CRYPTOGRAPHY-DIGITAL SIGNATURE AND PKI
MEANING OF DIGITAL SIGNATURE
The cryptography a digital signature for digital signature scheme is a type of asymmetric cryptography used to simulate the security signature schemes normally give to algorithm one of the signing involving the users secret key and one for verifying signature involving the public key the output of the signature process is also called a digital signature like written signature are used to provide authentication of the associated input usually called a message maybe anything form of electronic mail to a contract or simple message sent in a more complicated cryptographic protocol public key infrastructure PKI digital signature is one type of electronic signature and electronic data that carry in intent signature but not all electronic signature is a digital signature. United states and in the European Union electronic signature have a legal signification. The electronic signature does not always make clear their applicability towards Cryptography digital signature.
DIGITAL SIGNATURE CERTIFICATE DSC the E-form is required to be authenticated find the authorized signatories using a digital signature as defined under the information technology act 2000 electronic signature duly issued by the certifying authority that shows the authority of the person signing the same. it is an electronic equivalent of the written signature submission with the MCA is required to obtain a digital signature certificate for MCA 21 following four types of users are identified as a user of digital signature and required to obtain digital signature certificate 1) Government employees 2) professional CA CS CWA and lawyers 3) authorized signatories of the companies /MD,directors, managers or security .4) representative of bank and financial institution .a person requiring a digital signature certificate can be approached any of the certifying authorities.requirement for the digital signature certificate physical documents are signed manually and electronic document for example if forms are required to sign digitally using a digital signature certificate issuing authority license certifying authority CA issue the digital signature section 24 of the Indian IT Act 2000 time required to issue a digital signature certificate time taken by CA to issue a digital signature certificate may be vary from 3 to 7 days validity period of digital signature certificate 1 or 2 years legal status of digital signature are legally admissible in court of law as provided under the provision of IT Act 2000 digital signature as per information technology act 2000. Digital signature recognized as a valid method of authentication. Asymmetric cryptosystem and Hash Function verification of electronic record is done by the use of public-key the private key and the public key are unique to the subscribe and Institute off Function key pair.
electronic governance legal recognition of electronic records the two main legal impediments of e commerce and legal governance were the requirement of recording and information of tangible medium of handwritten signature legal recognition of digital signature digital signature have been a legal reorganization by the IT Act 2000. These are now as good as orthodox signature on paper affixing and electronic signature to Electronic document is known now identical in law to placing a manuscript signature on paper writing authenticated by Means a digital signature affixed in such manner as may be prescribed by central government. Use of Electronic Record and Digital Signature in Government and Its Agencies Central Government Aim to Undertake an Ambitious Program of E-Government
ELECTRONIC FORMS FOR E-FORMS
MEANING OF E-FORM- an e-forms is only for Re-engineered conventional form notified and represent a document in electronic format for filing with the various authorities through the Internet. this may be either a form filed for the compliance or information purpose are an application seeking approval from the government, for example, filing return over the income tax via internet required e-forms generally e-forms are of PDF files which are operated by Adobe reader software.
IMPORTANT POINTS REGARDING E-FORM an e -form is contain a number of compulsory fields, marked with the red colour stars which are required to fill in instruction kit are available for each e-form and e-form may be filed in either online or offline mode.
BENEFIT OF DIGITAL SIGNATURE
AUTHENTICATION - digital signature can be used to authenticate the source of message INTEGRITY - in many scenarios the sender and the receiver of a message may have a need to confidence that the message has not been altered during the transmission.
SPEED - business no longer have to wait for a paper document to will send by courier contract are easily written completed and signed by all concerned party in a title amount of time no matter how far parties are geographical
COST - using a postal courier service for a paper document is much more expensive compared to using a digital signature on the electronic document
TRACKING - a digitally signed document can easily be tracked
NO REPUDIATION - singing and electronic document digitally identify us the signatory and that cannot be related in it
IMPOSTER PREVENTION - no one else can for your Digital Signature or submit an electronic document falsely claiming it was signed by you
TIMESTAMP - by time stamping your digital signature you will clear known as when the document was signed
DRAWBACK OF DIGITAL SIGNATURE - despite their usefulness digital signature do not alone solve all problem we might wish them to
EXPIRY - all Technology product are a short shelf life
CERTIFICATE - new Digital Certificate
SOFTWARE- do verification software at a cost
LAW - law regarding cyber law and Technology based issue are weak or even non existence
COMPATIBILITY - most business today are embarrassing the idea of paperless office advantage of using them
AUTHENTICATION OF ELECTRONIC RECORDS always concerned about the security confidential and integrity of the electronic record its authenticity of the addresses .any person interested in an executed commercial relationship over the internet will always be particular about, example who sent this message? when was it sent ,to whom was it sent through it received when was it received and did arrive in the same form in which is which it didn't have it reminded confidential
Data security is the protection of data against the accidental or International destruction disclosure a modification computer security refers to technological safeguard and managerial procedure which can be applied to computer hardware programs and data to assure the organized Ascent and individual privacy of protecting
CRYPTOGRAPHY practice and study encryption and decryption encoding data so that it can only be decoded by specified individual a system for encrypting and decrypting data is a Cryptosystem these usually involve algorithm for combining the original DATA PLAINTEXT with one or more keys number of Strings of characters known only to the sender and or recipient the resulting output is known as cheaper text.
ENCRYPTION AND DECRYPTION is the scrambling of digital message in such a way that only the sender and receiver can read this message it is a fundamental mechanism for the many forms of security and is a very effective way of securing the content of electronic data even Julius Caesar use Cryptography and he used to shift by three methods replacing every alphabet by the third letter ahead of it secret key cryptography involve the use of one key and public key Cryptography involve the use of two keys in the case of Hash Function Nokia used encryption uses a court or a cheaper.
SECRET KEY CRYPTOGRAPHY encryption can be private key or public-private key Cryptography and tell the coding and decoding of data with the same key for both the encryption and decryption data the key must be known by the sender and receiver location using private key encryption does provide good security because the receiver must have the key if it is to decrypt a message.
THE OBJECTIVE OF CRYPTOGRAPHY
Cryptographic Concerns Itself with Four Objectives
· CONFIDENTIALITY
· INTEGRITY
· NON-REPUDIATION
· AUTHENTICATION
CONCEPT OF PUBLIC KEY INFRASTRUCTURE
PUBLIC KEY INFRASTRUCTURE PKI is a set of hardware-software people policies and procedure need to create manage distribute use store and revoke Digital Certificate. Digital Certificate the user identity must be unique each CA domain. Under human supervision the PKI role that assures this binding is called the registration authority.
METHOD OF CERTIFICATION
Broadly Speaking There Are the Three Approaches to Getting This Trusted
1. certificate authority CA
2. Temporary certificate authority and single sign-on.
3. web of trust WOT and
4. simple public key infrastructure SPKI
THE APPLICATION USES OF PKI
Encryption and surrender authentication of email messages
Encryption and authentication of documents
Authentication of users to applications
Secure communication protocols
Mobile signature are an electronic signature that is created using a mobile device.
