How Digital Document Signatures Work And Why They Can’t Be Faked
There are a few different types of digital document signatures, but one of them is extremely reliable. It can theoretically be faked, but to fake even one signature would cost millions of dollars in computer processing time. What is this digital signature and how does it work?
Types Of Digital Document Signatures
There’s a lot of confusion about digital document signatures and what exactly they mean. I see three common different uses of the phrase:
- Scanned copies of manual signatures which you can copy and paste into a document. Then you can print the document as a PDF to create what looks like a scanned signed document. These offer no security, but they’re awfully convenient for virtually signing documents while on the road.
- Document management systems which let you mark a document as signed. For example, many electronic health information management (medical record) programs let doctors mark orders and reports as signed. Most of these signatures only provide as much security as the integrity of the system’s database—if someone can tamper with the database, they can forge signatures. (But, note, some document management systems integrate with the following type of digital signature.)
- Cryptographic digital signatures which use a mathematical formula to create an altered version of a document which guarantees that a particular person with a particular electronic key created that version of the document.
How Cryptographic Digital Signatures Work
Cryptographic signatures all use a mathematical formula open to the public, although you need to be a math expert to understand it. There are a few different systems, each one with a different formula, but they all work in the same basic way.
First, the formula creates a unique identification number based on the entire contents of the document you want to sign. This number is usually called a hash by programmers. Then the formula looks for a second piece of information, called a key, and uses it to transform the hash into a signed hash.
The magic is in the key. Mathematical principles show that there are some operations that are easier to perform in one direction than in the other. For example, find the square of 6. Now find the square root of 49. Which took you longer? It was probably the square root. Although modern computers can square and square root numbers at roughly the same speed, there are certain advanced math operations which they can do quickly one way, but which take forever to do in the opposite direction.
Cryptographic keys exploit that fact to create a key with two sides—a public side and a private side. When the cryptographic formula signs a document, it uses the private side of your key—that’s the easy part of the formula. When someone wants to verify that you signed the document, you give them the public side of your key—that’s the hard part of the formula. They can use the public key to verify that you signed the document, but it would take them millions of dollars of computer processing power to be able to do all the math required to use your public key to forge your signature.
What Cryptographic Digital Signatures Mean For You
The U.S. military uses cryptographic keys to sign almost all of their emails, and an increasing number of document management solutions which require absolutely impossible-to-forge documents (such as legal orders) are increasingly implementing cryptographic signatures. It’s highly likely that, as document and contract management becomes increasingly digital, cryptographic digital signatures will be more and more used.