Digital Signature is an
asymmetric key crypto-system (pair of public and private key) used for
generating “encrypted message hash” which is used as signature for a document,
picture, file, etc. Digital Signature provides authentication (ensures the
authenticity of the originator of message), non-repudiation (persons signing the
document can’t deny at any stage) and integrity (message has not been
altered/changed after creation).
Digital Signatures have been
provided legal recognition in India through Information Technology Act 2000 (http://deity.gov.in/content/information-technology-act).
One of the objectives of the IT Act is to promote the use of Digital Signatures
in e-Commerce and e-Governance. Section 3 of IT Act 2000 provides that Digital Signatures
can be used for authenticating the electronic record and Section 5 provides
legal sanctity to Digital Signature. It implies that the
digital signatures are now accepted at par with handwritten signatures and the
electronic documents that have been digitally signed are treated at par with
paper documents.
Person requires Digital Signature
Certificate (DSC) for digitally signing the document.
Classes of DSCs: Class 1, Class 2
and Class 3
Types of DSCs: Individual DSC,
Server DSC and Encryption Certificates.
DSC can be obtained from
Certifying Authority (CA) or Sub-CA. DSC can be obtained in various forms/ modes
such as Soft Certificates (stored in computer), Smart Card or USB crypto token.
CA is authorized by Controller of Certifying Authority (CCA) . CCA is an Apex Body created
by the IT Act. CCA issues license and regulate the working of CAs. CCA
maintains the following repositories:
- National Repository of Digital
Certificates (NRDC)
- Certificate Suspension and
Revocation List (CRL)
Following CAs are licensed by CCA
to issue DSC to end-user:
Name of CA
|
Website
|
(n) Code Solutions
|
|
eMudhra
|
|
Institute of Development and Research in Banking
Technology (IDRBT)
|
|
MTNL CA services
|
|
National Informatics Center (NIC)
|
|
Safescrypt
|
|
TCS CA services
|