Digital Signatures: Who Really Wrote This
To show you how mistaken you are, and what an unfounded
assumption yours is, I will lay before you a certificate … look at it!
You may take it in your hand; it’s no forgery.
—CHARLES DICKENS, A Tale of Two Cities
Of all the ideas we’ll encounter in this book, the concept of a “digital signature” is perhaps the most paradoxical. The word “digital,” interpreted literally, means “consisting of a string of digits.” So, by definition, anything that is digital can be copied: to do so, just copy the digits one at a time. If you can read it, you can copy it! On the other hand, the whole point of a “signature” is that it can be read, but can’t be copied (that is, forged) by anyone other than its author. How could it be possible to create a signature that is digital, yet can’t be copied? In this chapter, we will discover the resolution of this intriguing paradox.
It might seem unnecessary to ask the question: what are digital signatures used for? Surely, you might think, we can use them for the same kinds of things that paper signatures are used for: signing checks and other legal documents, such as the lease on an apartment. But if you think about it for a moment, you will realize that this isn’t true. Whenever you make an online payment for something, whether by credit card or through an online banking system, do you provide any kind of signature? The answer is no. Typically, online credit card payments require no signature whatsoever. Online banking systems are a little different, because they require you to log in with a password that helps to verify your identity. But if you later make a payment during your online banking session, no signature of any kind is required.