ssdg - digital signature

7/31/2019 SSDG - Digital Signature

1/34

Digital Signatures

NIC-Etah


2/34

Electronic Record1. Very easy to make copies

2. Very fast distribution

3. Easy archiving and retrieval

4. Copies are as good as original

5. Easily modifiable

6. Environmental Friendly

Because of4 & 5 together, these lack authenticity


3/34

Why Digital Signatures?

To provide Authenticity,Integrity and Non -repudiation to electronicdocuments

To use the Internet as the

safe and secure mediumfor e-Governance ande-Commerce


4/34

What is Digital Signature?

A digital signature is an electronic signature that can be usedto authenticate the identity of the sender of a message or thesigner of a document, and possibly to ensure that the originalcontent of the message or document that has been sent is

unchanged. Digital signatures are easily transportable, cannot be imitated

by someone else, and can be automatically time-stamped. Theability to ensure that the original signed message arrivedmeans that the sender can not easily repudiate it later.

The originator of a message uses a signing key (Private Key) tosign the message and send the message and its digital signatureto a recipient

The recipient uses a verification key (Public Key) to verify theorigin of the message and that it has not been tampered with

while in transit


5/34

Digital signatures employ a type ofAsymmetric

Cryptography. The Scheme typically consists ofthree Algorithms

A key generation algorithm that selects a private keyuniformly at random from a set of possible private

keys. The algorithm outputs the private key and acorresponding public key.

A signing algorithm that, given a message and aprivate key, produces a signature.

A signature verifying algorithm that, given a message,public key and a signature, either accepts or rejectsthe message's claim to authenticity

Hash value of a message when encrypted with the private key of a

person is his digital signature on that e-Document


6/34

Digital Signatures

Each individual generates his own key pair

[Public key known to everyone&

Private key only to the owner]

Private Key Used for making Digital Signature

Public Key Used to verify the Digital Signature


7/34

Smart CardiKey

Hardware Tokens


8/34

Smart Cards

The Private key is generatedin the crypto module residingin the smart card.

The key is kept in thememory of the smart card.

The key is highly secured as itdoesnt leave the card, themessage digest is sent insidethe card for signing, and thesignatures leave the card.

The card gives mobility to thekey and signing can be doneon any system (Having smartcard reader).


9/34

iKeys or USB Tokens They are similar to smart cards in

functionality as

Key is generated inside the

token. Key is highly secured as it doesnt

leave the token.

Highly portable.

Machine Independent.

iKEY is one of the most commonlyused token as it doesnt need aspecial reader and can be connectedto the system using USB port.


10/34

Private Key Protection

The Private key generatedis to be protected and kept

secret. The responsibilityof the secrecy of the keylies with the owner.

The key is secured using

PIN Protected soft token

Smart Cards

Hardware Tokens


11/34

Digital Signatures

Digital Signatures are numbers

Same Length40 digits

They are document content dependent

I agree

efcc61c1c03db8d8ea8569545c073c814a0ed755

My place of birth is at Gwalior.

fe1188eecd44ee23e13c4b6655edc8cd5cdb6f25

I am 62 years old.

0e6d7d56c4520756f59235b6ae981cdb5f9820a0I am an Engineer.

ea0ae29b3b2c20fc018aaca45c3746a057b893e7

I am a Engineer.

01f1d8abd9c2e6130870842055d97d315dff1ea3 These are digital signatures of same person on different documents


12/34

Paper Signatures V/s Digital Signatures

Parameter Paper Electronic

Authenticity May be forged Can not be copied

Integrity Signatureindependent of the

document

Signature depends

on the contents of

the document

Non-

repudiation

a. Handwriting

expert needed

b. Error prone

a. Any computer

user

b. Error free

V/s


13/34

Role of Controller (CCA)

Controller of Certifying Authorities as

the Root Authority certifies thetechnologies, infrastructure andpractices of all the Certifying

Authorities licensed to issue DigitalSignature Certificates


14/34

Seven CAs have been licensed by CCA

Safescrypt

National Informatics Center (NIC), Government ofIndia

Institute for Development & Research in BankingTechnology (IDRBT) A Spciety of Reserve Bank ofIndia

Tata Consultancy Services (TCS)

MTNL Trustline

GNFC (Gujarat Narmada Fertilizer Corporation)

E-MudhraCA


15/34

How To Get & Use Digital Signature
http://../Documents%20and%20Settings/Administrator/kgupta/certs/IDRBT-0608/IDRBT_CA.cer


16/34

Application Request Go to http://nicca.nic.in

Download DSC Request Form

Fill-in the Form

Sign the Form at Required Place

Get the Form Countersigned and Verified from HOD

along with his/her Official Stamp Enclose Identification Proof

Enclose Fee (if required) in Form of Bank Draft

Send to NIC Office


17/34

Issuance of Digital Signatures

Send your completed form to NIC UP State Unit Office

Once your form is found satisfactory and the fee isproperly submitted, the form is counter signed by NIC,

HoD. The form is then forwarded to NIC Certifying Authority

Office (NIC-RA, Kendriya Bhawan, Lucknow) forprocessing.

When your case is processed a Membership ID andPassword is Issued and send to the email ID mentionedin Application Form.

A Digital Signature in USB Token or Smart Card can becollected from NIC-RA Office at Lucknow


18/34

Accessing Website with Membership ID for Enrollment ofRequest On line


19/34

How to make Request

Insert the USB Pen Drive /Smart Card Reader in

your computer system

Insert the Smart Card in the Reader ( In case of

Smart Card )

Download USB/Smart Card Driver from NICCA

website (http://nicca.nic.in) Unzip and Double Click the Downloaded File

When the Proper Driver is loaded From Token

Administration, Device will get Operational


20/34

Driver Downloading


21/34

Please Click Download Smart Card USB E-tokenDriver Link


22/34

Select Your Media Type


23/34

Enrollment Process


24/34

Click Member Login


25/34

Enter User ID and Password and click Submit ButtonUser Id and Password are Same


26/34

Click Step 1 or Enroll Button


27/34

Fill form and select SafeSign Cryptographic ServiceProvider in Cryptographic Service Provider Dropdown


28/34

After Filling Form and Cryptographic Service ProviderSelect option Generate Request


29/34

You will receive email from nicca.nic.in when your Certificateis generated click step-4 or view status for downloaded

Certificates


30/34

If your Certificate is generated then click your Request No.and enter Authentication Pin (Authentication Pin is send toyour e-mail id by nicca.nic.in) and click download Button.


31/34

To Check if Certificate is available in Device


32/34

For Accessing Web Services Go to Web Portal like http://edistrict.nic.in or

http://ssdg.up.nic.in

Plug-in the USB/Smart Card in the computer system/

laptop

While Digitally Signing in Browser window your

name will be pop up automatically, which you canselect

Further it will ask for PIN that is unique to your

Card.


33/34

Prevention From Misuse

Dot Hand over you DSC Media

USB/Card to any one

Dot tell your PIN to anyone

Document Digitally Signed carriessame legal status as manuallysigning as per the IT Act


34/34

Thank You