by A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient very strong reason to believe that the message was created by a known sender (authentication), and that the message was not altered in transit (integrity).
Digital signatures are a standard element of most cryptographic protocol suites, and are commonly used for software distribution, financial transactions, contract management software, and in other cases where it is important to detect forgery or tampering.
Digital signatures are often used to implement electronic signatures, which includes any electronic data that carries the intent of a signature, but not all electronic signatures use digital signatures. In some countries, including Canada, South Africa, the United States, Algeria, Turkey, India, Brazil, Indonesia, Mexico, Saudi Arabia, Uruguay, Switzerland, Chile and the countries of the European Union, electronic signatures have legal significance.
A Digital Signature Certificate is a secure digital key that is issued by the certifying authorities for the purpose of validating and certifying the identity of the person holding this certificate. Digital Signatures make use of the public key encryptions to create the signatures.
A digital signature certificate (DSC) contains information about the user’s name, pin code, country, email address, date of issuance of certificate and name of the certifying authority.
Application of Digital Signature
The important reason to implement digital signature to communication is:
- Authentication
- Non-repudiation
- Integrity
Authentication
Authentication is a process which verifies the identity of a user who wants to access the system. In the digital signature, authentication helps to authenticate the sources of messages.
Non-repudiation
Non-repudiation means assurance of something that cannot be denied. It ensures that someone to a contract or communication cannot later deny the authenticity of their signature on a document or in a file or the sending of a message that they originated.
Integrity
Integrity ensures that the message is real, accurate and safeguards from unauthorized user modification during the transmission.
Algorithms in Digital Signature
A digital signature consists of three algorithms:
Key generation algorithm
The key generation algorithm selects private key randomly from a set of possible private keys. This algorithm provides the private key and its corresponding public key.
Signing algorithm
A signing algorithm produces a signature for the document.
Signature verifying algorithm
A signature verifying algorithm either accepts or rejects the document’s authenticity.
Benefits of a Digital Signature Certificate
Data integrity: Documents that are signed digitally cannot be altered or edited after signing, which makes the data safe and secure. The government agencies often ask for these certificates to cross-check and verify the business transaction. In many scenarios, the sender and receiver of a message may have a need for confidence that the message has not been altered during transmission. Although encryption hides the contents of a message, it may be possible to change an encrypted message without understanding it. (Some encryption algorithms, called nonmalleable, prevent this, but others do not.) However, if a message is digitally signed, any change in the message after signature invalidates the signature. Furthermore, there is no efficient way to modify a message and its signature to produce a new message with a valid signature, because this is still considered to be computationally infeasible by most cryptographic hash functions
Reduced cost and time: Instead of signing the hard copy documents physically and scanning them to send them via e-mail, you can digitally sign the PDF files and send them much more quickly. A Digital Signature certificate holder does not have to be physically present to conduct or authorize a business.
Authentication: Helpful in authenticating the personal information details of the individual holder when conducting business online.
Authenticity of documents: Digitally signed documents give confidence to the receiver to be assured of the signer’s authenticity. They can take action on the basis of such documents without getting worried about the documents being forged.
