Skip to content
Related Articles

Related Articles

Difference between Direct and Arbitrated Digital Signature

Improve Article
Save Article
  • Last Updated : 04 Jul, 2022
Improve Article
Save Article

Prerequisite – Digital Signatures 

The Direct Digital Signature is only included two parties one to send a message and the other one to receive it. According to the direct digital signature both parties trust each other and know their public key. The message is prone to get corrupted and the sender can decline the message sent by him at any time. 


The Arbitrated Digital Signature includes three parties in which one is the sender, the second is a receiver and the third is the arbiter who will become the medium for sending and receiving messages between them. The message is less prone to get corrupted because a timestamp is included by default.

Difference between Direct and Arbitrated Digital Signature:

S No.Direct Digital SignatureArbitrated Digital Signature
1.It only requires the communicating parties.It requires an arbiter along with communicating parties to send or receive messages.
2.In this the digital signature encrypts the whole plain text with the sending party’s private key.The encrypted message is send by X to arbiter Z with Y’s id, timestamp and some random number PQ.
3.The message is directly transmitted between both parties without any help from an intermediate.An arbiter is needed to transmit the message.
4.The timestamp is not maintained by both sides.The timestamp is maintained by all three members by default.
5.In case the confidentiality is needed the message will be encrypt with receiver’s public key or a shared key.The arbiter provides confidentiality of the message.
6.Vulnerable to any kind of replay attack.The timestamp is used to protect the message from any kind of replay attack.
7.It clocks a processing speed of 16 MHz.While Raspberry Pi clocks a processing speed of 1.4 GHz.
8.It is implemented using public key.It is implemented using private key.


  • Trust is needed between sender and receiver because of the absence of an independent verification process.
  • Requirement of private key to be held by sender and public key by both sender and receiver and incase the sender lost the key then he asserts that signature is forged. Having the private key stolen and then falsifying signatures is a potential security risk when utilizing a direct digital signature.


  • When using an arbitrator, the sender and the receiver must have trust that the arbitrator will not only time-stamp and send the document as directed, but also take care that there should not be any kind of modification in the data.
  • There is possibility of biasing that an arbiter will be biased in favor of one party or the other if any discretion is used.
My Personal Notes arrow_drop_up
Related Articles

Start Your Coding Journey Now!