Organisation : e-Governance Infrastructure Implementation Agency
Facility Name : Digital Signature
Country : Armenia
Website : https://www.ekeng.am/en/sub/digital_signature
What is Digital Signature?
A digital signature is a mathematical technique used to ensure the authenticity, completeness, and validity of an electronic document. It serves as the digital equivalent of a handwritten signature, offering robust guarantees of information security and trustworthiness. Unlike traditional signatures, which can be forged and disputed in court due to concerns about authenticity, a digital signature eliminates the risks associated with electronic document circulation, effectively preventing forgery.
Related / Similar Facility : “Yes em” National System For Identification Armenia
Features of Digital Signature
It has the following compelling features:
** The signature is authentic. The signature convinces the document’s recipient that the signer deliberately signed the document.
** The signature is unforgeable. The signature is proof that the signer, and no one else, deliberately signed the document.
** The signature is not reusable. The signature is part of the document; an unscrupulous person cannot move the signature to a different document.
** The signed document is unalterable. After the document is signed, it cannot be altered.
** The signature cannot be repudiated. The signature and the document are physical things. The signer cannot later claim that he or she didn’t sign it.
How are Digital Signatures Created & Operated?
** Digital signatures are created using public key cryptography methods. The process involves generation of a pair of mathematically related keys: one private and one public. Armenian ID cards utilize the RSA algorithm.
** To create a digital signature, the signer uses their private key to encrypt the data to be signed.
** This private key is securely stored on the ID card and is not physically accessible, ensuring its protection.
** If the private key is compromised, others could create digital signatures on behalf of the key’s owner, leading to potential security breaches.
** To validate a digitally signed document, the signer’s public key is used. This validation process is also protected to ensure information security.
** Additionally, to address risks associated with retransmissions or unintentional time changes on personal computers, digital signatures include a global timestamp.
** This timestamp records the exact moment the signing occurred, adding an extra layer of verification.
Software Components for Creating Digital Signatures:
** The software first calculates a “one-way hash” value of the document or data to be signed.
** This hash is a fixed-length string that uniquely represents the content of the document, similar to a seal in its immutability.
** The term “one-way” indicates that, while a hash value can be calculated for any document, it is not possible to reconstruct the original document from the hash.
** This technology also ensures that no two different documents produce the same hash value.
Therefore:
** The same digital signature cannot be used on different documents.
** Any modification to the document after it has been digitally signed will invalidate the digital signature.
** The resulting hash value is then encrypted using the private key of the digital signature generator.
** The encrypted hash, along with the document (either embedded within or attached to the document), is sent to the recipient.
Upon receipt, the recipient uses appropriate software to reverse the process:
** The software decrypts the encrypted hash using the sender’s public key.
** The recipient recalculates the hash value of the received document and compares it to the decrypted hash.
** If the two hash values match, the digital signature is verified as valid; if not, the signature is invalid.