Security for Beginners
by Sergey Okinchuk
Hashing vs EncryptionChapter 5: How the Web Is Secured
Topic 20

Signatures and Trust

Concept

Encryption can keep a message secret on its way to Olivia. But secrecy answers only one question. When a message arrives, Olivia still wants to know two more things: did it really come from the person it claims to be from, and did anyone change it along the way?

A digital signature answers both. It is a small piece of proof attached to a message that shows the message genuinely came from a particular person and arrived unchanged. From here on we will just say signature.

Think of an old wax seal. Someone presses a unique signet ring into warm wax to close a letter. Anyone can recognize the stamp, but only the owner of that ring can make it — and if the seal is cracked when the letter arrives, you know it was opened or meddled with. A digital signature does the same job with math instead of wax.

How a signed message is checked
Sender signswith their private key
Message + signaturesent together
Receiver verifieswith the public key
Genuine & unaltered?pass or fail

What Encryption Leaves Out

Imagine Olivia gets a message that is perfectly encrypted — no one in the middle could read it. That feels safe, but two worries remain. The message could have been written by an impostor pretending to be her bank. Or a genuine message could have been quietly altered before it reached her.

Secrecy does nothing about either one. Keeping a letter sealed in an envelope does not prove who wrote it, and it does not prove the words inside were not swapped. Those are two separate guarantees: authenticity — who really sent it — and integrity — that it was not changed. A signature is the tool that delivers both.

Signing With the Private Key

Back in public-key encryption you met the idea of a key pair: a private key that one person keeps secret, and a matching public key that anyone can have. To send Olivia a secret, people encrypt with her public key, and only her private key can open it.

A signature uses the same pair, but the other way around. The sender signs the message using their own private key — the half only they hold. Anyone who has the matching public key can then check that signature. If the check passes, it could only have been made by the holder of that private key.

That is the wax seal in math form. Making the stamp needs the one ring nobody else has (the private key); recognizing the stamp needs only knowledge anyone can hold (the public key). So a passing check is proof the message came from whoever owns that private key.

How a Signature Catches Tampering

A signature is not a fixed badge stuck on the end. It is calculated from the contents of the message itself. So the signature and the message are tied together: change even one character of the message, and the signature no longer matches.

That is what makes integrity automatic. When the receiver's check passes, it confirms two things at once — the message came from the right private key, and the message is exactly what was signed. If an attacker altered a single word in transit, the check fails, and the receiver knows not to trust it. One move, both guarantees.

Where Does Trust Come From?

Here is the careful part. A signature proves which key signed the message. It does not, on its own, prove who owns that key. Those are different claims, and mixing them up is the main trap.

Suppose an attacker makes their own key pair, signs a message, and labels it "from Olivia's bank." The signature is perfectly valid — it really was made by that private key. But the key is the attacker's, not the bank's. The signature is genuine; the identity behind it is a lie.

So a signature is only as meaningful as your confidence that the key belongs to the real sender. Bridging that last gap — tying a key to a real-world identity you can rely on — needs something extra called a certificate, which is exactly how the web proves a website is the real one. That is where the next chapter picks up.

What a signature proves — and what it doesn't
What it proves
This message came from whoever holds that private key, and the content was not altered in transit
What it doesn't prove
Whether that key truly belongs to who the message claims to be from — that requires a certificate
Common Confusions
  • "A signature keeps the message secret." It does not. A signature proves who sent the message and that it is unchanged — not that outsiders can't read it. Secrecy is encryption's job; the two are often used together but are separate goals.
  • "You sign with the public key." The other way around. You sign with your private key and others verify with your public key. That is the reverse of encrypting a secret to someone, where you use their public key.
  • "A valid signature means the sender is trustworthy." It only proves the message came from a particular key, intact. Whether that key really belongs to the person it claims to be — and whether they deserve trust — is a separate question that certificates answer.
  • "If the message wasn't changed, you don't need a signature." You have no way to know it wasn't changed without one. The signature is what lets the receiver detect tampering in the first place.
Why It Matters
  • Signatures are how you can know a message, a software update, or a download is genuinely from who it claims to be — and that no one altered it on the way.
  • They show that authenticity and integrity, not just secrecy, are things cryptography can deliver — and that encryption alone never promised either.
  • They lead straight into how the web proves a site is the real one: the signature proves a key, and a certificate ties that key to a trusted identity.

Knowledge Check

A message arrives perfectly encrypted, so no one in the middle could read it. What does a digital signature add that encryption alone does not?

  • Proof of who sent it and that it wasn't changed
  • Stronger secrecy so even more people can't read it
  • Faster delivery of the message to the receiver
  • A backup copy in case the message is lost

When someone signs a message, which key do they use, and which key checks it?

  • Sign with the private key, verify with the public key
  • Sign with the public key, verify with the private key
  • Sign and verify with the same shared secret key
  • Sign with a password, verify with the receiver's password

An attacker changes one word in a signed message while it is in transit. What happens when the receiver checks the signature?

  • The check fails, revealing the message was altered
  • The check still passes because the signature is separate
  • The signature silently fixes the word back to the original
  • Nothing changes until the sender confirms the edit

A message has a perfectly valid signature, labeled "from Olivia's bank." Why is that not yet proof the bank really sent it?

  • It proves which key signed, not that the key is really the bank's
  • A valid signature cannot tell you whether the message content was changed or tampered with on the way
  • Because the message wasn't also encrypted for secrecy
  • A valid signature can only be made by a real bank

You got correct