hello guys, welcome here i’m viral parmar back with a Digital Signature as Promise, so while i heard about digital signature I’ve imagined something it’s a something tech which is include some handwritten signature into soft form, but but but i was totally wrong it’s far different from it, confused?? let me explain for you we all have a diffrent identity in the term of Signature we all are used signature to access our data in bank, exam, Cheque and attendence also, so all we know that computer science world is the mirror of our copy so one of the computer say that “hey human you have a signature then why i haven’t” and developer run their mind and invent Digital signature at 1976 for Computer’s.

in explain lets see the how it will work and what servieces it will provide, are you ready let’s dive in!!

What are digital signatures?

Digital signatures are the most advanced and secure type of electronic signature. You can use them to comply with the most demanding legal and regulatory requirements because they provide the highest levels of assurance about each signer’s identity and the authenticity of the documents they sign.

Digital signatures use a certificate-based digital ID issued by an accredited Certificate Authority (CA) or Trust Service Provider (TSP) so when you digitally sign a document, your identity is uniquely linked to you, the signature is bound to the document with encryption, and everything can be verified using underlying technology known as Public Key Infrastructure (PKI).

What does a digital signature look like?

——-BEGIN SIGNATURE——

IQB1AwUBMVSiA5QYCuMfgNYjAQFAKgL/ZkBfbeNEsbthba4BlrcnjaqbcKgNv+a5kr4537y8RCd+RHm75yYh5xxA1ojELwNhhb7cltrp2V7LlOnAelws4S87UX80cLBtBcN6AACf11qymC2h+Rb2j5SU+rmXWruWedrWWf+=QFMx

——END SIGNATURE——

(i’ve add some parity in it so dont try to copy)

There are several ways to authenticate a person or information on a computer:

Password – The use of a user name and password provide the most common form of authentication. You enter your name and password when prompted by the computer. It checks the pair against a secure file to confirm. If either the name or password do not match, then you are not allowed further access.

Checksum – Probably one of the oldest methods of ensuring that data is correct, checksums also provide a form of authentication since an invalid checksum suggests that the data has been compromised in some fashion. A checksum is determined in one of two ways. Let’s say the checksum of a packet is 1 byte long, which means it can have a maximum value of 255. If the sum of the other bytes in the packet is 255 or less, then the checksum contains that exact value. However, if the sum of the other bytes is more than 255, then the checksum is the remainder of the total value after it has been divided by 256. Look at this example:

Byte 1 = 212
Byte 2 = 232
Byte 3 = 54
Byte 4 = 135
Byte 5 = 244
Byte 6 = 15
Byte 7 = 179
Byte 8 = 80
Total = 1151. 1151 divided by 256 equals 4.496 (round to 4). Multiply 4 X 256 which equals 1024. 1151 minus 1024 equals checksum of 127

CRC (Cyclic Redundancy Check) – CRCs are similar in concept to checksums but they use polynomial division to determine the value of the CRC, which is usually 16 or 32 bits in length. The good thing about CRC is that it is very accurate. If a single bit is incorrect, the CRC value will not match up. Both checksum and CRC are good for preventing random errors in transmission, but provide little protection from an intentional attack on your data. The encryption techniques below are much more secure.

Private key encryption -Private key means that each computer has a secret key (code) that it can use to encrypt a packet of information before it is sent over the network to the other computer. Private key requires that you know which computers will talk to each other and install the key on each one. Private key encryption is essentially the same as a secret code that the two computers must each know in order to decode the information. The code would provide the key to decoding the message. Think of it like this. You create a coded message to send to a friend where each letter is substituted by the letter that is second from it. So “A” becomes “C” and “B” becomes “D”. You have already told a trusted friend that the code is “Shift by 2”. Your friend gets the message and decodes it. Anyone else who sees the message will only see nonsense.

Public key encryption – Public key encryption uses a combination of a private key and a public key. The private key is known only to your computer while the public key is given by your computer to any computer that wants to communicate securely with it. To decode an encrypted message, a computer must use the public key provided by the originating computer and it’s own private key.

The key is based on a hash value. This is a value that is computed from a base input number using a hashing algorithm. The important thing about a hash value is that it is nearly impossible to derive the original input number without knowing the data used to create the hash value. Here’s a simple example:

Input number 10667

Hashing Algorithm = Input # x 143

Hash Value = 1525381

You can see how hard it would be to determine that the value of 1525381 came from the multiplication of 10667 and 143. But if you knew that the multiplier was 143, then it would be very easy to calculate the value of 10667. Public key encryption is much more complex than this example but that is the basic idea. Public keys generally use complex algorithms and very large hash values for encrypting: 40-bit or even 128-bit numbers. A 128-bit number has a possible 2¹²⁸ different combinations. That’s as many combinations as there are water molecules in 2.7 million olympic size swimming pools. Even the tiniest water droplet you can image has billions and billions of water molecules in it!

Digital certificates – To implement public key encryption on a large scale, such as a secure Web server might need, requires a different approach. This is where digital certificates come in. A digital certificate is essentially a bit of information that says the Web server is trusted by an independent source known as a Certificate Authority. The Certificate Authority acts as the middleman that both computers trust. It confirms that each computer is in fact who they say they are and then provides the public keys of each computer to the other.

The Digital Signature Standard (DSS) is based on a type of public key encryption method that uses the Digital Signature Algorithm (DSA). DSS is the format for digital signatures that has been endorsed by the US government. The DSA algorithm consists of a private key that only the originator of the document (signer) knows and a public key. The public key has four parts, which you can learn more about at this page.

Electronic payment could become the future of currency. Click here to learn how digital signatures could help secure the future of electronic payment.

Advantages of digital signatures.

Saves Time
You no longer have to wait for your manager to return from a holiday or conference for that signature. Digital signatures ensure that businesses save on cost and time with documents and contracts signed off with a click of a button. There are huge savings in cost and time especially when the person required to sign is in a geographically different area. Documents can be signed off almost instantly, from anywhere. Be it a tablet, phone or computer, digital signatures can seamlessly ensure this otherwise tedious task is wrapped up in minutes.
Cost Savings
Many companies also see significant cost savings, with little or no expense in ink, paper, printing, scanning , shipping/delivery or travel expenses. There are also savings in other indirect costs such as filing, rekeying data, archiving, or tracking.
Workflow Efficiency
With lesser delays, digital signatures ensure better efficiency in workflow. Managing and tracking documents are made easier, with lesser effort and time involved. Many features of the digital signatures help speed up the work process. For instance, email notifications help remind the person to sign, while status tracking, help to know at which stage the document is at.
Better Customer Experience
Digital signatures provide the convenience of signing important documents where ever a customer or the person to sign is located. Sales persons do not have to wait for the customer to come to the bank or office. Documents can be signed off at the door step. This is ideal, especially in remote areas and smaller townships providing improved and personalized services. The customer has the freedom to be anywhere, and engage with a company, making services and businesses far more easy, quick and user – friendly.
Security
When it comes to signatures, authenticity and security is a priority. Digital signatures reduce the risk of duplication or alteration of the document itself. Digital signatures ensure that signatures are verified, authentic and legitimate. Signers are provided with PINs, password and codes that can authenticate and verify their identity and approve their signatures. Time stamping provides the date and time of the signature and thus provide a track of the document, minimising any risk of tampering or fraud. Security features embedded in digital signatures ensure that documents have not been altered without authorization.
Legal Validity
Digital signatures provides authenticity and ensures that the signature is verified. This can stand in any court of law like any other signed paper document. Time stamping and ability to track and easily archive documents improve and simplify audit and compliance.
Future Validity
Digital signatures also hold validity into the future. ETSI PDF Advanced Signatures (PAdES) with its eIDAS requirements have validity well into the future with its long term signature formats. Should there be far reaching technological changes, digital signatures would still be valid for the foreseeable future.
Environmental Benefits
As corporates and business become more conscious of their role in sustainability, digital signatures is a step ahead in their efforts in reducing waste and being environmental friendly.
Business efficiency
The costs involved in integrating digital signatures into the work processes is relatively small, compared to its benefits. With quicker contract turnaround time, and reduced the work flow time, digital signatures are ideal for both small and large organizations.

Also Read: What is an IDE?

Some FAQ about Digital signature

What is an electronic document?

An electronic document is any document that is generated or stored on a computer, such as a letter, a contract, or a will. In addition, an electronic document can be an image, such as a blueprint, a survey plat, a drawing, or even a photograph. A digital signature can be used to sign these documents.

Does that mean that the authenticity of any electronic document can be verified by a digital signature?

Yes, but only if the document originally was “signed” using a digital signature program (software).

This sounds complicated. What is it like to actually sign an electronic document?

It’s a simple process and may vary slightly in the software you use, but your digital signature software does all the work. You select the signature option, then select the document, and finally enter your secret authorization code. Everything is accomplished electronically; you do not take a pen in hand and sign a paper.

Can you actually see the signer’s handwritten signature?

No, there is no relationship to the signer’s handwritten signature. While there’s more to it behind the scenes, the visible portion of the digital signature is the signer’s name, title and firm name, along with the certificate serial number and the certification authority name.

How do I get a digital signature certificate?

When you choose your digital signature software, it may come with an application for the certificate. The application requests information used to verify your identity and protect you against unauthorized use of your signature. You may also obtain a certificate directly from a certificate authority.

What is a certificate? What does it mean to “publish” a certificate?

A certificate is a computer-based record that identifies the subscriber, contains the public key, and is digitally signed by the certification authority. The digital signature certificate must be associated with both a private key and a public key. When you publish the certificate, you identify yourself to the certification authority by providing it with your public key.

How am I identified as the signer?

When you use your digital signature software, you create a matched pair of keys. One is the “private” key, which is typically installed on your computer. The private key is used only by you and is required during the signing process.

The second key is the “public” key. The public key is available for use by anyone wishing to authenticate documents you sign. The public key will “read” the digital signature created by the private key and verify the authenticity of documents created with it. It would be similar to the process of accessing a safety deposit box. Your key must work with the bank’s key before opening the box.

If my private key is stored on my computer, can’t someone sign the documents without my permission by getting access to the computer?

No. Your private key is encrypted when it is stored on your computer. When you sign an electronic document, you enter a digital signature Authorization Code to decrypt the private key for as long as it takes to sign the document.

If someone learns of your Authorization Code and also has access to the computer holding your private key, the integrity of your private key is compromised. In this case you would revoke your digital signature certificate and obtain another. This would be the same as reporting a stolen or lost credit card.

Can a digital signature be forged?

Not likely. It is protected by several layers of highly complex encryption.

We like to think that a handwritten signature is unique to the signer and to the pieces of paper which hold it. What if someone produces a good likeness of your handwritten signature? Or, what if on a long contract, someone changes the text of the pages previous to the signature page? In these instances, the signature is valid, but the document has been altered.

With digital signatures, forgery is next to impossible – much more difficult than forging a handwritten signature. First, a digital signature is more of a process than just affixing a signature. For example, when the document is “digitally signed,” the digital software scans the document and creates a calculation which represents the document. This calculation becomes part of the “digital signature.” When the recipient authenticates the signature, a similar process is carried out. The sender’s and the receiver’s calculations are then compared. If the results are the same, the signature is valid; if they are different, the signature is not valid.

What are the responsibilities and the liability of a digital signature certificate subscriber?

The subscriber is responsible for safeguarding access to the private key.

What are the practical uses of a digital signature?

It is a secure form of transacting. Contracts, images, letters, etc, may be digitally signed and sent electronically in seconds. Everyone has equal opportunities to transact business with the private or public sectors, no matter the distance.