Digital signature
-
Upload
yash-karanke -
Category
Education
-
view
225 -
download
1
Transcript of Digital signature
Introduction…..
• A digital signature is a mathematical scheme for
demonstrating the authenticity of a digital message or
document.
• A valid digital signature gives a recipient reason to
believe that the message was created by a known sender,
such that the sender cannot deny having sent the message
and that the message was not altered in transit.
How Digital Signature
Works in Real world?
• Ajay has been given two keys. One of Ajay’s keys is called a Public Key, the
other is called a Private Key.
• Ajay’s Public key is available to anyone who needs it, but he keeps his
Private Key to himself.
• Keys are used to encrypt information.
• Encrypting information means "scrambling it up", so that only a person with
the appropriate key can make it readable again.
History of Digital Signature
• In 1976, Whitfield Diffie and Martin Hellman first described the notion of a
digital signature scheme, but the information was incomplete.
• Soon afterwards, Ronald Rivest, Adi Shamir, and Len Adleman invented
the RSA(Rivest-Shamir-Adleman) algorithm, which could be used to
produce primitive digital signatures.(plain RSA signatures are not secure).
• The first widely marketed software package to offer digital signature
was Lotus Notes 1.0, released in 1989, which used the RSA algorithm.
• In 1988, Shafi Goldwasser, Silvio Micali, and Ronald Rivest became the
first to rigorously define the security requirements of digital signature
schemes.
Applications of Digital
Signature
• Digital Signature can be used in
following:
• For sending and receiving digitally signed and
encrypted emails.
• For carrying out secure web-based transactions.
• For signing documents like MSWord, MS Excel and
PDFs.
What is Digital Signature
‘Certificate’ ?
• Digital Signature Certificates (DSC) is the electronic format of
physical or paper certificate like a driving License, passport etc.
• Certificates serve as proof of identity of an individual for a certain
purpose; for example, a Passport identifies someone as a citizen of
that country; who can legally travel to any country.
• A Digital Signature Certificate can be presented electronically to
prove your identity, to access information or services on the Internet
or to sign certain documents digitally.
How does Digital Signature
Certificate work?
• A Digital Signature Certificate explicitly associates the identity of an individual/device with a pair of electronic keys - public and private keys
• The certificate contains information about a user's identity.
• The private key is stored on the user's computer hard disk ; it can only be used with the issued password.
• The public key is disseminated with the encrypted information.
• The authentication process fails if either one of these keys in not available or do not match.
Example -1 Smart card
• What is a Smart card?
• A smart card is any pocket-sized card with embedded integrated
circuits.
• Smart cards can provide identification, authentication, data
storage and application processing.
Digital Signature in India
• Hence, the world is global village, sharing information
and doing transactions is much more easier.
• Yes , according to IT Act of year 2000 , Digital
Signatures and its applications are legalized in India.
• This helps making their job done in real-time while
they’re not physically not present.
Need of Digital Signature.
• A Digital Signature authenticates your identity
electronically.
• It also provides you with a high level of security for your
online transactions by ensuring absolute privacy of the
information exchanged using a Digital Signature
Certificate.
• You can use certificates to encrypt information such that
only the intended recipient can read it.
Difference between Digital Signature
and Digital Signature Certificate.
• A digital signature is an electronic method of signing an
electronic document whereas a Digital Signature Certificate is
a computer based record that.
• Identifies the Certifying Authority issuing it.
• Has the name and other details that can identify the subscriber.
• Contains the subscriber's public key.
• Is valid for either one year or two years.
• Is digitally signed by the Certifying Authority issuing it.
Influence of Digital
Signature on ISO 9000
• ISO 9000 is a series of standards, developed and published by the
International Organization for Standardization (ISO), that define,
establish, and maintain an effective quality assurance system for
manufacturing and service industries.
• Hence, the technology advanced. Few firms which offers digital
certificates also now offers ISO 9000 digitally , which saves the time
management and increase the quality of the work.
1) Is it safe for any individual to use Digital Signature ?
Yes it is. Since it is highly encrypted system , only the
individual who has been issued the Digital Signature can
only use that Signature.
FAQ
2) Why is Digital Signature required?
Like physical documents are signed manually, electronic
documents, for example e-forms are required to be signed
digitally using a Digital Signature.
FAQ
3) Who issues the Digital Signature in India ?
A licensed Certifying Authority (CA) issues the digital
signature. Certifying Authority (CA) means a person who
has been granted a license to issue a digital signature
certificate under Section 24 of the Indian IT-Act 2000.
FAQ
4) How much time do CAs take to issue a Digital Signature ?
The time taken by CAs to issue a Digital Signature may
vary from three to seven days.
FAQ
5) For How long a Digital Signature or Digital Signature
Certificate is valid ?
Generally , a Digital Signature is valid for 2 years after issuing
date.
FAQ
6) What is the legal status of a Digital Signature?
Digital Signatures are legally admissible in a Court of Law,
as provided under the provisions of IT Act. 2000
FAQ
7) What is PKI?
PKI means Public Key Infrastructure
PKI provides each user with a pair of keys, a private key
and a public key, used in every signed transaction.
FAQ
8) What are the environmental effects of switching to an
electronic signature?
The average e-signature user signs just over 2 documents
per workday, or 500 documents per year (based on CoSign
customer usage statistics).
These numbers equal a usage reduction of half of a tree a
year
FAQ
9) Can a digital signature be forged?
It is practically impossible to forge a digital signature.
It is secure and has be applied online for authentication.
Thus it is more secure than a hand-written signature.
FAQ
10) What are the different types of Digital Signature
Certificates? Class 1: These certificates do not hold any legal validity as the validation process
is based only on a valid e-mail ID and involves no direct verification.
Class 2: Here, the identity of a person is verified against a trusted, pre-verified
database.
Class 3: This is the highest level where the person needs to present himself or
herself in front of a Registration Authority (RA) and prove his/ her identity.
FAQ
ISO Video ~ https://www.youtube.com/watch?v=RSlHoTvRupw
eMudra ~ http://www.e-mudhra.com/
DocuSign ~ https://www.docusign.com/
Verisign ~ http://www.verisign.com/in/
REFRENCES
MCA-GOV (Ministry Of Corporation) ~ http://www.mca.gov.in/MCA21/dca/dsc/faq_DSC.html#q2
Digital Signature.in ~ http://www.digitalsignature.in/faq.html
Digital Signature Gallery ~ http://www.digitalsignaturegallery.in/faqs/faqs-on-digital-signature-india.html
REFRENCES