unit 12 - digital signature

100hrs Information Technology Training © Board of Studies, ICAI

100 Hours ITT Course Unit 12Digital Signature


Learning Objectives

• Signature and the Law • What is Digital Signature Technology• How Digital Signature Technology works? • Public Key Certificates • What is Digital Certificates? • Challenges and opportunities


Introduction to Digital Signature

• In simple term, signature recognizes any mark made with the intention of authenticating the marked document.


Signature and the Law

A signature is a handwritten depiction or someone’s name, nickname or even a simple “x” that a person writes on documents as proof of identity and intent. Signing the document save the following general purpose.

Evidence – describes identification of the signature with signed document.

Ceremony –describes the legal significance of the signer’s act and there by helps prevent “inconsiderable engagements”


Approval – describes the signer’s approval of authorization of writing that has legal effect.

Efficiency and logistics- describes the sense of clarity and finality to the transaction.

Signature and the Law


Signature Attributes

Signer Authentication – A signature identifies the person and authorizes the message.

Document Authentication - A signature identifies what is signed without detection and even marking the impracticable to falsify.

Signature and Document Authentication is known as “non repudiation service”.A non-repudiation service provides assurance of the origin or delivery of data in order to protect the sender against false denial by the recipient that the data has


Affirmative Act: - define the ceremonial and approval functions or a signature.

Efficiency: - describes the authentication process with the least possible expenditure of resources.

Signature Attributes

been received, or to protect the recipient against false denial by the sender that the data has been sent.


What is Digital Signature Technology?

“A Digital Signature or Digital Signature Scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document". Digital Signatures are commonly used for software distribution, financial transaction, and in other cases where it is important to detect forgery and tempering.

Definition of Digital Signature



A “Public Key Cryptography” employs an algorithm using two different but mathematically related “Keys” one for creating a digital signature or transforming data into a seemingly unintelligible form, and another key for verifying a digital signature or returning the message to its original form.

A Cryptography is a study of hiding or securing information. A cryptography refers to encryption which is the process of converting ordinary information (Plaintext) into unintelligible i.e. cipher text. Decryption is the reverse in other words, moving from the unintelligible cipher text back to plaintext.



A public key cryptography uses 2 AlgorithmAsymmetric key algorithm Symmetric key algorithm

In asymmetric key algorithm, the key used to encrypt a message is not the same as key used to decrypt it which is known of public and private keys.

In symmetric key algorithm, a single secret key shared by sender and receiver is used for both encryption and decryption.



Benefits of Digital Signatures Authentication :-

Digital signatures can be used to authenticate the source of messages. When ownership of a digital signature secret key is bound to a specific user, a valid signature shows that the message was sent by that user.

Integrity :-The sender and receiver of a message may have a need for confidence that the message has not been altered during transmission. However, if a message is digitally signed, any change in the message will invalidate the signature.



Drawbacks of Digital Signature Association of Digital Signature and Trusted Time Stamping Non Repudiation W Y S I W Y S



Digital Signature Process


What is Digital Signature Technology? Generating message’s digest (hash result) Using Public Key to encrypt hash result Result of the encryption: digital signature Sender sends

– message,– digital signature and– certificate to receiver

Receiver wants to check– Integrity

Generating hash result, compare it to the sender’s hash result and decrypting the message with the sender’s public key

– AuthenticityCan be checked by means of the certificate



A hash is any well defined procedure of mathematical function which converts a large, possibly variable - sized amount of data into a small datum, usually single integer that may serve as an index to an array. The values returned by the hash function are called hash values.

A cryptographic hash function is a deterministic procedure that takes an arbitrary block of data and returns a fixed size bit string the hash value, such that an accidental change to the data will change the hash value. The data to be encoded is often called the message digest or simply digest.



A public key certificate is an electronic document which user a digital signature to bind together a public key with an identity. Information such as the name of a person or an organization, their address, and so fourth. PKI (Public key Infrastructure) is the mechanism - the organization, people, and machinery needed to support public key cryptography.

Public Key Certificate



3 approaches to setting the trust are :-

Certificate Authorities (CAs), Web of Trust (WoT), And simple

Public Key Certificate

A Certificate Authority (CA) is an entity that issues digital certificates for use by other parties. A trusted third party (TTP) is an entity, which facilitates interaction between two parties who both trust the third party.

Web of trust is a concept used in compatible systems to establish the authenticity of the binding between a public key and a user.



Digital Certificate are the electronic counterparts to driver licenses, passports and membership cards.

What is Digital Certificate?

Contents of Digital Certificatesa. Serial no. b. Subject c. Signature algorithm d. Issuer e. Valid-form f . Valid-to g. Key usage h. Public key i. Thumbprint algorithm j. Thumbprint



Uses of Digital CertificateEmailE-Commerce EFTGroup wareAnd many more

Type of Digital CertificatesServer certificates Developer certificates Personal certificates


Server certificates enables web servers to operate in a secure mode. It allows website visitors to safely transfer their personal information like credit cards and bank account information.

Developer certificates authenticate software and assure the user while downloading the software from the Internet.

Personal certificates are used by individual when they exchange message with other users or online services. It allows to validate a website visitor’s identity and even restrict their access to certain portions of the website.




Digital certificates and digital signing of an e-mail message

Message is captured.

Hash value of the message is calculated.

Sender's private key is retrieved from the sender's digital certificate.

Hash value is encrypted with the sender's private key.


Encrypted hash value is appended to the message as a digital signature.

Message is sent.

Digital certificates and verifying a digital signature of an e-mail message




Sender's public key is retrieved from the sender's digital certificate.

Encrypted hash value is decrypted with the sender's public key.

Decrypted hash value is compared against the hash value produced on receipt.

If the values match, the message is valid.

Message is received.

Digital signature containing encrypted hash value is retrieved from the message.

Message is retrieved.

Hash value of the message is calculated.



The cost consists of

Institutional overheadSubscriber and relying party costs

Advantages Minimizing the risk of dealing with imposters Message integrity Formal legal requirementHigh degree of information security

Challenges and opportunities to digital signature


Thank You

unit 12 - digital signature

Documents