Digital signature is the process of encrypting your documents in a safe and efficient
way. 128 bit RSA encoding technology gives enhanced Security.
a)What is a Digital Signature?
Digital signatures are electronically generated and can be used to ensure the integrity
and authenticity of some data, such as an e-mail message and protect against non-repudiation.
b)What is a Digital Certificate?
A Digital certificate is a form of an electronic credential for the Internet. Similar
to a driver's license, employee ID card, a Digital certificate is issued by a trusted
third party to establish the identity of the certificate holder. The third party
who issues the Digital Certificate is known as the Certifying Authority (CA).
c) Is there any difference between Digital Certificate
and Digital Signature?
Digital Signatures provide Authentication, Privacy, Non repudiation and Integrity
in the virtual world . IT Act 2000 in India gives legal validity to electronic transactions
that are digitally signed. Therefore we need digital signatures for secure messaging,
online banking applications, online workflow applications, e-tendering, supply chain
management etc.
Digital Certificates are digital documents attesting to the binding of a public
key to an individual or specific entity. They allow verification of the claim that
a specific public key does in fact belong to a specific individual. Digital Certificates
help prevent someone from using a phony key to impersonate someone else.
In their simplest form, certificates contain a public key and a name. As commonly
used, a certificate also contains an expiration date, the name of the Certifying
Authority that issued the certificate, a serial number etc. Most importantly, it
contains the digital signature of the certificate issue
d) Where can I use Digital Certificates?
You can use Digital Certificate for secure email and web-based transactions, or
to identify other participants of web-based transactions. You can use Digital Certificate
to prove ownership of a domain name and establish SSL / TLS encrypted secured sessions
between your website and the user for web based transaction. As a developer you
can use Digital Certificate for proving authorship of a code and retain integrity
of the distributed software programs. You can use Digital Certificates for signing
web forms, e-tendering documents, filing income tax returns etc.
e) What actually happens when I digitally sign any
transaction?
When you sign any transaction, you are using your private key. When the recipient
receives the information with your certificate, he can verify the information using
the public key on your certificate.
Signing a transaction:
Verifies the user's identity;
Establishes his / her credentials to perform the transaction;
Protects the integrity of the information itself (it cannot be changed once the
user has signed it).
Once the user has digitally signed a transaction he cannot deny that he has sent
the information. This is referred to as non-repudiation.
f) Can I send secure e-mail to someone who does not
have a Digital Certificate?
You can digitally sign any e-mail as long as the recipient has an e-mail application,
which supports S/MIME. You cannot encrypt a message, however, unless you have the
recipient's Digital Certificate.
g) How do I know if the e-mail I receive is signed or encrypted?
Netscape Communicator Users: Any signed e-mail you receive will have a prominent
icon in the upper-right corner of the message saying "signed" or "encrypted" or
both. If you want more information about the security of a message, click on the
Security button (the one that looks like a padlock) above the message.
Microsoft Internet Explorer Users: Signed messages will be shown in the inbox (or
any other folder) with a red ribbon on the envelope icon. Encrypted messages will
show a padlock on the envelope icon.
h) I want to attach my digital signature for my email
account at yahoo.com, how can I?
Unfortunately Web-based mail like Yahoo, Hotmail, Incredimail, MSN or AOL is not
S/MIME compatible and so cannot be used with a Personal Email Certificate.
In order to secure your mail you must setup your mail and install the personal certificate
in a mail client that can support S/MIME like Outlook 2000, Outlook Express or Netscape
Messenger.
Alternatively you would have to configure your email client on your PC (i.e. Outlook
Express) to access your Web based account with the correct username, password and
POP settings.
i) I have downloaded Digital Certificate . Will it
get automatically connected to "Outlook"?
After downloading and importing Digital Certificate in your web browser, you are
ready to use your Digital Certificate with web browser but for using with your email
client software you will have to configure necessary settings. To get descriptive
help for configuring email client software for using digital signatures, please
visit following link: - http://support.microsoft.com/support/kb/articles/q168/7/26.asp
GO TO TOP
j) How can one digitally sign email using Outlook
Web Access service provided by Microsoft Exchange Server, when that person is in
remote places?
For this Assure Messaging Solution has to be integrated with the mail server to
provide digital signature based access control.
k) Is the information contained in my Digital Certificate
automatically sent to the websites I visit?
No, you control the presentation of your Digital Certificates to websites through
the settings in your web browser.
l) Why should I save a backup copy of my Digital
Certificate?
In case yours hard drive crashes or your Digital Certificate gets accidentally deleted.
If you store a backup copy of your Digital Certificate on a floppy disk in a secure
place, then you will always be able to re-install your Digital Certificate. If you
lose your Digital Certificate and it is not backed-up, then you will lose any messages
that have been encrypted for you.
m) Will unplugging my computer disrupt my Digital
Certificate?
No. Your key pair and your Digital Certificate are stored on your hard drive and
are not disrupted by removing the power source to your computer.
n) What if some one copies my Digital Certificate?
Your Digital Certificate cannot be used without your private key, which is never
transmitted to us. To maintain security, your private key should be protected by
a password and never sent across any network. You want your Digital Certificate
(which contains your public key) to be available to other users so that they can
verify your right to use the Digital Certificate, decrypt messages that you have
encrypted with your private key, and verify your digital signatures.
o) What does my Private Key look like?
Private Keys are not easily viewed simply because they need to remain secure. They
exist for the most part in an encrypted state within the registry of the Operating
System. However, if specified at the time of key pair generation, it is possible
to export a Private Key as a data file for backup purposes. Like any cryptographic
key, Private Keys are simply long, random numbers.
p)My PC's hard disk drive crashed. Is there any way
to recover my Digital Certificate?
A hard drive crash usually deletes all key pair and Digital Certificate files in
your computer. Once these files have been lost, there is no way to reactivate the
Digital Certificate. You will first need to revoke your Digital Certificate, and
then enroll for a new one.
q) My computer was stolen. What should I do to protect
my Digital Certificate?
If your key files were protected with a password, then it is unlikely that the thief
will be able to use your Digital Certificate to impersonate you. In Microsoft Internet
Explorer, your key files are protected by your Windows password, and in Netscape
they are protected by your Navigator or Communicator password. If you want another
Digital Certificate You should immediately revoke your Digital Certificate, then
enroll for a new one.
r)What is cryptography?
Cryptography is the science of using mathematics to encrypt and decrypt data. Cryptography
enables you to store sensitive information or transmit it across insecure networks
(like the Internet) so that it cannot be read by anyone except the intended recipient.
In short, cryptography is science of securing data
s) What is secret key cryptography?
Secret-key cryptography is sometimes referred to as symmetric cryptography. It is
the more traditional form of cryptography, in which a single key can be used to
encrypt and decrypt a message. Secret-key cryptography not only deals with encryption,
but it also deals with authentication.
t) What is Public Key Cryptography?
Public Key Cryptography is a method for securely exchanging messages, based on assigning
two complimentary keys (one public, one private) to the individuals involved in
a transaction. Public Key Cryptography is based on the science of encryption, the
mathematical scrambling and unscrambling of messages.
u) What is authentication?
Authentication is the process of verifying a claimed identity. This includes:
Establishing that a given identity actually exists;
Establishing that a person or organization is the true holder of that identity;
Enabling identity holders to identify themselves for the purposes of carrying out
a transaction via an electronic medium
v) What is encryption?
Encryption is the process of using a mathematical formula and an encryption key
to scramble information so that is unintelligible to unauthorized persons. Since
electronic information is in the form of a series of ones and zeroes, an encryption
process can transform a particular electronic message into another sequence of ones
and zeros that is uniquely related to the original message.
w) What is decryption?
Decryption is the process of converting the scrambled information back to its original,
plain text form using the same mathematical formula and a decryption key related
to the encryption key so an authorized person can understand it.