SECTION 3
Lesson 3.4: Excel Security

   

 

 

If you are distributing copies of a very important workbook, your recipients may want to know that the workbook is coming from a trusted source, and that that the data has not been corrupted or modified from the original source document. Excel 2003 allows you to use digital signatures to achieve this.

 

In general, digital signatures work by encrypting a kind of fingerprint of the document called a message digest with an encryption key before the document is distributed. That is, the document is digitally signed by the sender.

 

The recipient receives the document and the encrypted message digest and decodes the digest with a special decryption key that is the only one that can decode messages that are encrypted with the sender’s special encryption key. If the recipient generates their own message digest from the document, it should match the digest that was received and decoded (both the sender and the receiver use the same algorithm to create a message digest). Because the message must be encoded with the sender’s key for it to be decoded with the other special key, you know that if you can decode the message correctly, the source of the document is authentic. Also, if any unauthorised modifications have been made after the sender digitally signed the document; the message digest that the recipient generates will not be the same as the received message digest that the recipient decoded.

 

If all of this seems unnecessarily confusing, don’t worry. The bottom line is that digital signatures allow you to be sure of the integrity and authenticity of the message.

 

For digital signatures to be truly useful, the special key that can decode messages from the sender has to be bound to the sender in some way so that it can be trusted. This can be done with a certificate obtained from a trusted certification authority. This authority provides a certificate that tells message recipients that the decryption key they use to validate the digital signature is indeed bound to the sender.

 

To digitally sign an Excel workbook, open the workbook and choose Tools->Options from the menu bar. This will display the Options dialogue box.

 

 

Under the Security tab, click the Digital Signatures button.

 

 

When you see the Digital Signature dialogue box, click the Add button.

 

If you see the following Excel save prompt, click yes.

 

 

If you already have certificates from a certification authority or elsewhere, you should see them listed as shown below.

 

 

Select a certificate from the list, and click the OK button to add it as a digital signature. You can click the View Certificate button to see details on the selected certificate.

 

 

The selected certificate has been added to the Digital Signature list, and the document has been signed.

 

If you wish to remove a signature, select the certificate from the list and click the Remove button.