Let us begin by telling you what digital signatures in Office documents are and their uses
Signatures have been used since time immemorial to establish identity and authenticate messages. Signatures have undergone transformations in each era from impressions to intricate seals describing one’s own name. In this digital era, signatures have manifested in the form of digital signatures. Armed with legal sanctity, digital signatures are adopted widely across applications, domains and sectors.
Properties of a digital signature
Let’s see what the desired properties of a signature are. A signature needs to assure the identity of the signer – that’s authentication. It needs to provide credible evidence that the signer has indeed been involved in the act of signing and could not deny it later – that’s non-repudiation. It should also assure that the contents or data has not been modified since it was signed – that’s integrity. Hence, a digital signature has to achieve the aforesaid properties in a medium where copying and modification of a document or message is as simple as a click and where the transfer of data is measured in milliseconds, and that’s the major challenge. This is where the concepts of cryptography help us to firmly establish the authenticity of the digital signature integrity of the document and also provide the non-repudiation ability.
In a handwritten signature, though the process of authentication is fairly simple and generally done by visual comparison with a specimen’s signature, the reliability of the process is a question. However, digital signatures provide a foolproof mechanism to authenticate a signature, and anybody can do that without the need for any previous or specimen signature. There are two cryptographic concepts used in the process of digital signing:
- Cryptographic hash functions produce a fingerprint (also known as message digests) of the input message or document, every time producing the same fingerprint for the same message. Any change to the input message will produce a very different fingerprint. Another most important characteristic of hash functions is that one cannot retrieve the original input, using the fingerprint. It is very much similar to a fingerprint of an individual that captures the uniqueness of an individual. Like a fingerprint cannot be used to create a sketch of the individual, a message digest cannot be used for constructing the original message. Hash functions are used in many applications, including the ones that we use daily for logging in, where only the hash value of the passwords is stored in the application.
- Here, the cryptographic concept that comes into play is Asymmetric key cryptography. This method uses two large prime numbers for generating public and private keys. This key pair functions in a very unique way that is if you encrypt a message with one of the keys, you can decrypt the message only by using the other key. One of the keys is kept private, while the other key can be shared with anybody and is referred to as the public key. An analogy could be a lock with a special pair of keys designed in such a way that if you lock with one of the keys, then only the other key in the key pair can unlock it. Another important aspect of these keys is that though they are mathematically related to each other, it is computationally infeasible to deduce one of the keys from the other key. You are not able to derive the private key by using the public key or the other way around. A key pair is issued to an individual and is used to uniquely identify that individual through the public key of that key pair.
A digital signature for a message is created through the following process: the message is fed to the cryptographic hash algorithm that produces a message digest. The message digest is then encrypted by the signer using his private key. This digital signature is then appended to the message. Anybody who wants to verify the authenticity and integrity of the digitally signed document will perform the following steps: The received message is fed to the cryptographic algorithm that produces the message digests. The digital signature that came along with the message is decrypted using the signer’s public key that produced the message digest computed by the signer at the time of digital signing. If both the message digests match, then the document has not been tampered with. Integrity is assured through message digests, and the claimed signer has indeed digitally signed it. Authenticity is assured as the public key of the signer was able to decrypt the digital signature successfully.
Differences between handwritten and digital signatures
Let’s look at the important differences between handwritten signatures and digital signatures. A handwritten signature is user-dependent, meaning the signer is not going to change his pattern or style of signing based on the content of the document. However, a digital signature is both user and content-dependent, meaning that the digital signature will vary based on the user, the private key, and the content. Hence, if you digitally sign a message, the digital signature would be different for different contents of the message, as message digests would be different. If you and I sign the same content, then also our digital signatures would be different because our private keys are different. Therefore, the digital signature is a number that is derived based on the signer’s secret private key and the contents of the document.
A digital signature can guarantee integrity and authenticity of the signed document. But what if the signer later denies digitally signing a document by claiming that he no longer uses the private key used for signing or saying somebody had misused his private key? We need a reliable and trusted mechanism such that once a signer digitally signs, he or she cannot later deny it, that is the ability for non-repudiation. Here comes the concept of certificates that can certify the public key of an individual. But who can issue this certificate? A certifying authority (CA) uses the certificate to individuals after verification. But how can a CA be trusted? That is why we need an authority that can be trusted by everybody.
Now, you would have understood that digital signatures and digital signature certificates can provide you with anticipatory and non-repudiation. Sometimes, you may also need confidentiality or secrecy of communications – this too can be achieved by the public key infrastructure. This way, the secrecy of the communication is achieved and only the intended recipient can decrypt it. There will be several instances where you need all the elements of trust to be in place namely: confidentiality, authenticity, integrity, and non-repudiation in a transaction.
An example could be an E-procurement application, wherein the secrecy of bid is required along with the authenticity and integrity of the bid. This is achieved through a process called signcryption. Signcryption is similar to the following analogy; consider a situation where you want to rent a house but you could not physically meet the house owner. How will you unlock it? Also, how will you verify that the house belongs to the person who you assume is the owner? The owner locks the room with their private key; this ensures that only their public key can unlock it. This proves their ownership of the house. Then the owner covers the lock with another lock and uses your public key to lock the second lock. This ensures that only you can unlock it. Now, for you to gain access to the house, you need to unlock the outer lock using your private key and gain access to the inner lock, then using the public key of the person, you can unlock the inner lock. This verifies that no one has tampered with the inner lock. In practice, a bidder prepares the bid and digitally signs them. Next, he encrypts the digitally signed bid using the public key of the tenderer and submits it. This combined process of digital signing and encryption ensures all the elements of trust namely: secrecy or confidentiality, authenticity, integrity, and non-repudiation. To summarize, for digital signing, one uses his or her own private key, and for verification, the verifier uses the signers public key. For encryption, one uses the receivers public key, and the receiver will then use his or her private key for decryption.
Digital signatures and public key infrastructure have widespread applications in various sectors and can be used in all applications and services wherever a signature is required. Few notable applications of digital signatures are in Microsoft Office documents, E-tax, E-governance, E-procurement, etc. Digital signatures and PKI have the potential to bring in transparency, accountability, and can provide significant time cost and effort savings. PKI is an ecosystem comprising of algorithms drawn from cryptography, implemented using standards and guidelines governed by policies and laws and enabled through applications spanning several domains.
With all that said, let’s go ahead and show you how to add a signature into an Office document
- Once you open your Office document, put your cursor where you want to create the digital signature.
- Navigate to the Insert tab and go to the Text group. Here, click the Add Signature Line button. This will open the Signature Setup window.
- Fill the Instructions to the signer box. This is the only box you need to fill. Click OK when you are done.
Signing the digital signature in Office Documents
- Right-click on the area where you need to sign and select Sign
- You will be able to select the image of your written signature. If you are using a tablet or touch device, you will be giving the option to sign manually.
To remove a signature in Office documents, just right-click on the signature line and select Remove Signature.
Adding invisible digital signatures to Office documents.
- Click on the File tab and select Info, then choose Protect Document.
- Now, select the options to Add a Digital Signature for the list.
- Input the required info and save the settings.
Pro tip: Talking about protection, we recommend that you download and install Auslogics Anti-Malware. This tool will protect all your files and folders from viruses. Viruses are a means by hackers get access to your computer and get away with sensitive information. This tool will be able to prevent it, and you will be able to surf the Internet in a safe environment. You will be able to schedule regular scans of your computer to make sure that viruses are not hanging around.
We hope that this article has given you information on signatures in Office documents. Share it with others who need it.
We appreciate your ideas and comments, and we are ready to answer all your questions regarding this topic.