Digital SignaturePresentation By: Yash .A. Karanke

BCA-3rd Semester

Part 1 : Brief Explanation

Introduction…..

• A digital signature is a mathematical scheme for

demonstrating the authenticity of a digital message or

document.

• A valid digital signature gives a recipient reason to

believe that the message was created by a known sender,

such that the sender cannot deny having sent the message

and that the message was not altered in transit.

Diagram showing how

Digital Signature works.

How Digital Signature

Works in Real world?

• Ajay has been given two keys. One of Ajay’s keys is called a Public Key, the

other is called a Private Key.

• Ajay’s Public key is available to anyone who needs it, but he keeps his

Private Key to himself.

• Keys are used to encrypt information.

• Encrypting information means "scrambling it up", so that only a person with

the appropriate key can make it readable again.

History of Digital Signature

• In 1976, Whitfield Diffie and Martin Hellman first described the notion of a

digital signature scheme, but the information was incomplete.

• Soon afterwards, Ronald Rivest, Adi Shamir, and Len Adleman invented

the RSA(Rivest-Shamir-Adleman) algorithm, which could be used to

produce primitive digital signatures.(plain RSA signatures are not secure).

• The first widely marketed software package to offer digital signature

was Lotus Notes 1.0, released in 1989, which used the RSA algorithm.

• In 1988, Shafi Goldwasser, Silvio Micali, and Ronald Rivest became the

first to rigorously define the security requirements of digital signature

schemes.

Applications of Digital

Signature

• Digital Signature can be used in

following:

• For sending and receiving digitally signed and

encrypted emails.

• For carrying out secure web-based transactions.

• For signing documents like MSWord, MS Excel and

PDFs.

What is Digital Signature

‘Certificate’ ?

• Digital Signature Certificates (DSC) is the electronic format of

physical or paper certificate like a driving License, passport etc.

• Certificates serve as proof of identity of an individual for a certain

purpose; for example, a Passport identifies someone as a citizen of

that country; who can legally travel to any country.

• A Digital Signature Certificate can be presented electronically to

prove your identity, to access information or services on the Internet

or to sign certain documents digitally.

How does Digital Signature

Certificate work?

• A Digital Signature Certificate explicitly associates the identity of an individual/device with a pair of electronic keys - public and private keys

• The certificate contains information about a user's identity.

• The private key is stored on the user's computer hard disk ; it can only be used with the issued password.

• The public key is disseminated with the encrypted information.

• The authentication process fails if either one of these keys in not available or do not match.

Example -1 Smart card

• What is a Smart card?

• A smart card is any pocket-sized card with embedded integrated

circuits.

• Smart cards can provide identification, authentication, data

storage and application processing.

Smartcard Different color of smart card . Indicates ,

different types of Smartcards.

Smartcard

This is another example of smartcards used in France for health

insurance.

Digital Signature in India

• Hence, the world is global village, sharing information

and doing transactions is much more easier.

• Yes , according to IT Act of year 2000 , Digital

Signatures and its applications are legalized in India.

• This helps making their job done in real-time while

they’re not physically not present.

Firms which provide

Digital Signature

Need of Digital Signature.

• A Digital Signature authenticates your identity

electronically.

• It also provides you with a high level of security for your

online transactions by ensuring absolute privacy of the

information exchanged using a Digital Signature

Certificate.

• You can use certificates to encrypt information such that

only the intended recipient can read it.

Difference between Digital Signature

and Digital Signature Certificate.

• A digital signature is an electronic method of signing an

electronic document whereas a Digital Signature Certificate is

a computer based record that.

• Identifies the Certifying Authority issuing it.

• Has the name and other details that can identify the subscriber.

• Contains the subscriber's public key.

• Is valid for either one year or two years.

• Is digitally signed by the Certifying Authority issuing it.

Influence of Digital

Signature on ISO 9000

• ISO 9000 is a series of standards, developed and published by the

International Organization for Standardization (ISO), that define,

establish, and maintain an effective quality assurance system for

manufacturing and service industries.

• Hence, the technology advanced. Few firms which offers digital

certificates also now offers ISO 9000 digitally , which saves the time

management and increase the quality of the work.

Companies issuing

Digital Signature

Part 2 FAQs

1) Is it safe for any individual to use Digital Signature ?

Yes it is. Since it is highly encrypted system , only the

individual who has been issued the Digital Signature can

only use that Signature.

FAQ

2) Why is Digital Signature required?

Like physical documents are signed manually, electronic

documents, for example e-forms are required to be signed

digitally using a Digital Signature.

FAQ

3) Who issues the Digital Signature in India ?

A licensed Certifying Authority (CA) issues the digital

signature. Certifying Authority (CA) means a person who

has been granted a license to issue a digital signature

certificate under Section 24 of the Indian IT-Act 2000.

FAQ

4) How much time do CAs take to issue a Digital Signature ?

The time taken by CAs to issue a Digital Signature may

vary from three to seven days.

FAQ

5) For How long a Digital Signature or Digital Signature

Certificate is valid ?

Generally , a Digital Signature is valid for 2 years after issuing

date.

FAQ

6) What is the legal status of a Digital Signature?

Digital Signatures are legally admissible in a Court of Law,

as provided under the provisions of IT Act. 2000

FAQ

7) What is PKI?

PKI means Public Key Infrastructure

PKI provides each user with a pair of keys, a private key

and a public key, used in every signed transaction.

FAQ

8) What are the environmental effects of switching to an

electronic signature?

The average e-signature user signs just over 2 documents

per workday, or 500 documents per year (based on CoSign

customer usage statistics).

These numbers equal a usage reduction of half of a tree a

year

FAQ

9) Can a digital signature be forged?

It is practically impossible to forge a digital signature.

It is secure and has be applied online for authentication.

Thus it is more secure than a hand-written signature.

FAQ

10) What are the different types of Digital Signature

Certificates? Class 1: These certificates do not hold any legal validity as the validation process

is based only on a valid e-mail ID and involves no direct verification.

Class 2: Here, the identity of a person is verified against a trusted, pre-verified

database.

Class 3: This is the highest level where the person needs to present himself or

herself in front of a Registration Authority (RA) and prove his/ her identity.

FAQ

ISO Video ~ https://www.youtube.com/watch?v=RSlHoTvRupw

eMudra ~ http://www.e-mudhra.com/

DocuSign ~ https://www.docusign.com/

Verisign ~ http://www.verisign.com/in/

REFRENCES

MCA-GOV (Ministry Of Corporation) ~ http://www.mca.gov.in/MCA21/dca/dsc/faq_DSC.html#q2

Digital Signature.in ~ http://www.digitalsignature.in/faq.html

Digital Signature Gallery ~ http://www.digitalsignaturegallery.in/faqs/faqs-on-digital-signature-india.html

REFRENCES