What is the difference between a "Thumbprint Algorithm" "Signature Algorithm" and "Signature Hash Algorithm" for a certificate?

You are confused because some people (yeah I am looking at you, Microsoft) have been using the terms inconsistently.

A signature algorithm is a cryptographic algorithm such that:

  • The signer owns a public/private key pair. The public key is public, the private key is private; even though both keys are mathematically linked together, it is not feasible to recompute the private key from the public key (which is why the public key could safely be made public).
  • On a given input message, the signer can use his private key to compute a signature, which is specific to both the signer's key pair, and the input message.
  • There is a verification algorithm that takes as input the message, the signature and the public key, and answers "true" (they match) or "false" (they don't).

The cornerstone of signature security is that it should not be feasible, without knowledge of the private key, to generate pairs message+signature that the verification algorithm will accept.

You may encounter some "explanations" that try to say that digital signatures are some kind of encryption; they usually describe it as "you encrypt with the private key". Don't believe it; these explanations are actually wrong, and confusing.

For technical reasons, signature algorithms (both for signing and for verifying) often begin with a hash function. A hash function is a completely public algorithm with no key. The point of hash functions is that they can eat up terabytes of data, and produce a "digest" (also called "fingerprint" or even "thumbprint") that has a fixed, small size. Signature algorithms need that, because they work with values in some algebraic structure of a finite size, and thus cannot accommodate huge messages. Therefore, the message is first hashed, and only the hash value is used for generating or verifying a signature.

That hash algorithm, when it is used as first step of a signature generation or verification algorithm, will be called "signature hash algorithm". When we say something like "RSA/SHA-256", we mean "RSA signature, with SHA-256 as accompanying hash function".

A "thumbprint algorithm" is another name for a hash function. It is often encountered when talking about certificates: the "thumbprint" of a certificate really is the result of a hash function applied to the certificate itself (in Windows systems, the SHA-1 hash function is used).


While the accepted answer goes into some detail about how the calculation is done, it doesn't address the original question at all - Signature Algorithm, Signature Hash Algorithm, and Thumbprint Algorithm that are present in SSL/TLS certificates - which one is which piece of the equation (especially if Microsoft also mix it up)?

The answer seems fairly simple - from:

https://social.technet.microsoft.com/Forums/windowsserver/en-US/4f8fb14a-256e-4c77-86bc-40c364ec5ed0/certificates-differences-between-signature-algorithm-and-signature-hash-algorithm?forum=winserversecurity

and marked as correct answer over there:

Differences between "Signature algorithm" and "Signature Hash Algorithm"

They are used to determine the signature algorithm and hash function used to sign the certificate. This information is used by certificate chaining engine to validate the signature of the certificate. Certificate chaining engine calculates a hash over a certificate (signed part). Hash method is selected from Signature Hash Algorithm field. Then certificate chaining engine decodes attached signature by using signature algorithm specified in the Signature Algorithm field and recovers signed hash. If both hashes match, then signature is valid, if they differ, the signature is considered invalid.

My addition from another source - Thumbprint Algo - simple non crypto property used to identify the cert on a given system (not authenticate it or verify its validity)