Digital signature explained

When we send an email or document to someone, it could be intercepted in transit and altered. Your email address could be spoofed and someone could send an email as if it was from you, but there is no guarantee of integrity. Do you remember in Chapter 1, Understanding Security Fundamentals, that we used hashing to provide the integrity of data, however, in emails we use a Digital Signature? We sign the email or document with our private key and it is validated by our public key.

The first stage in digital signatures is to exchange public keys—the same principle as encryption.

For example, George wants to send Mary an email and he wants to ensure that it has not been altered in transit. See the following diagram: ...

Get CompTIA Security+ Certification Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.