In this example the message is only signed and not encrypted. 1) Alice signs a message with her private key. 2) Bob can verify that Alice sent the message and that the message has not been modified.

Tanda tangan digital atau tanda tangan elektronik adalah skema matematis yang berkegunaan untuk membuktikan keaslian suatu pesan atau dokumen digital. Tanda tangan digital yang valid dapat memberikan dasar bukti bagi penerima untuk percaya bahwa suatu pesan dibuat oleh pengirim yang jelas/dikenal (autentik), dan bahwa pengirim tidak dapat menyangkal telah mengirim pesan tersebut (nir-penyangkalan), serta pesan tersebut tidak mengalami perubahan saat transit (integritas).[1]

Tanda tangan digital merupakan elemen dasar dari kebanyakan protokol kriptografis pada program terpadu, dan biasanya dipergunakan untuk distribusi perangkat lunak, transaksi finansial, aplikasi manajemen kontrak, atau pada kasus lain yang memerlukan deteksi terhadap pemalsuan ataupun penyelewengan.

Tanda tangan digital sering dipergunakan dalam penerapan tanda tangan elektronik, istilah yang lebih luas merujuk pada data elektronik apapun yang mengandung sebuah tanda tangan,[2] tetapi tidak semua tanda tangan elektronik menggunakan tanda tangan digital.[3][4] In some countries, including the United States, Algeria[5], Turkey, India,[6] Brazil, Indonesia, Mexico,[7] Saudi Arabia,[8], Uruguay[9], Switzerland and the countries of the European Union,[10][11] electronic signatures have legal significance.

Digital signatures employ asymmetric cryptography. In many instances they provide a layer of validation and security to messages sent through a non-secure channel: Properly implemented, a digital signature gives the receiver reason to believe the message was sent by the claimed sender. Digital seals and signatures are equivalent to handwritten signatures and stamped seals.[12] Digital signatures are equivalent to traditional handwritten signatures in many respects, but properly implemented digital signatures are more difficult to forge than the handwritten type. Digital signature schemes, in the sense used here, are cryptographically based, and must be implemented properly to be effective. Digital signatures can also provide non-repudiation, meaning that the signer cannot successfully claim they did not sign a message, while also claiming their private key remains secret. Further, some non-repudiation schemes offer a time stamp for the digital signature, so that even if the private key is exposed, the signature is valid. Digitally signed messages may be anything representable as a bitstring: examples include electronic mail, contracts, or a message sent via some other cryptographic protocol.

Referensi

  1. ^ Paul, Eliza (2017). "What is Digital Signature- How it works, Benefits, Objectives, Concept". 
  2. ^ US ESIGN Act of 2000
  3. ^ State of WI Diarsipkan 2006-09-25 di Wayback Machine.
  4. ^ National Archives of Australia Diarsipkan November 9, 2014, di Wayback Machine.
  5. ^ "Law 15-04". Official Journal, february, 1st, 2015. 
  6. ^ "THE INFORMATION TECHNOLOGY ACT, 2000" (PDF). Department of Telecommunications, Ministry of Communication, Government of India. The Gazette of India Extraordinary. Diakses tanggal 17 September 2017. 
  7. ^ Ley de firma electrónica avanzada
  8. ^ "Electronic Transaction Law". Communication and Information Technology Commission. Diakses tanggal 17 September 2017. 
  9. ^ https://www.agesic.gub.uy/innovaportal/v/5834/13/agesic/firma-electronica.html
  10. ^ Turner, Dawn. "Major Standards and Compliance of Digital Signatures - A World-Wide Consideration". Cryptomathic. Diakses tanggal 7 January 2016. 
  11. ^ JA, Ashiq. "Recommendations for Providing Digital Signature Services". Cryptomathic. Diakses tanggal 7 January 2016. 
  12. ^ Regulatory Compliance: Digital signatures and seals are legally enforceable ESIGN (Electronic Signatures in Global and National Commerce) Act