4.1 digital certificates

8/2/2019 4.1 Digital Certificates

1/11

Private & Confidential

Digital Certificate

A digital certificate is a digital form of

identification, much like a passport or driver'slicense.


2/11


Why Digital Signature are required?

In the digital world, it is easy to make copy of digital record. Theproblem is copy is as good as original i.e a copy of word file will beas good as the original word file

Scanned signature of a person in any of the following format i.e.

jpeg, bmp, tiff, gif, pdf can be copied & it will be as good as theoriginal scanned copy.

But if a document is digitally signed using digital certificates, than itis possible to make out which one is original & which one is

duplicate.


3/11


What are Digital Certificates?

Digital Certificate revel the identity of a person, in the faceless worldof Internet

Digital Certificates are issued by Certifying Agency called CA whoare controlled by Controller of Certifying Agency (CCA).

A Digital Certificate has 2 parts Public Key & Private Key. As

name suggest Public Key is shared with Public & Private key issupposed to be held with the owner.

Digital Certificates is a small software that contains the identity ofthe person, and can be stored in Internet Browser digital certificaterepository/store


4/11


What is a digitally signed document?

Digitally Signed document contains 2 things

Original Document i.e. Word file, Jpeg, PDF, etc.

Digital Signature in Text Format


5/11


How Digital Signature is generated?

Take any Digital Document MP3, Word File, PDF, Jpeg, etc.

Run Hash Algorithm & generate Message Digest (MD)

Attach Public Key of Digital Certificate with EMD

Encrypt MD (EMD) with Private Key of Digital Certificate

EMD + attached public key is called Digital Signature.


6/11


How Digital Signature is generated?

Take Digital Signature

Separate Encrypted MD & Public Key

Generate new MD as explained earlier - say MD2

Using Public Key, decrypt MD say MD1

If MD1 & MD 2 matches, it means document is not tampered

If MD1 & MD 2 do not match, it means document is tampered


7/11Private & Confidential

More about Digital Signature

Digital Signature are so sensitive that even if a pixel is changed, itcan detect the change.

From Digital Signature you know who signed it, when it was signed& weather document has been tampered or not.

If someone tries to tamper/edit a document, than it can be detectedwith attached signature, but what has been edited cannot be know.



Licensed Certifying Agency

eMudra ICICI group

TCS

MTNL

Safescrypt Verisign & Satyam Mahindra

nCODE - GNFC

more



Types of Digital Certificates

Class 1 Is issued to a person after verification of email account ofthe holder.

Class 2 Is issued to a person after proper verification of therequired document, which should be attested/notarized

Class 3 Is issued to a person only after physical verification of aperson & if all the required attested/notarized documents areavailable.

Class 1 is least expensive & Class 3 is most expensive. Types. ForeProcurement purpose, we use only class 2 & 3 certificates.



A Digital Certificate typically contains the:

A Digital Certificate is issued by a Certification Authority(CA) and signed with the CA's private key.

Owners name

Owners public key/private key

Expiration date

Name of the issuer (the CA that issued the Digital

Certificate) Serial number of the Digital Certificate

Digital signature of the issuer



FAQ

A person can have 1 or more digital certificates

A digital certificate is valid for 1 or more years

Digital certificates are stored in a device called crypto key

If security of digital certificate is compromised, than it can berevoked/cancelled by making a request to CA

Unless revoked, the owner of the digital will be held valid for usage ofDigital certificate

If documents are in place, a Certificate can be issued in few hours

4.1 digital certificates

Documents