Digital signature means authentication of any electronic record by a subscriber
by means of an electronic method or procedure in accordance with the
provisions of section 3.
Section 3 deals with the conditions subject to which an electronic record may
be authenticated by means of affixing digital signature which is created in two
definite steps.
First, the electronic record is converted into a message digest by using a
mathematical function known as 'Hash function' which digitally freezes the
electronic record thus ensuring the integrity of the content of the intended
communication contained in the electronic record. Any tampering with the
contents of the electronic record will immediately invalidate the digital
signature.
Secondly, the identity of the person affixing the digital signature is
authenticated through the use of a private key which attaches itself to the
message digest and which can be verified by anybody who has the public key
corresponding to such private key. This will enable anybody to verify whether
the electronic record is retained intact or has been tampered with since it was
so fixed with the digital signature. It will also enable a person who has a public
key to identify the originator of the message.
'Hash function' means an algorithm mapping or translation of one sequence of
bits into another, generally smaller, set known as "Hash Result" such that an electronic record yields the same hash result every
time the algorithm is executed with the same electronic record as its input
making it computationally infeasible to derive or reconstruct the original
electronic record from the hash result produced by the algorithm; that two
electronic records can produce the same hash result using the algorithm.
Digital signatures are a means to ensure validity of electronic transactions
however who guarantees about the authenticity that such signatures are
indeed valid or not false. In order that the keys be secure the parties must have
a high degree of confidence in the public and private keys issued.
Digital Signature is not like our handwritten signature. It is a jumble of letters
and digits. It looks something like this.
----- BEGIN SIGNATURE----
Uz5xHz7DxFwvBAh24zPAQCmOYhT47gvuvzO0YbDA5txg5bN1Ni3hgPgnRz8Fw
xGU
oDnj7awl7BwSBeW4MSG7/3NS7oZyD/AWO1Uy2ydYD4UQt/w3d6D2Ilv3L8EO
iHiH +r5K8Gpe5zK5CLV+zBKwGY47n6Bpi9JCYXz5YwXj4JxTT+y8=gy5N
----- END SIGNATURE ------