Digital signature means authentication of any electronic record by a subscriber
by means of an electronic method or procedure in accordance with the
provisions of section 3.
Section 3 deals with the conditions subject to which an electronic record may be authenticated by means of affixing digital signature which is created in two definite steps.
First, the electronic record is converted into a message digest by using a mathematical function known as 'Hash function' which digitally freezes the electronic record thus ensuring the integrity of the content of the intended communication contained in the electronic record. Any tampering with the contents of the electronic record will immediately invalidate the digital signature.
Secondly, the identity of the person affixing the digital signature is authenticated through the use of a private key which attaches itself to the message digest and which can be verified by anybody who has the public key corresponding to such private key. This will enable anybody to verify whether the electronic record is retained intact or has been tampered with since it was so fixed with the digital signature. It will also enable a person who has a public key to identify the originator of the message.
'Hash function' means an algorithm mapping or translation of one sequence of
bits into another, generally smaller, set known as "Hash Result" such that an electronic record yields the same hash result every
time the algorithm is executed with the same electronic record as its input
making it computationally infeasible to derive or reconstruct the original
electronic record from the hash result produced by the algorithm; that two
electronic records can produce the same hash result using the algorithm.
Digital signatures are a means to ensure validity of electronic transactions however who guarantees about the authenticity that such signatures are indeed valid or not false. In order that the keys be secure the parties must have a high degree of confidence in the public and private keys issued. Digital Signature is not like our handwritten signature. It is a jumble of letters and digits. It looks something like this.
----- BEGIN SIGNATURE----
----- END SIGNATURE ------