

@ 0,0 +1,34 @@ 



# Cryptographic Signatures 101 







This is a basic introduction to public/private keys and how they work for signing and notarizing documents. 







You don't need to worry about the complex math and hundreds of lines of computer code that's at work here. We'll let the people with fancy degrees worry about that. This will be a more abstract explaination. 







## Private Key 







A private key is a secret code that should never be given to anyone. Using math, it's possible to prove you have control of a private key, to someone who does not have it, without disclosing the key itself. 







## Public Key 







When certain math is done to a private key, a public key is produced. This only takes a fraction of a second on a modern computer, but going the other way (starting with a public key and making the matching private key) would take thousands of years. A private key is mathematically paired to its public key. 







## Cryptograhic Signature 







A cryptographic or digital signature can be generated and attached to any file or message by doing math to the message and a private key. Anyone with a copy of the corresponding public key can do more math and prove the private key that made the public key was also used to make the signature. 







If any part of the message attached to the signature is changed, the signature won't be valid anymore. Such tampering is easily detected. 







## Bringing it Together 







This means that when you use a private key to sign a document, anyone can use your public key to verify two things: 







1. Your private key signed the document, and 



2. the document has not been changed since you signed it. 







If someone has your public key and attempts to sign a document with it, it won't work. It's also impossible with today's technology to calculate the private key from its public key. This means it's perfectly safe (and actually recommended) to put your public key in as many places as possible, so people can use it to verify that nobody is impersonating you. An impersonator wouldn't have your private key. 







## Security 







All of this fancy math really adds security and makes digital signatures almost infinitely better than "wet" signatures on paper. However, as you might have noticed, it all assumes that nobody has your private key except you. It is vitally important that you protect your private key! Viruses and malware have been known to scan infected computers, searching for private keys, and then sending any they find to criminals. To prevent this possibility, some people and companies store their private keys on computers that are physically seperated from the Internet and other computers. 







Most software that deals with private keys will allow (or even require) you to set a password. This password is used to scramble or unscramble your private key, adding another layer of security. If someone gets a copy of your private key, they'd need the password too or it's useless to them. Always use complex passwords for protecting private keys. 