There is a modification in the above scheme. The signature scheme is applied to the hash of the message, rather than to the message itself.Now Alice have a message signature pair (m, S). So, the signature S is a valid signature for message m. So a forger ( lets say Eve) cannot forge Alice signature. i.e. She cannot use signature S with another message lets say m₁, because S^e is not equal to m₁. Even when the signature scheme is applied to the hash of the message it is infeasible to forge the signature, because it is infeasible to produce two message m, m₁with same hash value.

In practice, the public key in RSA digital signature scheme is much smaller than the private key. This enable a user to verify the message easily. This is a desired because a message may be verified more than once, so the verification process should be faster than signing process.

The RSA Digital Signature Algorithm:-

Additional instructions for RSA signature algorithm is as follows:

An RSA digital signature key pair consists of an RSA private key, which is used to compute a digital signature, and an RSA public key, which is used to verify a digital signature. An RSA digital signature key pair shall not be used for other purposes (e.g. key establishment).

An RSA public key consists of a modulus n, which is the product of two positive prime integers p and q (i.e., n = pq), and a public key exponent e. Thus, the RSA public key is the pair of values (n, e) and is used to verify digital signatures. The size of an RSA key pair is commonly considered to be the length of the modulus n in bits (nlen). The corresponding RSA private key consists of the same modulus n and a private key exponent d that depends on n and the public key exponent e. Thus, the RSA private key is the pair of values (n, d) and is used to generate digital signatures. In order to provide security for the digital signature process, the two integers p and q, and the private key exponent d shall be kept secret. The modulus n and the public key exponent e may be made known to anyone.
          
The Standard specifies three choices for the length of the modulus (i.e., nlen): 1024, 2048 and 3072 bits.

An approved hash function, as specified in [7], shall be used during the generation of key pairs and digital signatures. When used during the generation of an RSA key pair, the length in bits of the hash function output block shall meet or exceed the security strength associated with the bit length of the modulus n. The security strength associated with the RSA digital signature process is no greater than the minimum of the security strength associated with the bit length of the modulus and the security strength of the hash function that is employed. Both the security strength of the hash function used and the security strength associated with the bit length of the modulus n shall meet or exceed the security strength required for the digital signature process.