Digital Certificate

A digital certificate is a digital form of identification, much like a passport or driver's license.

Private & Confidential

Why Digital Signature are required?

In the digital world, it is easy to make copy of digital record. The problem is copy is as good as original i.e a copy of word file will be as good as the original word file Scanned signature of a person in any of the following format i.e. jpeg, bmp, tiff, gif, pdf can be copied & it will be as good as the original scanned copy. But if a document is digitally signed using digital certificates, than it is possible to make out which one is original & which one is duplicate.

Private & Confidential

What are Digital Certificates?

Digital Certificate revel the identity of a person, in the faceless world of Internet Digital Certificates are issued by Certifying Agency called CA who are controlled by Controller of Certifying Agency (CCA). Digital Certificates is a small software that contains the identity of the person, and can be stored in Internet Browser digital certificate repository/store A Digital Certificate has 2 parts Public Key & Private Key. As name suggest Public Key is shared with Public & Private key is supposed to be held with the owner.

Private & Confidential

What is a digitally signed document?

Digitally Signed document contains 2 things Original Document i.e. Word file, Jpeg, PDF, etc. Digital Signature in Text Format

Private & Confidential

How Digital Signature is generated?

Take any Digital Document MP3, Word File, PDF, Jpeg, etc. Run Hash Algorithm & generate Message Digest (MD)

Encrypt MD (EMD) with Private Key of Digital Certificate

Attach Public Key of Digital Certificate with EMD EMD + attached public key is called Digital Signature.

Private & Confidential

How Digital Signature is generated?

Take Digital Signature Separate Encrypted MD & Public Key

Using Public Key, decrypt MD say MD1

Generate new MD as explained earlier - say MD2 If MD1 & MD 2 matches, it means document is not tampered If MD1 & MD 2 do not match, it means document is tampered

Private & Confidential

More about Digital Signature

Digital Signature are so sensitive that even if a pixel is changed, it can detect the change. From Digital Signature you know who signed it, when it was signed & weather document has been tampered or not. If someone tries to tamper/edit a document, than it can be detected with attached signature, but what has been edited cannot be know.

Private & Confidential

Licensed Certifying Agency

eMudra ICICI group TCS

Safescrypt Verisign & Satyam Mahindra

MTNL nCODE - GNFC more

Private & Confidential

Types of Digital Certificates

Class 1 Is issued to a person after verification of email account of the holder. Class 2 Is issued to a person after proper verification of the required document, which should be attested/notarized Class 3 Is issued to a person only after physical verification of a person & if all the required attested/notarized documents are available. Class 1 is least expensive & Class 3 is most expensive. Types. For eProcurement purpose, we use only class 2 & 3 certificates.

Private & Confidential

A Digital Certificate typically contains the:

A Digital Certificate is issued by a Certification Authority (CA) and signed with the CA's private key.

Owners name Owners public key/private key Expiration date Name of the issuer (the CA that issued the Digital Certificate) Serial number of the Digital Certificate Digital signature of the issuer

Private & Confidential

FAQ
A person can have 1 or more digital certificates A digital certificate is valid for 1 or more years

Digital certificates are stored in a device called crypto key

If security of digital certificate is compromised, than it can be revoked/cancelled by making a request to CA

Unless revoked, the owner of the digital will be held valid for usage of Digital certificate
If documents are in place, a Certificate can be issued in few hours

Private & Confidential