What is a digital signature

ProtonMail employs several methods to protect your privacy and your security. One method of protecting data from being read by outsiders is encryption. However, encryption alone does not guarantee the authenticity of the data. For that, ProtonMail uses a technology called digital signatures.

Digital signatures are like a physical signature on a specific piece of data, such as a message body or contact. Successful verification of the digital signature on a message body ensures that the author really did send the message and that the message has not been tampered with or otherwise changed. In the case of your contacts, they are signed with your private keys, and verification of a contact’s digital signature ensures that no one but you has modified the contact.

Signing

Signing data consists of several steps. First, a hash function is used to generate a unique string (a “hash”) from the data. Some of the vital properties of a hash function are that each input data will have a different output and that it is impossible to recover the original data from this output (the functions are ‘one-way’).

The next step is to sign this hash.  The signature of this hash is computed with the signer’s private key using a signature algorithm (e.g. RSA or DSA).

Verification

To verify a signature, the verifier needs three things: the signature itself, the data that the signature signs, and the public key belonging to the author of the content. For OpenPGP, the encryption scheme used by ProtonMail, the decrypted content is signed and thus the signature can only be verified if decryption succeeds.

The next step is to generate a hash of the data using the hash function chosen by the signature type. The verification algorithm will then verify the signature in a method dependent on the algorithm.

After this step, the algorithm completes verification by ensuring that the hash of the received data is equal to the hash included in the digital signature.