Digital Signature proves the identity/origin of sender. We can achieve authenticity and integrity by digitally sign a document.
The individual who is creating the digital signature uses their own private key to encrypt the Hash value of file; the only way to decrypt that data is with the signer's public key. This is how digital signatures are authenticated.
Let's take an example...
'S' is sender and 'R' is receiver. 'S' creates a document and want to digitally sign it prior to send it to 'R'. 'S' generates a Hash value of created document using the Hash functions(MD5, SHA) and then encrypt this hash value with it's own private key, combine this with document and sent it to receiver 'R'.
Now 'R' receives the document and decrypt the hash value with the help of public key of 'S'. If 'R' is able to decrypt it with the help of public key of 'S' it means document is digitally signed by 'S' only.
Classes of digital signatures:
There are three different classes of Digital Signature Certificates:
Class 1: Cannot be used for legal business documents as they are validated based only on an email ID and username. Class 1 signatures provide a basic level of security and are used in environments with a low risk of data compromise.
Class 2: Often used for e-filing of tax documents, including income tax returns and Goods and Services Tax (GST) returns. Class 2 digital signatures authenticate a signer's identity against a pre-verified database. Class 2 digital signatures are used in environments where the risks and consequences of data compromise are moderate.
Class 3: The highest level of digital signatures. Class 3 signatures require a person or organization to present in front of a certifying authority to prove their identity before signing.
Class 3 digital signatures are used for e-auctions, e-tendering, e-ticketing, court filings and in other environments where threats to data or the consequences of a security failure are high.
0 Comments