Quiz Entry - updated: 2026.05.31
What is the "Hash-then-Sign" approach, and why not just sign the whole message directly?
You hash the message into a fixed-size digest first, then sign the digest — far faster and safer than signing the full message with slow asymmetric math.
Signing (sender): Message → hash function → message digest → encrypt digest with private key → signature. Verifying (recipient): independently hash the received message → digest A; decrypt the signature with the sender's public key → digest B; if A = B, the signature is valid.
Why hash first:
- Speed — asymmetric operations are slow; signing a small fixed digest (e.g. 256 bits) is far cheaper than signing megabytes.
- Fixed size — the signature scheme only ever operates on one block-sized value.
- Integrity — the hash's avalanche effect means any change to the message changes the digest, so the verification fails.
Tip: This is exactly how real signatures (and the signature inside an X.509 certificate) work — hash, then sign the hash.