Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
what is the difference between digital signature and digital certificate?
14-01-2020, 07:24 AM (This post was last modified: 14-01-2020 07:32 AM by Caitlin Edgar.)
Post: #1
what is the difference between digital signature and digital certificate?
i've been google'ing the contrast between advanced signature and computerized testament (asymmetric encryption) appears as though they are the equivalent. I might want to explain on the off chance that they are the equivalent or not? much obliged!!! …
Find all posts by this user
Quote this message in a reply
15-01-2020, 06:42 AM
Post: #2
RE: what is the difference between digital signature and digital certificate?
(14-01-2020 07:24 AM)Caitlin Edgar Wrote:  i've been google'ing the contrast between advanced signature and computerized testament (asymmetric encryption) appears as though they are the equivalent. I might want to explain on the off chance that they are the equivalent or not? much obliged!!! …

Digital Signatures are generated electronically, which is used to ensure the authenticity & integrity of data for example e-mail message. Whereas, Digital Certificate is a medium to prove the identity of website holder and it gives the protection against data exchange from visitors to the sender.

It can be said that it's similar to other identity proofs of a person like driver's license or any employee ID card. Trusted third parties issues digital certificates, for establishing the identity of the person who owns certificate. These third parties who issues digital certificates are known as Certificate Authority (CA). In simple words, Digital Certificates are used to do verification of the trustworthiness of a website and Digital Signatures are used to verify the trustworthiness of the information.

Generally, three algorithms are used by a digital signature system. First - Key generation algorithm is used to generate a public and private key pairs. Second - Signing algorithm is used to generate a signature which is used at time of giving out private key and a message. Third and lastly, signature verifying algorithm is used for the verification of the message, a signature & the public key. Here’s the common reasons for applying a Digital Signature.

1.Authentication
2.Integrity
3.Non-repudiation

Whereas Digital Certificates, uses a digital signature for attaching a public key with any particular entity or individual. Some of the information carried along with digital certificates are like, a serial number which is used to identify every certificate uniquely, the individual or entity identified by the certificate and the algorithm which is used for creating the signature. Apart from this, it contains the CA which verifies all the information of the certificate, validation and expiry date of the certificate. It also contains public key and thumbprint to assure that certificate is not modified. Digital Certificates are mostly used on E-commerce websites which are based on HTTPS to gain trust of the website visitors.

Digital Certificate contains the following things:

Certificate Holder Name
Serial Number
Certificate Expiry Date
Copy of Certificate Holder’s Public Key
Digital Signature of Certificate Authority

Key Difference of Digital Signature & Digital Certificate

Digital Signature

It verifies the authenticity of a document
Asymmetric keys are used to encrypt and decrypt the document.
It offers authentication, non-repudiation and integrity.

Digital Certificate

It creates an identity & improves the trustworthiness of websites.
A certificate is issued by a certificate authority after the verification process completes.
Find all posts by this user
Quote this message in a reply
Yesterday, 07:10 AM (This post was last modified: Yesterday 07:15 AM by Jake Schey.)
Post: #3
RE: what is the difference between digital signature and digital certificate?
A digital signature is used to verify a message. It is basically an encrypted hash (encrypted by the private key of the sender) of the message. The recipient can check if the message was tampered with by hashing the received message and comparing this value with the decrypted signature.

To decrypt the signature, the corresponding public key is required. A digital certificate issue by digital agency in malaysia which is used to bind public keys to persons or other entities. If there were no certificates, the signature could be easily be forged, as the recipient could not check if the public key belongs to the sender.

The certificate itself is signed by a trusted third party, a Certificate Authority like VeriSign.
Find all posts by this user
Quote this message in a reply
Today, 12:54 PM
Post: #4
RE: what is the difference between digital signature and digital certificate?
Conceptually they are kind of oposites. With a digital certificate encypt you with the public key and decrypt with the private key, that way you can ensure only the person with the private key can read your text. With a digital signature you encrypt with the private key and decrypt with the public key, that way anyone can decrypt, but only the person with the private key can encrypt so you know the message has come from the person with the private key.
Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)