ssdg - digital signature
TRANSCRIPT
-
7/31/2019 SSDG - Digital Signature
1/34
Digital Signatures
NIC-Etah
-
7/31/2019 SSDG - Digital Signature
2/34
Electronic Record1. Very easy to make copies
2. Very fast distribution
3. Easy archiving and retrieval
4. Copies are as good as original
5. Easily modifiable
6. Environmental Friendly
Because of4 & 5 together, these lack authenticity
-
7/31/2019 SSDG - Digital Signature
3/34
Why Digital Signatures?
To provide Authenticity,Integrity and Non -repudiation to electronicdocuments
To use the Internet as the
safe and secure mediumfor e-Governance ande-Commerce
-
7/31/2019 SSDG - Digital Signature
4/34
What is Digital Signature?
A digital signature is an electronic signature that can be usedto authenticate the identity of the sender of a message or thesigner of a document, and possibly to ensure that the originalcontent of the message or document that has been sent is
unchanged. Digital signatures are easily transportable, cannot be imitated
by someone else, and can be automatically time-stamped. Theability to ensure that the original signed message arrivedmeans that the sender can not easily repudiate it later.
The originator of a message uses a signing key (Private Key) tosign the message and send the message and its digital signatureto a recipient
The recipient uses a verification key (Public Key) to verify theorigin of the message and that it has not been tampered with
while in transit
-
7/31/2019 SSDG - Digital Signature
5/34
Digital signatures employ a type ofAsymmetric
Cryptography. The Scheme typically consists ofthree Algorithms
A key generation algorithm that selects a private keyuniformly at random from a set of possible private
keys. The algorithm outputs the private key and acorresponding public key.
A signing algorithm that, given a message and aprivate key, produces a signature.
A signature verifying algorithm that, given a message,public key and a signature, either accepts or rejectsthe message's claim to authenticity
Hash value of a message when encrypted with the private key of a
person is his digital signature on that e-Document
-
7/31/2019 SSDG - Digital Signature
6/34
Digital Signatures
Each individual generates his own key pair
[Public key known to everyone&
Private key only to the owner]
Private Key Used for making Digital Signature
Public Key Used to verify the Digital Signature
-
7/31/2019 SSDG - Digital Signature
7/34
Smart CardiKey
Hardware Tokens
-
7/31/2019 SSDG - Digital Signature
8/34
Smart Cards
The Private key is generatedin the crypto module residingin the smart card.
The key is kept in thememory of the smart card.
The key is highly secured as itdoesnt leave the card, themessage digest is sent insidethe card for signing, and thesignatures leave the card.
The card gives mobility to thekey and signing can be doneon any system (Having smartcard reader).
-
7/31/2019 SSDG - Digital Signature
9/34
iKeys or USB Tokens They are similar to smart cards in
functionality as
Key is generated inside the
token. Key is highly secured as it doesnt
leave the token.
Highly portable.
Machine Independent.
iKEY is one of the most commonlyused token as it doesnt need aspecial reader and can be connectedto the system using USB port.
-
7/31/2019 SSDG - Digital Signature
10/34
Private Key Protection
The Private key generatedis to be protected and kept
secret. The responsibilityof the secrecy of the keylies with the owner.
The key is secured using
PIN Protected soft token
Smart Cards
Hardware Tokens
-
7/31/2019 SSDG - Digital Signature
11/34
Digital Signatures
Digital Signatures are numbers
Same Length40 digits
They are document content dependent
I agree
efcc61c1c03db8d8ea8569545c073c814a0ed755
My place of birth is at Gwalior.
fe1188eecd44ee23e13c4b6655edc8cd5cdb6f25
I am 62 years old.
0e6d7d56c4520756f59235b6ae981cdb5f9820a0I am an Engineer.
ea0ae29b3b2c20fc018aaca45c3746a057b893e7
I am a Engineer.
01f1d8abd9c2e6130870842055d97d315dff1ea3 These are digital signatures of same person on different documents
-
7/31/2019 SSDG - Digital Signature
12/34
Paper Signatures V/s Digital Signatures
Parameter Paper Electronic
Authenticity May be forged Can not be copied
Integrity Signatureindependent of the
document
Signature depends
on the contents of
the document
Non-
repudiation
a. Handwriting
expert needed
b. Error prone
a. Any computer
user
b. Error free
V/s
-
7/31/2019 SSDG - Digital Signature
13/34
Role of Controller (CCA)
Controller of Certifying Authorities as
the Root Authority certifies thetechnologies, infrastructure andpractices of all the Certifying
Authorities licensed to issue DigitalSignature Certificates
-
7/31/2019 SSDG - Digital Signature
14/34
Seven CAs have been licensed by CCA
Safescrypt
National Informatics Center (NIC), Government ofIndia
Institute for Development & Research in BankingTechnology (IDRBT) A Spciety of Reserve Bank ofIndia
Tata Consultancy Services (TCS)
MTNL Trustline
GNFC (Gujarat Narmada Fertilizer Corporation)
E-MudhraCA
-
7/31/2019 SSDG - Digital Signature
15/34
How To Get & Use Digital Signature
http://../Documents%20and%20Settings/Administrator/kgupta/certs/IDRBT-0608/IDRBT_CA.cer -
7/31/2019 SSDG - Digital Signature
16/34
Application Request Go to http://nicca.nic.in
Download DSC Request Form
Fill-in the Form
Sign the Form at Required Place
Get the Form Countersigned and Verified from HOD
along with his/her Official Stamp Enclose Identification Proof
Enclose Fee (if required) in Form of Bank Draft
Send to NIC Office
http://../Documents%20and%20Settings/Administrator/kgupta/certs/IDRBT-0608/IDRBT_CA.cer -
7/31/2019 SSDG - Digital Signature
17/34
Issuance of Digital Signatures
Send your completed form to NIC UP State Unit Office
Once your form is found satisfactory and the fee isproperly submitted, the form is counter signed by NIC,
HoD. The form is then forwarded to NIC Certifying Authority
Office (NIC-RA, Kendriya Bhawan, Lucknow) forprocessing.
When your case is processed a Membership ID andPassword is Issued and send to the email ID mentionedin Application Form.
A Digital Signature in USB Token or Smart Card can becollected from NIC-RA Office at Lucknow
http://../Documents%20and%20Settings/Administrator/kgupta/certs/IDRBT-0608/IDRBT_CA.cer -
7/31/2019 SSDG - Digital Signature
18/34
Accessing Website with Membership ID for Enrollment ofRequest On line
http://../Documents%20and%20Settings/Administrator/kgupta/certs/IDRBT-0608/IDRBT_CA.cer -
7/31/2019 SSDG - Digital Signature
19/34
How to make Request
Insert the USB Pen Drive /Smart Card Reader in
your computer system
Insert the Smart Card in the Reader ( In case of
Smart Card )
Download USB/Smart Card Driver from NICCA
website (http://nicca.nic.in) Unzip and Double Click the Downloaded File
When the Proper Driver is loaded From Token
Administration, Device will get Operational
http://../Documents%20and%20Settings/Administrator/kgupta/certs/IDRBT-0608/IDRBT_CA.cer -
7/31/2019 SSDG - Digital Signature
20/34
Driver Downloading
http://../Documents%20and%20Settings/Administrator/kgupta/certs/IDRBT-0608/IDRBT_CA.cer -
7/31/2019 SSDG - Digital Signature
21/34
Please Click Download Smart Card USB E-tokenDriver Link
http://../Documents%20and%20Settings/Administrator/kgupta/certs/IDRBT-0608/IDRBT_CA.cer -
7/31/2019 SSDG - Digital Signature
22/34
Select Your Media Type
http://../Documents%20and%20Settings/Administrator/kgupta/certs/IDRBT-0608/IDRBT_CA.cer -
7/31/2019 SSDG - Digital Signature
23/34
Enrollment Process
http://../Documents%20and%20Settings/Administrator/kgupta/certs/IDRBT-0608/IDRBT_CA.cer -
7/31/2019 SSDG - Digital Signature
24/34
Click Member Login
http://../Documents%20and%20Settings/Administrator/kgupta/certs/IDRBT-0608/IDRBT_CA.cer -
7/31/2019 SSDG - Digital Signature
25/34
Enter User ID and Password and click Submit ButtonUser Id and Password are Same
http://../Documents%20and%20Settings/Administrator/kgupta/certs/IDRBT-0608/IDRBT_CA.cer -
7/31/2019 SSDG - Digital Signature
26/34
Click Step 1 or Enroll Button
http://../Documents%20and%20Settings/Administrator/kgupta/certs/IDRBT-0608/IDRBT_CA.cer -
7/31/2019 SSDG - Digital Signature
27/34
Fill form and select SafeSign Cryptographic ServiceProvider in Cryptographic Service Provider Dropdown
http://../Documents%20and%20Settings/Administrator/kgupta/certs/IDRBT-0608/IDRBT_CA.cer -
7/31/2019 SSDG - Digital Signature
28/34
After Filling Form and Cryptographic Service ProviderSelect option Generate Request
http://../Documents%20and%20Settings/Administrator/kgupta/certs/IDRBT-0608/IDRBT_CA.cer -
7/31/2019 SSDG - Digital Signature
29/34
You will receive email from nicca.nic.in when your Certificateis generated click step-4 or view status for downloaded
Certificates
http://../Documents%20and%20Settings/Administrator/kgupta/certs/IDRBT-0608/IDRBT_CA.cer -
7/31/2019 SSDG - Digital Signature
30/34
If your Certificate is generated then click your Request No.and enter Authentication Pin (Authentication Pin is send toyour e-mail id by nicca.nic.in) and click download Button.
http://../Documents%20and%20Settings/Administrator/kgupta/certs/IDRBT-0608/IDRBT_CA.cer -
7/31/2019 SSDG - Digital Signature
31/34
To Check if Certificate is available in Device
http://../Documents%20and%20Settings/Administrator/kgupta/certs/IDRBT-0608/IDRBT_CA.cer -
7/31/2019 SSDG - Digital Signature
32/34
For Accessing Web Services Go to Web Portal like http://edistrict.nic.in or
http://ssdg.up.nic.in
Plug-in the USB/Smart Card in the computer system/
laptop
While Digitally Signing in Browser window your
name will be pop up automatically, which you canselect
Further it will ask for PIN that is unique to your
Card.
http://../Documents%20and%20Settings/Administrator/kgupta/certs/IDRBT-0608/IDRBT_CA.cer -
7/31/2019 SSDG - Digital Signature
33/34
Prevention From Misuse
Dot Hand over you DSC Media
USB/Card to any one
Dot tell your PIN to anyone
Document Digitally Signed carriessame legal status as manuallysigning as per the IT Act
http://../Documents%20and%20Settings/Administrator/kgupta/certs/IDRBT-0608/IDRBT_CA.cer -
7/31/2019 SSDG - Digital Signature
34/34
Thank You