In this post, we will discuss basic terms of IT Act, 2008 but in conceptual manner
Objective of Act:-
1.) To grant legal recognition to
* Electronic Records
* Electronic Transactions
* Digital and Electronic Signatures
2.) To facilitate e-filing of documents with Government Department.
3.) To facilitate Electronic Fund Transfer.
4.) Book of accounts by banker in electronic form.
Now what is difference between Digital Signature and Electronic Signature.
This is any signature that is in electronic form, i.e. as opposed to paper-based ink signatures. Examples of electronic signatures include: a scanned image of the person ink signature
Digital Signature
These are actually a subset of electronic signatures because they are also in electronic form. However digital signatures go much further in terms of providing security and trust services:
Objective of Act:-
1.) To grant legal recognition to
* Electronic Records
* Electronic Transactions
* Digital and Electronic Signatures
2.) To facilitate e-filing of documents with Government Department.
3.) To facilitate Electronic Fund Transfer.
4.) Book of accounts by banker in electronic form.
Now what is difference between Digital Signature and Electronic Signature.
Electronic Signature
Digital Signature
These are actually a subset of electronic signatures because they are also in electronic form. However digital signatures go much further in terms of providing security and trust services:
* Signer authentication:
i.e. proof of who actually signed the document. i.e. digital signatures linking the user’s signature to an actual identifiable entity. ( This is being discussed under section 3 below)
* Data integrity:
i.e. proof that the document has not been changed since signing. The digital signature depends on every binary bit of the document and therefore can’t be re-attached to any other document.
* Non-repudiation:
i.e. the signer should not be able to falsely deny having signed their signature. That is, it should be possible to prove in a court that the signer in fact created the signature.
Section 3 - Authentication of Electronic Records
Electronic Records can be authenticated by affixing Digital Signature. Authentication is done by using hash function and asymmetric crypto system.
What is hash function?
Means an algorithm mapping i.e
translation of one sequence of bits into another which is generally smaller set known as "hash result",
(for eg: if a document contains 150 words, than we will convert sequence of 150 words into smaller sequence
that smaller sequence is known as Hash Result.
i.e. first we apply algorithm which convert record into hash result.)
such that an electronic record yield the same result every time the algorithm is executed with the same electronic record as its input making it computationally in-feasible
* to derive or reconstruct the original electronic record from the hash result produced by the algorithm.
* that two electronic records can produce same hash result using the algorithm.
What is asymmetric crypto system?
Asymmetric crypto system is created by using public key and a private key.
Take for eg: Alice has a public key as well as private key.
Now bob wants to send alice a message. How he will do that. Lets see
Simply, bob encrypt the message using alice public key and alice decrypt the message using her private key.
Therefore, digital signature is created by using hash function and asymmetric crypto system.
i.e. proof of who actually signed the document. i.e. digital signatures linking the user’s signature to an actual identifiable entity. ( This is being discussed under section 3 below)
* Data integrity:
i.e. proof that the document has not been changed since signing. The digital signature depends on every binary bit of the document and therefore can’t be re-attached to any other document.
* Non-repudiation:
i.e. the signer should not be able to falsely deny having signed their signature. That is, it should be possible to prove in a court that the signer in fact created the signature.
Section 3 - Authentication of Electronic Records
Electronic Records can be authenticated by affixing Digital Signature. Authentication is done by using hash function and asymmetric crypto system.
What is hash function?
Means an algorithm mapping i.e
translation of one sequence of bits into another which is generally smaller set known as "hash result",
(for eg: if a document contains 150 words, than we will convert sequence of 150 words into smaller sequence
that smaller sequence is known as Hash Result.
i.e. first we apply algorithm which convert record into hash result.)
such that an electronic record yield the same result every time the algorithm is executed with the same electronic record as its input making it computationally in-feasible
* to derive or reconstruct the original electronic record from the hash result produced by the algorithm.
* that two electronic records can produce same hash result using the algorithm.
What is asymmetric crypto system?
Asymmetric crypto system is created by using public key and a private key.
Take for eg: Alice has a public key as well as private key.
Now bob wants to send alice a message. How he will do that. Lets see
Simply, bob encrypt the message using alice public key and alice decrypt the message using her private key.
Therefore, digital signature is created by using hash function and asymmetric crypto system.
Glad to drop by your page and found these very interesting and informative stuff. Thanks for sharing, keep it up!
ReplyDelete