The authenticity of many legal, financial, and other documents is determined by the presence or absence of an authorized handwritten signature. The recipient of the signed document can verify the claimed identity of the sender using the signature. Also, if the sender later repudiates the contents of the document, then recipient can use the signature to prove the validity of the document.
With the computerized message systems replacing the physical transport of paper and ink documents, an effective solution for authentication of the electronic data is necessary. Various methods have been devised to solve this problem, but the use of ‘digital signature’ is definitely the best solution amongst them.
A digital signature is nothing but an attachment to any piece of electronic information, which represents the content of the document and the identity of the originator of that document uniquely. The digital signature is intended for use in electronic mail, electronic funds transfer, electronic data interchange, software distribution, data storage, and other applications which require data integrity assurance and data origin authentication.
When a message is received, the recipient may desire to verify that the message has not been altered in transit. Furthermore, the recipient may wish to be certain of the originator's identity. Both of these services can be provided by the digital signature. A digital signature is an electronic analogue of a written signature in that the digital signat ure can be used in proving to the recipient or a third party that the message was, in fact, signed by the originator. Digital signatures may also be generated for stored data and programs so that the integrity of the data and programs may be verified at any later time.
Although there are various approaches to implement the digital signature, this report discusses the ‘Digital Signature Standard’. It specifies the Digital Signature Algorithm (DSA) which is appropriate for applications requiring a digital rather than written signature. The DSA is considered as the standard procedure to generate and verify digital signatures. A DSA digital signature is a pair of large numbers represented in a computer as strings of binary digits.
The first section of this report deals with the basic requirements for using the digital signature. The next sections contain detailed explanation of the process of generation and verification of the digital signature. In addition to this the applications of the digital Signatur e are also discussed. The report also focuses on some legal aspects of digital signature, with reference to the Information Technology Act. The use of digital signature has been illustrated with an example in a practical scenario.
This report is an attempt to make the readers familiar with the concepts related to the digital signature and give them an idea of usefulness of a digital signature in the world of electronic information exchange.
What is Digital Signature
Basically, the idea behind digital signatures is the same as your handwritten signature. You use it to authenticate the fact that you promised something that you can't take back later. A digital signature doesn't involve signing something with a pen and paper then sending it over the Internet. But like a paper signature, it attaches the identity of the signer to a transaction. Having a digital certificate is like using your driver's license to verify your identity. You may have obtained your license from Maryland, for example, but your Maryland license lets you drive in Nevada and Florida. Similarly, your digital certificate proves your online identity to anybody who accepts it.
A digital signature can also be used to verify that information has not been altered after it was signed. A digital signature is an electronic signature to be used in all imaginable type of electronic transfer. Digital signature significantly differs from other electronic signatures in term of process and results. These differences make digital signature more serviceable for legal purposes.