Digital Signatures Table of Contents ABSTRACT ………………………….. ………………………. ERROR! BOOKMARK NOT DEFINED. INTRODUCTION TO DIGI TAL SIGNATURES ERROR! BOOKMARK NOT DEFINED. TECHNOLOGY BEHIND TH E DIGITAL SIGNATURES ERROR! BOOKMARK NOT DEFINED. M ECHANISM OF DIGITAL SIGNATURES ……………………… ERROR ! BOOKMARK NOT DEFINED . THE PROCESS OF SIGNING DI GITALLY ……………………….. ERROR ! BOOKMARK NOT DEFINED . THE PROCESS OF VERIFICATION ………………………….. ….. ERROR ! BOOKMARK NOT DEFINED . DIGITAL SIGNATURE MA RKET AROUND THE WORL DERROR! BOOKMARK NOT DEFINED. CONCLUSION ………………………….. …………………. ERROR! BOOKMARK NOT DEFINED. Abstract The various electronic services like E -Banking, E -Governance, E -Voting etc.
, and their success rate is directly dependent on the security measures, the authenticity services and the integrity2 management of the information being shared and transmitted between t he senders and the receivers. This requirement of security, integrity and authenticity led to the discovery of Digital Signatures in the field of Information Technology. In this case, the sensitive and confidential information to be shared is required to b e signed digitally by the original sender and in order to read the information, the receiver too has a key to decipher the information and verify it categorically.
This is achieved using highly complex algorithms of cryptography. These algorithms w hen applied on the plain text to be sent, make it unreadable before transmitting them. Various attributes like the size of the key and the block respectively, the complexities of the computations performed, the security parameters used, customizations spec ific to the application etc., determine the level of the performance by different types of digital signatures. (Ijsr.in, 2019) Introduction to Digital Signatures Digital Signature is a technique used in Computer Science to provide integrity and authenticity to the users sending and receiving critical and sensitive data. Digital Signature is basically asymmetric technique of cryptography which is based on the implem entation of mathematical formulas over a digital document. It derives its name from the literal signing of the document in order to assure the recipient the authenticity of the sender and his origin and that the message has not been tampered with while in the transit. (Roy and Karforma, 201 2) Digital Signatures help helped achieve some of the most required safety features for the transition of digital data like: Authentication : It refers to the process of correct identification of the original sender of th e information and the intended receiver. It basically helps in ensuring the identity proof. Non -Repudiation: It implies that the existence of the message cannot be denied by the sender or the receive r. Integrity: It ensures that the original message and its contents are not distorted while the digital transmission and the receiver receives exactly what the sender had sent. A Digital Signature contains a sequence of bytes which may alternatively be referred as a code. The generation of the cod e is unique and different for each document and indicated to the signature of a sender or the signer. Digital Signature thus, is generated by combining the code generated for a document and is signed by a signer only. (Yada v, Srivastava and Trehan, 201 2)3 Technology behind the Digital Signatures Mechanism of Digital Signatures The algorithms for generating digital signatures are based on mathematical formulae. The algorithms for the di gital signatures are usually made up of three main sub -phases namely: Algorithm for key generation Digitally s igning the algorithm Verification of the Digital Signature The output text after signing the original text is called cipher text. The key used in the algorithm is a vital component that helps in determining what the cryptographic algorithm’s functional output will be. (Saha, 2016) Further, there are two types of key generation cryptographic techniques: Symmetric Key : It makes use of a single key that is shared between the sender and the receiver and thus, the success ratio of the cryptosystem is dependent on the maintenance of the secrecy of that key. Asymmetric Key : Public Key Infrastructure or PKI is the foundat ion basis of asymmetric key cryptographic technique which is combined with a one -hash function and makes use of two different keys. One key encrypts the message or the plain text into unreadable form and the other is used for decrypting the cipher text. Th e key which is published is called public key and the other one is kept private and hence, private key. Only the user has the access to the private key while the public key is published to the world. Thus, for deciphering the text, a user will need public -private key pair. (Tulu et al., 2004) The Process of signing digitally Step 1: Calculation of the message digest (hash value assigned to the message) using one of the algorithms for cryptography (for instance, MD2, MD5 or any other). When even a single Message Hash Function Message Digest Signature Function Message Digital Signature4 bit of this fixed length , sequence of bits is made to change by the application of message digest algorithm, a new digest of the input message is formed. (Lyubashevsky and Micciancio, 2019) Step 2: Calculation of the digital signature by encrypting the hash value obtained in step 1 using the private key of the digital signe r. It is done using a mathematical algorithm for encryption like RSA (based on the theory of numbers), DSA (uses the discrete theory algorithms), ECDSA (applies the theory of elliptic curves) The Process of Verification Step 1: Calculating the current value of the hash function using the same algorithm which was used while digital signing by the sender. (Subramanya and Yi, 2006) Step 2: Calculating the original value of the hash function by decrypting digital signature using same algorithm which was used for encryption while signing the message. A public key that corresponds to the private key while the signing process is used for decryption. Step 3: Comparing current and original values of the hash function. Successfu l verification corresponds to both the values being same and is a proof that the public key used in the process of verification corresponds to the private key using which the message was signed. In case of a mismatch, the verifications fail, and digital si gnature is marked invalid. Figure 1 Process of verification of Digital Signatures5 Digital Signature Market Around the World Creating digital signatures needs to have a secure environment and this requires digital certification for managing, issuing, potentially storing and utilising the digital signatures. Such an environment is known as Publi c-Key -Infrastructure (PKI) which can either be managed locally in -house by the issuer of the service or managed externally by a provider of cloud solutions that can be accessed over the internet. (Gohel and Upadhyay, 2015) The digital signature services b y the providers must follow some basic pre -requisites irrespective of the cryptographic algorithm or theories. These are: 1. Quality -Assured Algorithms 2. Quality -Assured Implementation 3. Users and the software used by them are required to properly carry out the protocol of signature 4. The privacy of the private key must not be hindered with 5. The owner of the public key must be verifiable No legal acts or the service providers or users can change or alter these basics of the existing possibilities in engineering . The fulfilment of the above -mentioned conditions is an evidence of the sender of the message and hence, the verification of the original sender using digital signatures. It is always advisable to use a separate set of keys for the purpose of encrypting the message and signing it. Also, signing keys should not be backed up until and unless the destination of the backup is itself encrypted securely thereby ensuring the absence of foul play. Many new companies and providers with newer technologies as well the established providers are in the quest to diversify their network across the globe. Some of the providers in Europe are Opentrust, D -Trust; American providers are Adobe Echosign, ARX CoSign, DocuSign . In the Asian countries like I ndia, EverSign, Fill are some of the companies offering dig ital signatures services. PleaseSign, Pandadoc are a few providers of digital signatures in Australia . Conclusion With the emerging world of technology, many traditional as well as newer applications and businesses have started carrying out electronic transactions in enormous amounts. This calls for security, authenticity, integrity, non -repudiation rules to be applied in place to ensure that the sensitiv e and confidential data is not maliciously altered. Alike the validation by physical signatures in verifying the paper documents, Digital signatures help in authenticating the electronic or digital documents. Though this is still an emerging technology, ye t a lot of6 providers and vendors have come across the globe to provide the services of digital signatures. (Darwish, 201 3) References  Darwish, D. (201 3). Assessment of Offline Digital Signature Recognition Classification Techniques . [online] Ijcncs.org. Available at: -4.pdf [Accessed 12 Jun. 2019].  Gohel, H. and Upadhyay, A. (201 5). Study of Cyber Security with Advance Concept of Digital Signature . [online] Ijarcs.info. Available at: [Accessed 1 0 Jun. 2019].  Ijsr.in. (2019). A ROLE OF DIGITAL SIGNATURE TECHNOLOGY USING RSA ALGORITHM . [online] Available at: -%20NCRIET -329.pdf [Accessed 12 Jun. 2019].  Lyubashevsky, V. and Micciancio, D. (2019). Asymptotically Efficient Lattice -Based Digital Signatures ‹. [online] Eprint.iacr.org. Available at: [Accessed 9 Jun. 2019].  Roy, A. and Karforma, S. (201 2).). A survey on digital signatures and its applications . [online] Available at: [Accessed 9 Jun. 2019].  Saha, P. (2016). A comprehensive study on digital signature for internet security . [online] Accents journals.org. Available at: [Accessed 11 Jun. 2019].  Subramanya, S. and Yi, B. (20 06 ). Digital Signatures . [online] IEEE Xplore. Available at: [Accessed 1 10 Jun. 2019].  Tulu, B., Chatterjee, S., Lafky, D., Li, H., Hilton, B. and A. Horan, T. (2004). Design and Implementation of a Digital Signature Solution for a Healthcare Enterprise. [online] Cse.unr.edu. Available at: [Accessed 11 Jun. 2019].  Yadav, P., Srivastava, S. and Trehan, V. (201 2). Digital Signature . [online] Scienceandnature.org. Available at: -Vol3(2) – Apr2012/IJEMS_V3(2)6.pdf [Accessed 1 0 Jun. 2019].