Hashing vs. Digital Signatures

Okay, I want to make a quick clarification – there’s a difference between using a simple hash and a digital signature.   We use hashing as a mechanism to ensure message integrity – by running the one way function on each end, we can detect modification or corruption of the message (whether innocent or intentional) if there is a difference in the value.   We can encrypt that hashed value using a symmetric/shared key process to protect the integrity of the HASH, which validates the integrity of the MESSAGE. 

A digital signature encrypts the hash value using an asymmetric key – the sender’s private key.  In our well designed PKI world, we know that NOBODY else has a copy of our private key.  We’re the ONLY person in possession of the private key, so we’re theoretically the only person that can encrypt the message in this way.  The recipient decrypts using the sender’s public key, thereby validating not only that no alteration / modification has taken place but ALSO that the message came from the specified sender.

One Response to “Hashing vs. Digital Signatures”

  1. Cam says:

    If I understand this correctly, then as long as a have a digital signature (encrypting the hash with my private key, only to be unencrypted by using my matching public key) on a message, then I don’t have to worry about the particular hashing algorithm itself, right?

Leave a Reply