Digital Signature: An Introduction
Digital Signature is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document. It ensures that the original content of the message or document that has been sent is unchanged.
Digital signature normally give two algorithms. First for signing which includes the user’s secret or private key, and second for verifying signatures which includes the user’s public key. The output of the signature process is called the “digital signature”.
Digital signatures are easily transportable, cannot be imitated by someone else, and can be automatically time-stamped. The ability to ensure that the original signed message arrived means that the sender cannot easily repudiate it later.
See also: Digital Signature Video Tutorial
It is the most advanced and secure type of electronic signature. It is used to comply with the most demanding legal and regulatory requirements. It provide the highest levels of assurance about each signer’s identity and the authenticity of the documents they sign.
It uses certificate-based digital ID issued by an accredited Certificate Authority or Trust Service Provider. So, when you digitally sign a document, your identity is uniquely linked to you. The signature is bound to the document with encryption. Everything can be verified using underlying technology known as Public Key Infrastructure.
History of DSC
In 1976, Whitfield Diffie and Martin Hellman first described the notion of a digital signature scheme. In 1984, Shafi Goldwasser, Silvio Micali, and Ronald Rivest became the first to rigorously define the security requirements of digital signature schemes.
The first widely marketed software package to offer digital signature was Lotus Notes 1.0. It was released in 1989. It was based on the RSA algorithm. Lamport signatures, Merkle signatures and Rabin signatures are some other digital signature schemes soon developed after RSA.
Digital Signature Certificate | DSC
A Digital Signature Certificate is a secure digital key that is issued by the certifying authorities for the purpose of validating and certifying the identity of the person holding this certificate. Digital Signatures make use of the public key encryptions to create the signatures.
A digital signature certificate (DSC) contains information about the user’s name, pin code, country, email address, date of issuance of certificate and name of the certifying authority.
Digital Signature Certificates or Digital Signature are being adopted by various government agencies. It is a statutory requirement in various applications now. There are various Type and Class of DSC.
Type of DSC | Digital Signature Certificate
The DSC could only be used for signing a document.
The most popular usage is signing the PDF file for Tax Returns, MCA and other websites.
The DSC would be used to encrypt a document, it is popularly used in tender portal, to help your company encrypt the documents and upload.
You could also use the certificate to encrypt and send classified information.
We are selling Encrypt certificate as a standalone product as well.
- Sign & Encrypt
You could buy both Sign & Encrypt DSC by using this category.
As per the IT law there are three Classes of DSC: Class 1, Class 2, Class 3 certificates.
- Class 1 DSC: Class 1 certificates shall be issued to individuals/private subscribers. These certificates will confirm that user’s name (or alias) and E-mail address form an unambiguous subject within the Certifying Authorities database.
- Class 2 DSC: These certificates will be issued for both business personnel and private individuals use. These certificates will confirm that the information in the application provided by the subscriber does not conflict with the information in well-recognized consumer databases.
- Class 3 DSC: This certificate will be issued to individuals as well as organizations. As these are high assurance certificates, primarily intended for e-commerce applications, they shall be issued to individuals only on their personal (physical) appearance before the Certifying Authorities.
Why is DSC so secure?
A digital signature is built to prevent tampering. It is created, protected, and surrounded by the highest levels of security. Here are some reason why digital signature is so secure:
- Digital ID is trusted: digital IDs come from accredited providers. One need to prove his/her identity before getting it.
- Encryption: digital signature and the signed document are encrypted together. It is bind with a tamper-evident seal.
- Unique: Every time when you sign a document, you use your own unique digital certificate and PIN to validate your credentials.
- Easily Validated: Both the signed document and your digital signature can be re-validated by a CA or TSP for up to 10 years after the signing event.
Why use Digital Signature?
A valid digital signature gives a recipient reason to believe that the message was created by a known sender (authentication), that the sender cannot deny having sent the message (non-repudiation), and that the message was not altered in transit (integrity).
It is commonly used for software distribution, financial transactions, contract management software. In some cases it is important to detect forgery or tampering.
Digital seals and signatures are equivalent to handwritten signatures and stamped seals.
Create Digital Signature | How to get a Digital Signature?
- Log on to the website of a Certifying Authority licensed to issue Digital Certificate.
- Click on ‘Digital Certification Services’ section. Select the type of entity for which you want to obtain the DSC.
- Download the form. Fill all the required information. While filling up the form, you must affix your recent photograph and put your signature under the declaration. Check out the details thoroughly. Take a print of the completed form for future reference.
- Submit the proof of Identity and address. Each document must be attested. Ensure the sign and seal of the attesting officer is visibly clear on the supporting proof documents.
- A demand draft or cheque must be obtained towards payment for application of DSC in the name of the Local Registration Authority where you are going to submit your application for verification.
- Post the documents required. Enclose the following in an envelope.
- DSC Registration Form duly completed
- Supporting document for Proof of Identity and proof of address attested by the attesting officer
- Demand Draft/Cheque for payment.
Trust Service Providers | TSP
Trust Service Providers are companies that offer a wide range of secure identity and transactions services, including certificate authority services. For example, the eIDAS of EU defines a class of TSP that are accredited to issue digital IDs in each of the EU member states. Documents signed with these IDs meet the highest level standard called “Qualified Electronic Signature,” which has the same legal value as handwritten signatures and are assured mutual recognition across all member states.
Certificate Authority | CA
Certificate Authorities issue and maintain digital identities. CA confirm a signer’s identity in advance. Then it issue the certificate-based digital ID, private PIN, and/or hardware security device (such as a USB token or smart card) used to create digital signatures. The CA assures that the person with the digital ID is who they claim to be. Sometimes, a CA is a part of a portfolio of trust services offered by a commercial vendor. At other times, a CA is built and maintained internally by IT-provided services in a company or government organization.
Digital Signature vs. e-signature
Electronic signature or e-signature refers to any electronic process that indicates acceptance of an agreement or a record. Digital signature refers to a specific type of electronic signature.
E-signature uses common electronic authentication methods to verify signer identity such as email, corporate IDs, or a phone PIN. Multifactor authentication is used when increased security is needed. The best e-signature solutions demonstrate proof of signing using a secure process that includes an audit trail along with the final document.
Digital signatures use a specific type of electronic signature. They use a certificate-based digital ID to authenticate signer identity and demonstrate proof of signing by binding each signature to the document with encryption. Validation is done through trusted certificate authorities or Trust Service Providers.
How DSC work? | Digital Signature Working
The use of digital signatures usually involves two processes, one performed by the signer and the other by the receiver of the digital signature:
- Digital signature creation uses a hash result derived from and unique to both the signed message and a given private key. For the hash result to be secure, there must be only a negligible possibility that the same digital signature could be created by the combination of any other message or private key.
- Digital signature verification is the process of checking the digital signature by reference to the original message and a given public key, thereby determining whether the digital signature was created for that same message using the private key that corresponds to the referenced public key.
Digital Signature Example
Assume you were going to send the draft of a contract to your lawyer in another town. You want to give your lawyer the assurance that it was unchanged from what you sent and that it is really from you.
- You copy-and-paste the contract into an e-mail note.
- Using special software, you obtain a message hash of the contract.
- You then use a private key that you have previously obtained from a public-private key authority to encrypt the hash.
- The encrypted hash becomes your digital signature of the message. (Note that it will be different each time you send a message.)
At the other end, your lawyer receives the message.
- To make sure it’s intact and from you, your lawyer makes a hash of the received message.
- Your lawyer then uses your public key to decrypt the message hash or summary.
- If the hashes match, the received message is valid.
Paper Signature vs. Digital Signature
|Authenticity||May be forged||Cannot be copied|
|Integrity||Signature independent of the document||Signature depends on the contents of the document|
Was this article helpful? Must share your views in comment section below. Visit our video tutorial on Digital Signature for more information. You can also visit our Tech-Blogs for more informative blog posts.