Digital signatures employ Public Key Cryptography, a field of cryptographic systems that use pairs of related keys, to create an electronic analog of a written signature. Each key pair consists of a private key and a corresponding public key. The Digital Signature Standard Federal Information Processing Standards (FIPS) 186-5  currently approves RSA, ECDSA and EdDSA digital signature techniques, of which RSA and ECDSA implementations are the most common implementations found in embedded processors today. Note however, that each algorithm has a set of domain-parameters that determines the security strength of the algorithm (see  for more information), and that the processor may have limitations in terms of what algorithm(s) and security strengths which can be provided.
Secure boot leverages digital signatures to provide the following security services :
- Data Integrity
- Source Authentication
Data Integrity is a property whereby data has not been modified since it was created, transmitted or stored. Digital signatures rely on a Secure Hash Algorithm (SHA) to ensure data is in a state of integrity. SHA’s transforms data into a unique fixed-length digital fingerprint that is computationally infeasible to forge and replace, thus enabling the secure boot process to detect both accidental and intentional data corruption.
Source Authentication provides assurance that the data originates from a legitimate source (the private key-holder). When a digital signature is created for a firmware image, the image is first hashed using a Secure Hash Algorithm (i.e. SHA256), and then subsequently encrypted using the private key. The resulting signature is then attached to the original firmware image to create a signed image. During the signature verification process, the signature is decrypted using the corresponding public key. To check whether or not the decrypted signature is authentic, the verifying entity computes its own hash over the original image. If the computed hash matches the result of the decrypted signature, the verifier is given the assurance that the image is both in a state of integrity and originates from a legitimate and trusted source.
Non-repudiation, in a cryptographic sense, ensures that the private key-holder cannot deny having signed the data while also claiming the private key remains secret. For any digital signature scheme, secrecy of the private key is critical. If the private key is known to an adversary, then secure boot provides no security against executing malicious software. In the event that a private key is compromised, the corresponding public key installed on the device(s) must be revoked to ensure the device can maintain its security posture.
The following diagrams illustrate the signing and verification process for digital signatures: