Signing and verification of messages and other secured data elements in Engage is driven by certificates, as well. Engage uses message-signing for an additional level of authentication between clients and RallyPoints, as well as signing of timeline events for anti-tampering purposes such as chain-of-evidence preservation. In both cases, Engages uses the Elliptic Curve Digital Signature Algorithm (EDCSA) to both sign and verify signed data.

In the case of TLS connections, Engage implements additional guards against attacks by using a message-signing strategy that incorporates keying material negotiated by the session's TLS handshake, and which is unique to that session. This is done in compliance with RFC 5705 whereby a portion of the session's unique key material is incorporated into session management messages and then signed with ECDSA.

For timeline signing, each timeline file (stored as a JSON or RIFF file depending on content) incorporates the public portion of the signing certificate in PEM format along with the ECDSA signature for the content based on the certificate public/private key pair.