middle, a person who spies on the communication line and intercepts messages. You also have a proof that the sender is the one who holds the private key of a public-private key pair.

It goes as follows:

This code sample is only viewable to esus.com members Login or become a member!

But who says this public/private pair belongs to me? I could have identified myself as someone else, generate such a pair and distribute the public key to a sender who believes I am someone else and trick him with this above process claiming to be that someone else...

That's where digital certificates come in. Check out What is a digital certificate?

Further Information

Author of answer: Joris Van den Bogaert

Comments to this answer are only viewable by members. Login or become a member!