A digital signature—a type of electronic signature—is a mathematical algorithm routinely used to validate the authenticity and integrity of a message (e.g., an email, a credit card transaction, or a digital document).
A digital signature is basically a way to ensure that an electronic document is authentic. By authentic we mean to say that the receiver knows who has created this document and it has not been altered in any way since that person created it.
It is an authentication mechanism that enables the creator of the message to attach a code that acts as a signature. The Digital Signature Algorithm (DSA), developed by the National Institute of Standards and Technology, is one of many examples of a signing algorithm.
The three core security services provided by digital signatures are:
- Signer authentication. Proof of who actually signed the document i.e. digital signatures linking the user’s signature to an actual identifiable entity.
- Data integrity. Proof that the document has not been changed since signing.
There are certain types of encryptions which are used to ensure the authentication. The authentication is done via a password, a Checksum, a Cyclic Redundancy Check (CRC) which is similar to Checksum but little advanced, Private key encryption, which means that the computer has a secret key (code) that it can use to encrypt a packet of information before it is sent over the network to the other computer, a Public key encryption, which is given by a sender’s computer to any computer that wants to communicate securely with it. The key is based on a hash value. In simple language, the digital signature is an authentication of an electronic record by tying it uniquely to a key only a sender knows. This implies that the sender must not be able to deny sending a message that he sent (This is called Nonrepudiation) Thus, digital signatures can be used to:
- To tie an electronic message to the sender’s identity
- For non repudiation of communication by a sender
- To prove that a message was sent by the sender in a court of law
How Does it Work?
Digital signatures rely on a secret, either a secret passphrase, or, more commonly, a secret file. Anyone (without needing to know the secret) can check that two documents were signed by the same secret, and thus presumably by the same person, and that neither document has been changed since it was signed. A digital signature is a seemingly random pattern of characters, which typically looks something like this: — this is a signed document — James A. Donald
- A conventional signature is included in the document; it is part of the document. But when we sign a document digitally, we send the signature as a separate document.
- For a conventional signature, when the recipient receives a document, he/ she compares the signature on the document with the signature on file. For a digital signature, the recipient receives the message and the signature. The recipient needs to apply a verification technique to the combination of the message and the signature to verify the authenticity.
- For a conventional signature, there is normally a one-to-many relationship between a signature and documents. For a digital signature, there is a one-to-one relationship between a signature and a message.
- In conventional signature, a copy of the signed document can be distinguished from the original one on file. In digital signature, there is no such distinction unless there is a factor of time on the document.
- Please note that a digital signature does not provide confidentially / privacy. If there is a need for privacy, another layer of encryption / decryption must be applied.
Digital Signature Certificates (DSC)
Digital Signature Certificates (DSC) are the digital equivalent of physical or paper certificates such as drivers’ licenses, passports or membership cards. Certificates serve as proof of identity of an individual for a certain purpose; for example, a driver’s license identifies someone who can legally drive in a particular country. Likewise, a digital certificate can be presented electronically to prove a person’s identity, to access information or services on the Internet or to sign certain documents digitally. A licensed Certifying Authority (CA) issues the digital signature. In India, a Certifying Authority (CA) means a person who has been granted a license to issue a digital signature certificate under Section 24 of the Indian IT-Act 2000.
Types of Digital Signatures
There are basically 3 types of Digital Signature Certificates viz. Class-1, Class-2 & Class-3 having increased level of level of security from 1 to 3. The MCA21 program, which has been launched for easy and secure access to MCA services in a manner that best suits the businesses and citizens, the class 2 and class 3 digital certificates are needed. In Class 2, identity of a person is verified against a trusted, pre-verified database. In Class 3, which is the highest level, the person needs to present himself or herself in front of a Registration Authority (RA) and prove his/ her identity. DSC of Class 2 and Class 3 category issued by a licensed Certifying Authority (CA) needs to be obtained for efiling on the MCA Portal. Please note that there is a cost of getting digital signatures. Then, in India, the Digital Signatures are legally admissible in a Court of Law, as provided under the provisions of IT Act 2000.