is defined by the Digital Signature Act 1997 as a transformation of a message using an asymmetric cryptosystem such that a person having the initial message and the signer's public key can accurately determine whether the transformation was created using the private key that corresponds to the signer's public key and whether the message has been altered since the transformation was made.
Essentially, what this means is that a digital signature is an electronic version of a conventional signature. It is a pair of keys created with the use of asymmetric cryptosystem and involves the use of algorithm or a specific series of algorithm. The pair of keys is made up of a private key as well as a public key. The private key is used to create the digital signature while the public key is used to verify the digital signature. While the private key cannot be known by anyone else except the subscriber, the public key is known to the public and noted in the certificate issued by the certification authority and may be retrieved from the repository.
The transaction of a digitally signed message begins with the preparation of the message. The message is then transformed or hashed into message digest with the use of a one-way hash function. The signer signs this message digest using his private key. The result of using a private key on a message digest is called digital signature.
The original message is sent through an electronic line to the receiver. The recipient of the message, uses the signer's public key to verify the digital signature - only the signer's public key will verify a digital signature created with the signer's private key. The recipient may also verify if the message has been modified, by changing/hashing the received message with the use of the same algorithm (one way hash function).
If the value of the message digest is the same as the value of the message digest in the digital signature received, then no modification has been made to the message since its transformation. Digital signature is similar to the auto teller machine (ATM) card system.
Back to the top