Digital signature

A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit. Digital signatures are commonly used for software distribution, financial transactions, and in other cases where it is important to detect forgery or tampering. Digital signatures are often used to implement electronic signatures, a broader term that refers to any electronic data that carries the intent of a signature,[but not all electronic signatures use digital signatures. In some countries, including the United States, India, and members of the European Union, electronic signatures have legal significance. However, laws concerning electronic signatures do not always make clear whether they are digital cryptographic signatures in the sense used here, leaving the legal definition, and so their importance, somewhat confused. Digital signatures employ a type of asymmetric cryptography. For messages sent through a no secure channel, a properly implemented digital signature gives the receiver reason to believe the message was sent by the claimed sender. Digital signatures are equivalent to traditional handwritten signatures in many respects; properly implemented digital signatures are more difficult to forge than the handwritten type. Digital signature schemes in the sense used here are cryptographically based, and must be implemented properly to be effective. Digital signatures can also provide non-repudiation, meaning that the signer cannot successfully claim they did not sign a message, while also claiming their private key remains secret; further, some non-repudiation schemes offer a time stamp for the digital signature, so that even if the private key is exposed, the signature is valid nonetheless. Digitally signed messages may be anything representable as a bitstring: examples include electronic mail, contracts, or a message sent via some other cryptographic protocol.

Contents

1 Definition 2 History 3 Notions of security 4 Uses of digital signatures o 4.1 Authentication o 4.2 Integrity o 4.3 Non-repudiation 5 Additional security precautions o 5.1 Putting the private key on a smart card o 5.2 Using smart card readers with a separate keyboard o 5.3 Other smart card designs o 5.4 Using digital signatures only with trusted applications o 5.5 WYSIWYS o 5.6 Digital signatures vs. ink on paper signatures 6 Some digital signature algorithms 7 The current state of use legal and practical 8 Industry standards o 8.1 Using separate key pairs for signing and encryption 9 See also 10 Notes 11 Books 12 External links

Definition

Diagram showing how a simple digital signature is applied and then verified Main article: Public-key cryptography

A digital signature scheme typically consists of three algorithms:

A key generation algorithm that selects a private key uniformly at random from a set of possible private keys. The algorithm outputs the private key and a corresponding public key. A signing algorithm that, given a message and a private key, produces a signature. A signature verifying algorithm that, given a message, public key and a signature, either accepts or rejects the message's claim to authenticity.

Two main properties are required. First, a signature generated from a fixed message and fixed private key should verify the authenticity of that message by using the corresponding public key. Secondly, it should be computationally infeasible to generate a valid signature for a party who does not possess the private key.

History
In 1976, Whitfield Daffier and Martin Hellman first described the notion of a digital signature scheme, although they only conjectured that such schemes existed. Soon afterwards, Ronald Rivets, Aid Shamir, and Len Adelman invented the RSA algorithm, which could be used to produce primitive digital signatures (although only as a proof-of-concept"plain" RSA signatures are not secure). The first widely marketed software package to offer digital signature as Lotus Notes 1.0, released in 1989, which used the RSA algorithm. To create RSA signature keys, generate an RSA key pair containing a modulus N that is the product of two large primes, along with integers e and d such that e d 1 (mod (N)), where is the Euler phi-function. The signer's public key consists of N and e, and the signer's secret key contains d. To sign a message m, the signer computes md (mod N). To verify, the receiver checks that e m (mod N). As noted earlier, this basic scheme is not very secure. To prevent attacks, one can first apply a cryptographic hash function to the message m and then apply the RSA algorithm described above to the result. This approach can be proven secure in the so-called random oracle model. Other digital signature schemes were soon developed after RSA, the earliest being Lamport signatures, Merle signatures (also known as "Merkle trees" or simply "Hash trees"), and Rabin signatures.

In 1988, Shafi Goldwasser, Silvio Micali, and Ronald Rivest became the first to rigorously define the security requirements of digital signature schemes. They described a hierarchy of attack models for signature schemes, and also present the GMR signature scheme, the first that can be proven to prevent even an existential forgery against a chosen message attack. Most early signature schemes were of a similar type: they involve the use of a trapdoor permutation, such as the RSA function, or in the case of the Rabin signature scheme, computing square modulo composite n. A trapdoor permutation family is a family of permutations, specified by a parameter, that is easy to compute in the forward direction, but is difficult to compute in the reverse direction without already knowing the private key. However, for every parameter there is a "trapdoor" (private key) which when known, easily decrypts the message. Trapdoor permutations can be viewed as public-key encryption systems, where the parameter is the public key and the trapdoor is the secret key, and where encrypting corresponds to computing the forward direction of the permutation, while decrypting corresponds to the reverse direction. Trapdoor permutations can also be viewed as digital signature schemes, where computing the reverse direction with the secret key is thought of as signing, and computing the forward direction is done to verify signatures. Because of this correspondence, digital signatures are often described as based on public-key cryptosystems, where signing is equivalent to decryption and verification is equivalent to encryption, but this is not the only way digital signatures are computed. Used directly, this type of signature scheme is vulnerable to a key-only existential forgery attack. To create a forgery, the attacker picks a random signature and uses the verification procedure to determine the message m corresponding to that signature. In practice, however, this type of signature is not used directly, but rather, the message to be signed is first hashed to produce a short digest that is then signed. This forgery attack, then, only produces the hash function output that corresponds to , but not a message that leads to that value, which does not lead to an attack. In the random oracle model, this hash-and-decrypt form of signature is existentially unforgeable, even against a chosen-message attack. There are several reasons to sign such a hash (or message digest) instead of the whole document.

For efficiency: The signature will be much shorter and thus save time since hashing is generally much faster than signing in practice. For compatibility: Messages are typically bit strings, but some signature schemes operate on other domains (such as, in the case of RSA, numbers modulo a composite number N). A hash function can be used to convert an arbitrary input into the proper format.

For integrity: Without the hash function, the text "to be signed" may have to be split (separated) in blocks small enough for the signature scheme to act on them directly. However, the receiver of the signed blocks is not able to recognize if all the blocks are present and in the appropriate order. Why do we need a digital signature? Organizations throughout the world invest millions of dollars each year in automating their operations and business processes. As a result, electronic documentation permeates every aspect of the business workflow in industries ranging from engineering and healthcare to government and life sciences. Despite this, a hard copy is printed when a signature authorization is required on a document, requiring physical routing for signatures. The reintroduction of paper into the workflow increases organizational costs, requires additional time, and prohibits an organization from realizing the true benefits of a fully electronic workflow. Digital signature solutions produce legally enforceable electronic records, closing the gap in going fully paperless by completely eliminating the need to print documents for signing. Digital signatures enable the replacement of slow and expensive paper-based approval processes with fast, low-cost, and fully digital ones.

Notions of security
In their foundational paper, Goldwasser, Micali, and Rivest lay out a hierarchy of attack models against digital signatures: 1. In a key-only attack, the attacker is only given the public verification key. 2. In a known message attack, the attacker is given valid signatures for a variety of messages known by the attacker but not chosen by the attacker. 3. In an adaptive chosen message attack, the attacker first learns signatures on arbitrary messages of the attacker's choice. They also describe a hierarchy of attack results 1. A total break results in the recovery of the signing key. 2. A universal forgery attack results in the ability to forge signatures for any message. 3. A selective forgery attack results in a signature on a message of the adversary's choice. 4. An existential forgery merely results in some valid message/signature pair not already known to the adversary.

The strongest notion of security, therefore, is security against existential forgery under an adaptive chosen message attack.

Uses of digital signatures

As organizations move away from paper documents with ink signatures or authenticity stamps, digital signatures can provide added assurances of the evidence to provenance, identity, and status of an electronic document as well as acknowledging informed consent and approval by a signatory. The United States Government Printing Office (GPO) publishes electronic versions of the budget, public and private laws, and congressional bills with digital signatures. Universities including Penn State, University of Chicago, and Stanford are publishing electronic student transcripts with digital signatures. Below are some common reasons for applying a digital signature to communications:

Authentication
Although messages may often include information about the entity sending a message, that information may not be accurate. Digital signatures can be used to authenticate the source of messages. When ownership of a digital signature secret key is bound to a specific user, a valid signature shows that the message was sent by that user. The importance of high confidence in sender authenticity is especially obvious in a financial context. For example, suppose a bank's branch office sends instructions to the central office requesting a change in the balance of an account. If the central office is not convinced that such a message is truly sent from an authorized source, acting on such a request could be a grave mistake.

Integrity
In many scenarios, the sender and receiver of a message may have a need for confidence that the message has not been altered during transmission. Although encryption hides the contents of a message, it may be possible to change an encrypted message without understanding it. (Some encryption algorithms, known as nonmalleable ones, prevent this, but others do not.) However, if a message is digitally signed, any change in the message after signature will invalidate the signature. Furthermore, there is no efficient way to modify a message and its signature to produce a new message with a valid signature, because this is still

considered to be computationally infeasible by most cryptographic hash functions (see collision resistance).

Non-repudiation
Non-repudiation, or more specifically non-repudiation of origin, is an important aspect of digital signatures. By this property an entity that has signed some information cannot at a later time deny having signed it. Similarly, access to the public key only does not enable a fraudulent party to fake a valid signature. This is in contrast to symmetric systems, where both sender and receiver share the same secret key, and thus in a dispute a third party cannot determine which entity was the true source of the information.

Additional security precautions

Putting the private key on a smart card
All public key / private key cryptosystems depend entirely on keeping the private key secret. A private key can be stored on a user's computer, and protected by a local password, but this has two disadvantages:

the user can only sign documents on that particular computer the security of the private key depends entirely on the security of the computer

A more secure alternative is to store the private key on a smart card. Many smart cards are designed to be tamper-resistant (although some designs have been broken, notably by Ross Anderson and his students). In a typical digital signature implementation, the hash calculated from the document is sent to the smart card, whose CPU encrypts the hash using the stored private key of the user, and then returns the encrypted hash. Typically, a user must activate his smart card by entering a personal identification number or PIN code (thus providing two-factor authentication). It can be arranged that the private key never leaves the smart card, although this is not always implemented. If the smart card is stolen, the thief will still need the PIN code to generate a digital signature. This reduces the security of the scheme to that of the PIN system, although it still requires an attacker to possess the card. A mitigating factor is that private keys, if generated and stored on smart cards, are usually regarded as difficult to copy, and are assumed to exist in exactly one copy. Thus, the loss of the smart card may be detected by the owner and the corresponding certificate can be immediately revoked. Private keys that are protected by software only may be easier to copy, and such compromises are far more difficult to detect.

Using smart card readers with a separate keyboard

Entering a PIN code to activate the smart card commonly requires a numeric keypad. Some card readers have their own numeric keypad. This is safer than using a card reader integrated into a PC, and then entering the PIN using that computer's keyboard. Readers with a numeric keyp ad are meant to circumvent the eavesdropping threat where the computer might be running a keystroke logger, potentially compromising the PIN code. Specialized card readers are also less vulnerable to tampering with their software or hardware and are often EAL3 certified.

Other smart card designs

Smart card design is an active field, and there are smart card schemes which are intended to avoid these particular problems, though so far with little security proofs.

Using digital signatures only with trusted applications

One of the main differences between a digital signature and a written signature is that the user does not "see" what he signs. The user application presents a hash code to be encrypted by the digital signing algorithm using the private key. An attacker who gains control of the user's PC can possibly replace the user application with a foreign substitute, in effect replacing the user's own communications with those of the attacker. This could allow a malicious application to trick a user into signing any document by displaying the user's original on-screen, but presenting the attacker's own documents to the signing application. To protect against this scenario, an authentication system can be set up between the user's application (word processor, email client, etc.) and the signing application. The general idea is to provide some means for both the user app and signing app to verify each other's integrity. For example, the signing application may require all requests to come from digitally-signed binaries.

WYSIWYS
Technically speaking, a digital signature applies to a string of bits, whereas humans and applications "believe" that they sign the semantic interpretation of those bits. In order to be semantically interpreted the bit string must be transformed into a form that is meaningful for humans and applications, and this is done through a combination of hardware and software based processes on a computer system. The problem is that the semantic interpretation of bits can change as a function of the

processes used to transform the bits into semantic content. It is relatively easy to change the interpretation of a digital document by implementing changes on the computer system where the document is being processed. From a semantic perspective this creates uncertainty about what exactly has been signed. WYSIWYS (What You See Is What You Sign) means that the semantic interpretation of a signed message cannot be changed? In particular this also means that a message cannot contain hidden info that the signer is unaware of, and that can be revealed after the signature has been applied. WYSIWYS is a desirable property of digital signatures that is difficult to guarantee because of the increasing complexity of modern computer systems.

Digital signatures vs. ink on paper signatures

An ink signature can be easily replicated from one document to another by copying the image manually or digitally. Digital signatures cryptographically bind an electronic identity to an electronic document and the digital signature cannot be copied to another document. Paper contracts often have the ink signature block on the last page, and the previous pages may be replaced after a signature is applied. Digital signatures can be applied to an entire document, such that the digital signature on the last page will indicate tampering if any data on any of the pages have been altered.

Some digital signature algorithms

RSA-based signature schemes, such as RSA-PSS DSA and its elliptic curve variant ECDSA ElGamal signature scheme as the predecessor to DSA, and variants Schnorr signature and Pointcheval-Stern signature algorithm Rabin signature algorithm Pairing-based schemes such as BLS Undeniable signatures Aggregate signature - a signature scheme that supports aggregation: Given n signatures on n messages from n users, it is possible to aggregate all these signatures into a single signature whose size is constant in the number of users. This single signature will convince the verifier that the n users did indeed sign the n original messages.

The current state of use legal and practical

The examples and perspective in this section may not represent a worldwide view of the subject. Please improve this article and discuss the issue on the talk page. (November 2009) Digital signature schemes share basic prerequisites that regardless of cryptographic theory or legal provision they need to have meaning: 1. Quality algorithms Some public-key algorithms are known to be insecure, practicable attacks against them having been discovered. 2. Quality implementations An implementation of a good algorithm (or protocol) with mistake(s) will not work. 3. The private key must remain private if it becomes known to any other party, that party can produce perfect digital signatures of anything whatsoever. 4. The public key owner must be verifiable A public key associated with Bob actually came from Bob. This is commonly done using a public key infrastructure and the public key user association is attested by the operator of the PKI (called a certificate authority). For 'open' PKIs in which anyone can request such an attestation (universally embodied in a cryptographically protected identity certificate), the possibility of mistaken attestation is non trivial. Commercial PKI operators have suffered several publicly known problems. Such mistakes could lead to falsely signed, and thus wrongly attributed, documents. 'closed' PKI systems are more expensive, but less easily subverted in this way. 5. Users (and their software) must carry out the signature protocol properly. Only if all of these conditions are met will a digital signature actually be any evidence of who sent the message, and therefore of their assent to its contents. Legal enactment cannot change this reality of the existing engineering possibilities, though some such have not reflected this actuality. Legislatures, being importuned by businesses expecting to profit from operating a PKI, or by the technological avant-garde advocating new solutions to old problems, have enacted statutes and/or regulations in many jurisdictions authorizing, endorsing, encouraging, or permitting digital signatures and providing for (or limiting) their legal effect. The first appears to have been in Utah in the United

States, followed closely by the states Massachusetts and California. Other countries have also passed statutes or issued regulations in this area as well and the UN has had an active model law project for some time. These enactments (or proposed enactments) vary from place to place, have typically embodied expectations at variance (optimistically or pessimistically) with the state of the underlying cryptographic engineering, and have had the net effect of confusing potential users and specifiers, nearly all of whom are not cryptographically knowledgeable. Adoption of technical standards for digital signatures have lagged behind much of the legislation, delaying a more or less unified engineering position on interoperability, algorithm choice, key lengths, and so on what the engineering is attempting to provide.

Industry standards
Some industries have established common interoperabiltity standards for the use of digital signatures between members of the industry and with regulators. These include the Automotive Network Exchange for the automobile industry and the SAFE-BioPharma Association for the healthcare industry.

Using separate key pairs for signing and encryption

In several countries, a digital signature has a status somewhat like that of a traditional pen and paper signature, like in the EU digital signature legislation. Generally, these provisions mean that anything digitally signed legally binds the signer of the document to the terms therein. For that reason, it is often thought best to use separate key pairs for encrypting and signing. Using the encryption key pair, a person can engage in an encrypted conversation (e.g., regarding a real estate transaction), but the encryption does not legally sign every message he sends. Only when both parties come to an agreement do they sign a contract with their signing keys, and only then are they legally bound by the terms of a specific document. After signing, the document can be sent over the encrypted link. If a signing key is lost or compromised, it can be revoked to mitigate any future transactions. If an encryption key is lost, a backup or key escrow should be utilized to continue viewing encrypted content. Signing keys should never be backed up or escrowed. A digital signature is basically a way to ensure that an electronic document (e-mail, spreadsheet, text file, etc.) is authentic. Authentic means that you know who created the document and you know that it has not been altered in any way since that person created it.

Digital signatures rely on certain types of encryption to ensure authentication. Encryption is the process of taking all the data that one computer is sending to another and encoding it into a form that only the other computer will be able to decode. Authentication is the process of verifying that information is coming from a trusted source. These two processes work hand in hand for digital signatures. There are several ways to authenticate a person or information on a computer:

Password - The use of a user name and password provide the most common form of authentication. You enter your name and password when prompted by the computer. It checks the pair against a secure file to confirm. If either the name or password do not match, then you are not allowed further access. Checksum - Probably one of the oldest methods of ensuring that data is correct, checksums also provide a form of authentication since an invalid checksum suggests that the data has been compromised in some fashion. A checksum is determined in one of two ways. Let's say the checksum of a packet is 1 byte long, which means it can have a maximum value of 255. If the sum of the other bytes in the packet is 255 or less, then the checksum contains that exact value. However, if the sum of the other bytes is more than 255, then the checksum is the remainder of the total value after it has been divided by 256. Look at this example:

Byte Byte Byte Byte Byte Byte Byte Byte Total Checksum 1 2 3 4 5 6 7 8 212 232 54 135 244 15 179 80 1151 127

1151 divided by 256 equals 4.496 (round to 4) Multiply 4 X 256 which equals 1024 1151 minus 1024 equals 127

CRC (Cyclic Redundancy Check)

CRCs are similar in concept to checksums but they use polynomial division to determine the value of the CRC, which is usually 16 or 32 bits in length. The good thing about CRC is that it is very accurate. If a single bit is incorrect, the CRC value will not match up. Both checksum and CRC are good for preventing random errors in transmission, but provide little protection from an intentional attack on your data. The encryption techniques below are much more secure. Private key encryption -Private key means that each computer has a secret key (code) that it can use to encrypt a packet of information before it is sent over the network to the other computer. Private key requires that you know which computers will talk to each other and install the key on each one. Private key encryption is essentially the same as a secret code that the two computers must each know in order to decode the information. The code would provide the key to decoding the message. Think of it like this. You create a coded message to send to a friend where each letter is substituted by the letter that is second from it. So "A" becomes "C" and "B" becomes "D". You have already told a trusted friend that the code is "Shift by 2". Your friend gets the message and decodes it. Anyone else who sees the message will only see nonsense. Public key encryption - Public key encryption uses a combination of a private key and a public key. The private key is known only to your computer while the public key is given by your computer to any computer that wants to communicate securely with it. To decode an encrypted message, a computer must use the public key provided by the originating computer and it's own private key. The key is based on a hash value. This is a value that is computed from a base input number using a hashing algorithm. The important thing about a hash value is that it is nearly impossible to derive the original input number without knowing the data used to create the hash value. Here's a simple example: Input number 10667 Hashing algorithm Input # x 143 Hash value 1525381

You can see how hard it would be to determine that the value of 1525381 came from the multiplication of 10667 and 143. But if you knew that the multiplier was 143, then it would be very easy to calculate the value of 10667. Public key encryption is much more complex than this example but that is the basic idea. Public keys generally use complex algorithms and very large hash values for encrypting: 40-bit or even 128-bit numbers. A 128-bit number has a possible 2128 different combinations. That's as many combinations as there are water molecules in 2.7 million olympic size swimming pools. Even the tiniest water droplet you can image has billions and billions of water molecules in it!

Digital certificates - To implement public key encryption on a large scale, such as

a secure Web server might need, requires a different approach. This is where digital certificates come in. A digital certificate is essentially a bit of information that says the Web server is trusted by an independent source known as a Certificate Authority. The Certificate Authority acts as the middleman that both computers trust. It confirms that each computer is in fact who they say they are and then provides the public keys of each computer to the other.

Question related to digital signature:

What is a Digital Signature? Answer: A digital signature authenticates electronic documents in a similar manner a handwritten signature authenticates printed documents. This signature cannot be forged and it asserts that a named person wrote or otherwise agreed to the document to which the signature is attached. The recipient of a digitally signed message can verify that the message originated from the person whose signature is attached to the document and that the message has not been altered either intentionally or accidentally since it was signed. Also, the signer of a document cannot later disown it by claiming that the signature was forged. In other words, digital signatures enable the "authentication" and non-repudiation of digital messages, assuring the recipient of a digital message of both the identity of the sender and the integrity of the message. A digital signature is issued by a Certification Authority (CA) and is signed with the CA's private key. A digital signature typically contains the: Owner's public key, the Owner's name, Expiration date of the public key, the Name of the issuer (the CA that issued the Digital ID), Serial number of the digital signature, and the digital signature of the issuer. Digital signatures deploy the Public Key Infrastructure (PKI) technology.

If you file electronically using digital signature you do not have to submit a physical copy of the return. Even if you do not have a digital signature, you can still e-File the returns. However, you must also physically submit the printed copy of the filled up Form along with the copy of the Provisional Acknowledgement Number of your e-Return

How legal is a Digital signature? Answer: India is one of the select band of nations that has the Digital Signature Legislation in place. This Act grants digital signatures that have been issued by a licensed Certifying Authority in India the same status as a physical signature. Digital signatures deploy the Public Key Infrastructure (PKI) technology. I dont have a Digital Signature. Does this mean I cannot file online? Answer: In case you do not have a Digital Signature, you can still e-File the returns. However, you must also physically submit the printed copy of the filled up Form along with the copy of the Provisional Acknowledgement Number of your e-Return. Where can I get a digital signature? Answer: The Information Technology Act, 2000 provides for use of Digital Signatures on the documents submitted in electronic form in order to ensure the security and authenticity of the documents filed electronically. Certification Agencies are appointed by the office of the Controller of Certification Agencies (CCA) under the provisions of IT Act, 2000. There are a total of seven Certification Agencies authorised by the CCA to issue the Digital Signature Certificates.

Name of Certifying Agency Tata Consultancy Services Ltd. National Informatics Centre Institute for Development & Research in Banking Technology (IDRBT)

Website

Address

http://www.tcs-ca.tcs.co.in/

Tata Consultancy Services Ltd. 11th Floor,Air India Building,Nariman Point, Mumbai 400 021 A Block CGO Complex, Lodhi Road,New Delhi 110 003

http://www.nic.in/

idrbtca.org.in

IDRBT, Castle Hills, Road No.1, Masab Tank, Hyderabad, Andhra Pradesh 500 057 (India)

MTNL

http://www.mtnltrustline.com/

3rd Floor, Mahanagar Doorsanchar Sadan, 9, CGO Complex, Lodi Road, New Delhi 110003 5th Floor, Hotel Samrat,Kautilya Marg, Chanakya Puri, New Delhi 110021

Customs & Central Excise (n)Code Solutions Ltd., (A division of Gujarat Narmada Valley Fertilisers Company Ltd.)

icert.gov.in

http://www.ncodesolutions.com/

(n)Code Solutions, (A division of GNFC Ltd.) 301, GNFC Infotower, S G Highway, Ahmedabad 380054. marketing@ncodesolutions.com +91 79 40007300

Safescrypt

http://www.safescrypt.com/

Safescrypt Ltd. II Floor, Tidel Park 4 Canal Bank Road Taramani, Chennai Tamilnadu 600113 M/S 3i Infotech Consumer Services Ltd., 3rd Floor, Sai Arcade, Outer Ring Road,Devarabeesanahalli, Bangalore - 560036, Karnataka.

e-Mudhra CA

http://www.e-mudhra.com/

Do I need a fresh digital signature in case I already have one? Answer: A person/company who already has the specified Digital Signature for any other application can use the same for filings for the Income tax return and is not required to obtain a fresh Digital Signature. How much does a digital signature cost? Answer: The Digital Signature certificates are typically issued with one year validity and two year validity. It includes the cost of medium (a UBS token which is a one time cost), the cost of issuance of Digital Signature and the renewal cost after the period of validity. The issuance costs in respect of each Certification Agency vary and are market driven.

UPLOADING WITH DIGITAL SIGNATURE CERTIFICATES:

there is no way of affixing the certificate onto the form Answer: The website allows the assessee to use digital signature as an option. Therefore it is not possible to embed the digital signature feature in the software utility /form. However, the assessee can browse and attach the digital signature at the time of submission of the e-return at his option. The Web site accepts Digital signature certificates in the formats: .pfx/ .p12. Other formats like .cer are not being accepted. Thus Persons who use USB tokens for securing their signature certificates are unable to use them for EFiling. Answer: Digital Signature Certificates in USB tokens are also accepted. It is not clear what class of Digital signature certificates should be used: Class 1/2/3 Answer: Digital Signature certificate should be of Class 2 or 3 only. It should also be ensured that the Digital certificate should be obtained only from among Certifying Authorities in India. It is also not clear as to whose Digital signature certificate should be used: Director (as in the case of MCA) / Company (as in the case of DGFT). Answer: In case the electronic return is being signed digitally using a digital certificate, then the digital certificate should be that of the Authorized Signatory in accordance with the provisions of Section 140 of the IT Act. Therefore, for company returns, the digital certificate should be that of the Managing Director or the Director of the company.

Digital Signatures
In this article I will clarify what a digital signature is and will demonstrate ways of using this technology to validate the identity of a user. The internet is filled with fraudulent villains that can take you or your organization to the cleaners, without you even knowing about it till its too late. Published: May 29, 2003 Updated: Jul 22, 2004 Section: Articles :: Authentication, Access Control & Encryption Author: Ricky M. Magalhaes Printable Version

In this article I will clarify what a digital signature is and will demonstrate ways of using this technology to validate the identity of a user. The internet is filled with fraudulent villains that can take you or your organization to the cleaners, without you even knowing about it till its too late. Vendors like Verisign and through sell signatures that help you in the validations process giving the transacting party piece of mind. Knowing that the identity of the 3rd party is verified makes it easier to prosecute if there were to be an issue in the remaining part of the transaction and honoring of the guarantees. Spam is an area that can be rectified by making digital signatures mandatory and using a net police to prosecute where the illegitimate mail originated from. Although in some countries it is law to have digital signature to conduct contractual business it is increasingly becoming the way secure business is conducted.

What are Digital IDs?

Digital ID signature or certificate is an installed file resident on a computer validates who you are. Digital signatures are used by programs on the internet and local to the machines to confirm your identity to any third party concerned. Digital signatures have been confused with electronic signatures. Electronic signatures are scanned copies of a physical written signature.

When do you need to verify identity?

New ways of verification are being developed daily. Biometrics and other methods keep getting formulated and incorporated into the information technology industry. One interesting biometric authentication mechanism developed by a leading Japanese biometric company has found a way to get your DNA into a pen. You sign a document and it is digitally scanned. This document then can be scanned in the future to verify its authenticity. Identity should be verified when ever there is doubt of the 3rd party being whom they say they are or when there is personal information at risk. Personal information like credit card details and banking information should be kept safe using digital certification as one of the security layers. Some banking institutions require that a user verifies his/her identity by validating identification credentials using a digital certificate. Important e-mail can also use Digital signatures that verify that the e-mail is from the originating sender and that it has not been tampered with. On many occasions users are unsure if they are dealing with reputable suppliers of institutions. Digital certification gives the user a sense of legitimacy and formalizes the process. It ensure that the company that the user is dealing with has a registration with a trusted authority and that the transaction is guaranteed to be done with the intended parties.

Reasons for using digital security.

It insures by means of verification and validation that the user is whom he/she claims to be. This is done by combine the users credential to the digital certificate and in turn this method uses one point of authentication. Digital certificates insure data Integrity giving the user piece of mind that the message or transaction has not been accidentally or maliciously altered. This is done cryptographically. Digital certificates ensure confidentiality and ensure that messages can only be read by authorized intended recipients. Digital certificates also verify date and time so that senders or recipients can not dispute if the message was actually sent or received.

The components that a digital signature comprise of.

1. Your public key: This is the part that any one can get a copy of and is part of the verification system. 2. Your name and e-mail address: This is necessary for contact information purposes and to enable the viewer to identify the details. 3. Expiration date of the public key: This part of the signature is used to set a shelf life and to ensure that in the event of prolonged abuse of a signature eventually the signature is reset. 4. Name of the company: This section identifies the company that the signature belongs too. 5. Serial number of the Digital ID: This part is a unique number that is bundled to the signature for tracking ad extra identification reasons. 6. Digital signature of the CA (certification Authority): This is a signature that is issued by the authority that issues the certificates.

Figure A

User A is depicted above and has two keys a public key, this key is available to the public for download, and a private key, this key is not available to the public. All keys are used to lock the information in an encrypted mode. The same keys are required to decrypt the data. Another user can encrypt the data using users As Public Key. User A will use the Private Key to decrypt the message. Without user As Private Key the data can not be decrypted. Figure B below depicts the encryption method and decryption method and witch keys are used.

Figure B Digital signature can be used to make document e-mails and other data private. Big brother is out there and choosing a high encryption mechanism ensures that any one attempting to decrypt the data would find it unviable to attempt decryption. User As machine digests the data into a simple string of code after user As software has encrypted the message digest with his private key. The result is the digital signature. User As software then appends the digital signature to document. All of the data that was hashed has been signed. User A then passes the digitally signed document to user B. First user Bs software decrypts the signature, using User As public key then changing it back into a message digest. After the decryption if it has decrypted the data to digest level then verifies that user A in fact did sign the data. To stop fraud certificate authorities have been introduced. Certificate authorities can sign User As public key, ensuring that no one else uses Bobs information or impersonated his key. If a user is uncertain of the digital signature it is possible to verify the digital signature with the certificate authority. Signatures can also be revoked if they are abused or if it is suspected that they are abused. When a digital signature is compromised the user that suspects that the certificate is compromised should report the incident to the certificate authority.

The process of checking the validity of digital signature.

User A sends a signed document to User B. To verify the signature on the document, user Bs application first uses the certificate authority's public key to check the signature on user As certificate. Successful de-encryption of the certificate proves that the certificate authority created it. After the certificate is de-encrypted, user Bs software can check if user A is in good standing with the certificate authority and that all of the certificate information concerning user As identity has not been altered. User Bs software then takes user As public key from the certificate and uses it to check user As signature. If user As public key de-encrypts the signature successfully, then user B is assured that the signature was created using user As private key, for the certificate authority has certified the matching public key. If the signature is found to be valid, then we know that an intruder didn't try to change the signed content.

The importance of private key revocation

At times there may be grounds for believing that a private key may have been compromised. This will then result in the key pair being revoked. When a digital signature is revoked the user that is requesting the revoke needs to be verified. If a key is wrongfully revoked legal action can follow. Digital signatures deliver assurances in the role that the other party will keep their part of the bargain. Knowing the identity of the other party is one way of gaining that assurance. Keys used for digital signatures are very long series of bits, which can be represented as long series of alphanumeric characters. This makes digital signatures unfeasible for an individual to remember. They must consequently be stored in a method which is suitable, portable and protected. The most likely current technology to support such storage is a chip. Smart cards, bios chips, eprom ships found in cable modems and other types of descrambles are all examples or primitive forms of digital signatures that act as away of identifying user. No form of identification to this date is used more than digital signature to verify the existence of a user and confirmation of credential over the internet. Digital signatures in some form or other are her to stay.

What is public key encryption?

Public key encryption (PKE) uses a system of two keys:

a private key, which only you use (and of course protect with a well-chosen, carefully protected passphrase); and a public key, which other people use. Public keys are often stored on public key servers.

A document that is encrypted with one of these keys can be decrypted only with the other key in the pair. For example, let's say that Alice wants to send a message to Bob using PGP (a popular public key encryption system). She encrypts the message with Bob's public key and sends it using her favorite email program. Once the message is encrypted with Bob's public key, only Bob can decrypt the message using his private key. Even major governments using supercomputers would have to work for a very long time to decrypt this message without the private key.