This chapter covers:
- a new cryptographic primitive called a signature, which is non-interactive zero-knowledge proof used to simulate pen-and-paper signatures.
- The existing standards for signatures and how they are implemented in real-world applications.
- The subtle behaviors of signatures and how you can avoid their pitfalls.
So far, you’ve learned that symmetric cryptographic primitives like authenticated encryption algorithms are useful as well as efficient to provide confidentiality and integrity to your messages. You’ve also learned that they don’t scale well, as they require you to share a symmetric secret with every person you’re talking to. For example, how can your browser manage to share symmetric secrets with every website on the internet? It sounds like an impossible task. chapters 5 and 6 have introduced a couple of asymmetric cryptographic primitives that provide ways for two participants to agree on a secret, a secret that can then be used as a symmetric key by our authenticated encryption algorithms. Yet, these cryptographic primitives still don’t solve the real-world problem of scalability. We are now reaching a very interesting point in this book. The cryptographic primitive that you are going to learn in this chapter — digital signature — is one of the best answers we have found to that scability problem.