Postprint Version of the Paper/Submitted to the IJAPRR International Peer Reviewed Refereed Journal Comparison between Various Digital Signature Schemes Sarvesh Tanwar and Anil Kumar 1 Departement of Computer Science & Engineering, Mody University of Science & Technology, Laxmangarh, Sikar, Rajasthan, India 2 Department of Computer Science & Engineering, Mody University of Science & Technology, Laxmangarh, Sikar, Rajasthan, India Abstract - Digital signature guarantees that the document was not modified in route and no one else can read the document. Signatures are bind in digital certificate. Certification authorities (CAs) are responsible for generation, issuing, verification and revocation of certificates. They can be independent third parties or organizations running their own certificate issuing server software. Trust in certificate is achieved by adopting Public Key Infrastructure (PKI) to rely on CAs to establish a valid certificate chains to form certificate paths. A CA is a single point of failure in PKI system. A compromised CA break the entire infrastructure. In this paper we do comparison between the Digital Signature schemes. As digital signature is the heart of the public key infrastructure. Keywords - Digital Signature, Certificate, Certification authority, PKI I. Digital Signature The most important cryptographic operation in PKI is the digital signature. Digital signature serves to verify that signer of the document has created and signed that document and that document has not been tampered with [8]. It is used for non-repudiation, authentication and data integrity, generated using public key cryptography. If two parties are exchanging some digital document, it may be important to protect that data so that the recipient knows that the document has not been altered since it was sent and that document received was indeed created by the sender. Digital signatures guarantee the following information security properties [4][5]: Authenticity: The importance of authentication, verifying the identity of users and machines becomes crucial when an organization opens its doors to the Internet. Strong authentication mechanisms ensure that persons and machines are the entities they claim to be. Integrity: PKI provides integrity through digital signatures, which can be used to prove that data has not been tampered or altered within transit. Non-repudiation: Non-repudiation provides a proof-of-participation in an action or transaction by establishing that a user’s private key was used to digitally sign an electronic business transaction [9]. PKI can be used to provide non-repudiation through digital signatures. This proves that a specific user performs the particular task at a given time. Credibility: Receiver can verify the received signature is indeed a legitimate signer has signed that. Enforceability: Digital signature generation process is a trained reflex which is not subject to conscious muscular control. That’s why it’s hard to forge. Only sender can generate and sign his own signature as he knows his private key. 1