Digital Signature

Post Updated on: August 15, 2009, Originally Posted on August 14, 2009 by Anup Mukherjee| 4 Comments

Download this article as PDF

In India, the Digital Signature is governed by the Information Technology Act 2000.

Digital Signature: It means authentication of any electronic record by a subscriber by means of an electronic method or procedure in accordance with sec 3.

As per Sec 3, authentication of electronic records is to be done by use of digital signature. Digital signature is effected by use of asymmetric crypto system and hash function. This envelops and transforms the initial electronic record into another electronic record.

Hash function” means an algorithm mapping or translation of one sequence of bits into another, generally smaller, set known as “hash result“. This leads to the electronic record yielding the same hash result every time the algorithm is executed with the same electronic record as its input making it computationally infeasible—

(a) to derive or reconstruct the original electronic record from the hash result produced by the algorithm;

(b) that two electronic records can produce the same hash result using the algorithm.

The private key and the public key are unique to the subscriber and constitute a functioning key pair. And any person by the use of a public key of the subscriber can verify the electronic record.

How it is used: The Digital Signature is attached / electronically affixed to the e-file which is to be authenticated. For example in cases of filing of records with MCA relating to Company Matters, the digital signature of the Directors is affixed on to the .pdf file. This locks the file from any further editing.

1) The private key of the signatory gets attached to the message digest. This can be verified by anyone using the public key – so as to identify the signatory of the record.

2) One can verify whether the electronic record is retained intact or has been tampered with

3) The freezing of the file from any further editing is done to ensure the integrity of the content contained in the electronic record.

4) Any tampering of the content will invalidate the digital signature.

Sec 4 gives legal recognition to electronic records. Whereby any requirement as to any records in typewritten or printed form, then, such requirement shall be deemed to have been satisfied if such information or matter is:

(a) rendered or made available in an electronic form; and

(b) accessible so as to be usable for a subsequent reference

Sec 5 of the Act gives legal recognition to use of Digital Signature. As per the section, where any law provides that any matter shall be authenticated by affixing the signature, such requirement shall be deemed to have been satisfied, if such information or matter is authenticated by means of digital signature affixed in such manner as may be prescribed by the Central Government

Sec 10 provides the Central Govt the powers to make rules w.r.t digital signature. It may prescribe -

(a) the type of digital signature;

(b) the manner and format in which the digital signature shall be affixed;

(c) the manner or procedure which facilitates identification of the person
affixing the digital signature;

(d) control processes and procedures to ensure adequate integrity, security and confidentiality of electronic records or payments; and

(e) any other matter which is necessary to give legal effect to digital signatures.

Related Posts

  1. Electronic Governance
  2. Indian Rupee (INR) Gets Symbol
  3. Using Paypal in India and Verification Process
  4. ICAI Exams: Online Application
  5. EPFO: Know your EPF (Provident Fund) Balance
This entry was posted in InfoTech and tagged . Bookmark the permalink.

4 Responses to Digital Signature

  1. s kumar | September 22, 2009 at 10:40 am | Reply

    Nice information about the use of digital signature and next generation would be a paperless world where in digital signature will support the same.

    S. kumar

    • Namrata | January 22, 2010 at 3:40 pm | Reply

      Information is indeed clear & systematic but still I have some query. Could you please elucidate more on what exactly is the process of affixing digital signature. Other than just generating hash of the message and attaching private key; whats the criteria for attaching the signature to message? Should it be appended in the same document of message or can it be attached separately?

      • Anup Mukherjee | January 23, 2010 at 9:57 am | Reply

        Thanks. You asked “whats the criteria for attaching the signature” – its actually appended to documents that require signature of authorised persons.

        For example signature of Director in Company Documents required for filing with ROC. Since these are e-documents, the signature has to be ‘digital’. When one appends the Digital Signature to the documents – the document “freezes” ie. no change can be done to the document. If changes are done, then the e-document either gives error or the digital signature gets removed automatically – therefore signifying that the document is not authentic.

        Similarly, now a days Digital Signatures are also used in filing with Income Tax Returns, and also other places as specified by Govt of India.

  2. Bradford Kasey | December 26, 2010 at 1:39 pm | Reply

    I really enjoyed reading this post. Thank you so much for sharing this information and publishing it.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Simple Rules for Query or Comment