Digital signature Brief Introduction

A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or document.

A valid digital signature gives a recipient reason to believe that the message was created by a known sender and was nor altered in transit.

Digital signatures are commonly used for software distribution, financial transaction and in cases where it is important to detect forgery and tampering.

A digital signature authenticates electronic document in a similar manner a handwritten signature authenticates a printed document.

To provide authenticity,Integrity and Non-repudiation to electronic documents.

To use the Internet as the safe and secure medium for e-commerce and e-governance.

Owner public key. Owner name. Expiration date of public key. Name of the issuer(the CA that issue the digital ID) Serial number of digital signature.

Cryptographic GoalsCryptographic Goals

Cryptographic goals

Data integrity Authentication Non-repudiation

Message authentication

Entity authenticationArbitrary lengthhash functions

Message Authentication codes (MACs)

Digital signatures

Authentication primitives

Digital signatures

MACs

Digitalsignatures

Symmetric-key ciphers:Block ciphersStream ciphers

Public-keyciphers

Confidentiality

Paper Electronic

May be Forged Cannot be copied

Signature Independent of the Document

Signature Depends on the Document

Hand writting expert needed

Any computer User

Error Prone Error Free

AuthenticitAuthenticityy

IntegrityIntegrity

Non-Non-repudiationrepudiation

The Information Technology Act, 2000 provides for use of Digital Signatures on the documents submitted in electronic form in order to ensure the security and authenticity of the documents filed electronically. Certification Agencies are appointed by the office of the Controller of Certification Agencies (CCA) under the provisions of IT Act, 2000. There are a total of seven Certification Agencies authorised by the CCA to issue the Digital Signature Certificates.

Tata Consultancy Services Ltd. National Informatics Centre. Institute for Development & Research in Banking

Technology (IDRBT)

MTNL Customs & Central Excise Code Solutions Ltd., (A division of Gujarat Narmada Valley

Fertilisers Company Ltd.) Safescrypt e-Mudhra CA

Using asymmetric – key cipher. Using keyed hash function.

public-key cryptography involves the use of asymmetric key algorithms.

Asymmetric key algorithms used to create mathematically related key pair.

A secret private key and a published public key. Protects the confidentiality and integrity of a message. The message is encrypted using the public key,which can

only be decrypted using the private key.

To preserve the integrity of a message,the message is passed through an algorithm called Hash Function.

The hashed function creates a compressed image of message that can be used as a fingerprint.

For Compatibility For Integrity For efficiency