Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
<!-- This component and the accompanying materials are made available under the terms of the License
"Eclipse Public License v1.0" which accompanies this distribution,
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
<!-- Initial Contributors:
Nokia Corporation - initial contribution.
Contributors:
-->
<!DOCTYPE concept
PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
<concept xml:lang="en" id="GUID-5C58F7D1-D672-5B6D-AD48-863EC68F7446"><title>Digital signatures</title><prolog><metadata><keywords/></metadata></prolog><conbody><p>A digital signature is used to verify that a message (or data) actually came from the sender (the one who signed the message) and that it has not been tampered with.</p> <p> A signature is formed by producing a fixed-length digest (hash) of the message using a hash algorithm, which is then encrypted using the sender's private key. This signature and the message are then sent to the recipient.</p> <p>The receiver can then verify the signature as follows: a hash is produced of the sender's message (using the hashing algorithm sent with the signature); also, using the sender's public key, their signature is decrypted into a hash. These two hashes are compared: if they are the same, it is more or less certain that the public key used for the decryption corresponds to the private key used to create the signature, thus data integrity is validated.</p> </conbody></concept>