# Digital Signatures and PKI Digital signatures are cryptographic mechanisms used to verify the authenticity and integrity of electronic data. In healthcare, where the accuracy and confidentiality of information are paramount, they play a crucial role in ensuring electronic records remain trustworthy. Public Key Infrastructure (PKI) is at the heart of digital signatures. 1. **Key Pairs**: PKI uses two related cryptographic keys: a private key (kept secret by the owner) and a public key (shared openly). 2. **Signing**: When data needs to be signed, the owner's private key is used to generate a unique digital signature for that data. This process often involves creating a hash of the data and encrypting it using the private key. 3. **Verification**: Anyone can verify the signature using the corresponding public key. They decrypt the signature to retrieve the original hash and compare it against a new hash of the received data. If they match, the data is unchanged and verified. While individuals and organisations are common entities using digital signatures, non-human entities such as websites, servers, or software can also use them. Digital Certificates for Websites: Websites use digital certificates to establish secure (HTTPS) connections. The website's certificate, which contains its public key and has been digitally signed by a Certificate Authority (CA), is provided to visitors. This assures visitors they're interacting with a genuine website, not a malicious impersonator. Data Fields: Individual data fields within larger datasets can be digitally signed, ensuring the integrity of specific pieces of information within broader systems (eg., registries). --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.cdpi.dev/technical-notes/electronic-signature-pki-and-trust-infra/digital-signatures-and-pki.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.