JD COLLEGE OF ENGINEERING AND MANAGEMENT, NAGPUR

An Autonomous College, Affiliated to DBATU, Lonere

At: Khandala, Post- Valni, Kamleshwar Road, Near Fetri, Nagpur
Department of Computer Science & Engineering / Information Technology

SUBJECT: CSC

TOPIC NAME: DIGITAL SIGNATURE IN CYBER SECURITY

GROUP NO: 02

GROUP MEMBERS:
Hrichika Chaudhary (CSE-06) Marshneel Patil (CSE-07)
Mrunali Porete (CSE-08) Payal Sangolkar (CSE-09)
Pradnya Kotangale (CSE-10)
DIGITAL SIGNATURE
Digital Signature

A digital signature is a mathematical technique used to validate the authenticity and integrity of a message,
software, or digital document. 
MAC(Message Authentication Code) was used to provide Message Integrity and Message Authentication but
it needs symmetric key established between sender and receiver. A digital signature on other hand uses pair of
asymmetric keys.
A valid digital signature helps the receiver to know the message comes from the authentic sender and is not
altered in between.

 What is a Signature?

We sign a document to show that is approved by us or created by us. The signature is proof to the recipient
that this document is coming from the correct source. The signature on the document simply means the
document is authentic. 
When A sends a message to B, B needs to check the authenticity of the message and confirm that it comes
from A and not C. So B can ask A to sign the message electronically.
The electronic signature that proves the identity of A is also called a digital signature.
Difference between Digital signature and Conventional
Signature
How the digital signature process works:
The digital signature process works :
1) Create the document. The document is created with whatever tool is used in the organization. To prepare for
signing, the document should be converted to PDF (Portable Document Format).

2) Upload the document. With digital signatures, there are numerous options out there. The provider chosen
depends entirely on what aspects of the digital signature are required. There are basic free apps, subscription
services offering premium features, cloud-based solutions for on-the-go signing, or an app integrated into
your CRM.

3) Send a signature request. Create a signature request to send the document to the signers. Each signer will
receive the document, and have the option to sign it, using a method defined by the sender, such as eID,
uploading ID paper, or even the low-security scribble a signature on a screen.

4) Wait for signatures. Each of the signers will receive a notification that they have received a document to
sign. Depending on the user and their location, different methods are available to sign the documents.

5) Finalise the document. Once the document is signed by all required signers, the signed document is
generated. This contains all the collected evidence during the signing, and the signatures will show who
signed and can be verified to make sure the document has not been modified after it was signed. This
information can later be used as legal evidence
Algorithms in Digital Signature
A digital signature consists of three algorithms:

1. Key generation algorithm

The key generation algorithm selects private key randomly from a set of possible private
keys. This algorithm provides the private key and its corresponding public key.

2. Signing algorithm
A signing algorithm is responsible for producing document signatures. This uses a private
key to encrypt hash value. After this, the data reaches the verifies for further process.

3. Signature verifying algorithm

A signature verifying algorithm is for checking the authenticity of a document. It applies the
original hash function to compare the data and see if it is valid or not.
 Digital Signature Tools
1. Zoho Sign
It is a digital signature app that works online to handle digital signatures legally. This
manages the authenticity and timeliness of the digital signatures. It also offers custom
branding options to its members.

2. Sign Request
Offering affordable digital signature service to over 500.000 users. It follows legal e-
signature solutions in almost 26 countries and ensures authenticity and integrity all the
time.

3. Eversign
This offers digital signature service with full guidance to all its clients. It is known for its
high level security allowing companies to trust them with confidential information. It is
also easy to use and allows small businesses to be part of the community as well.
 Types of Digital Signature
Different document processing platform supports different types of digital signature.
They are described below:
Certified Signatures
The certified digital signature documents display a unique blue ribbon across the top of the document. The
certified signature contains the name of the document signer and the certificate issuer which indicate the
authorship and authenticity of the document.

Approval Signatures
The approval digital signatures on a document can be used in the organization's business workflow. They help
to optimize the organization's approval procedure. The procedure involves capturing approvals made by us and
other individuals and embedding them within the PDF document. 

Visible Digital Signature

The visible digital signature allows a user to sign a single document digitally. This signature appears on a
document in the same way as signatures are signed on a physical document.

Invisible Digital Signature

The invisible digital signatures carry a visual indication of a blue ribbon within a document in the taskbar. We
can use invisible digital signatures when we do not have or do not want to display our signature but need to
provide the authenticity of the document, its integrity, and its origin.
 Benefits of Digital Signatures
Security is the main reason why people use digital signatures. Some of the features that come with digital
signatures are –
1. It provides personal identification numbers and codes that allow authentication of the signer’s identity and
thus approval. This includes email, username, and passwords as the main methods.

2. Asymmetric cryptography is a method that uses a public key algorithm for encryption and authentication.
This is more reliable than symmetric keys which use the same key for encryption and decryption.

3. The checksum is a type of data fingerprint which allows the comparison of digital data to detect errors or
changes.
4. Cyclic redundancy check allows error detection and verification in raw data stored in digital networks and
storage devices.

5. Certificate authority validation is the issuing of digital signatures by verifying and accepting digital
certificates, to avoid fake creation.
6. The trust service provider is responsible for validating the digital signature on behalf of a third party.
Some other benefits are –
1. It provides a timestamp by recording the time and date of the digital signature.
This is very useful in emergency situations like stock trades and legal
proceedings.

2. It saves time by removing the steps like physical storage and exchange,
signing, etc.

3. It is very cost-effective as the company saves up on space, resources, and labor.

4. It also cust the physical waste generation and promotes a positive attitude.

5. They are easy to trace which makes maintaining a record easier.

1. Authentication
It allows authentication of the message source and sender’s identity. This
process allows verification of the user accessing the system.

2. Non-repudiation
Non-repudiation is a way to ensure that an entity does not deny the contacts’
authenticity and the origin of the signature.

3. Integrity
Integrity is for ensuring that the contract is accurate and original. It proves that
the contract will not go under manipulation during the transmission.
 Uses of Digital Signature

1. Government Bodies
The government uses it for publishing confidential documents like budgets, tax returns, law bills, and contracts.
They follow very strict protocols while using digital signatures like smart cards to ID the employees
2. Banking Industry
The banking industry uses it for contracts, loan processes, mortgages, and many more documents. They need to
follow the guidelines issued by E-Sign Act, Uniform Electronic Transactions Act, and the Federal Financial
Institutions Examination Council.
3. Cryptocurrencies
Cryptocurrencies and bitcoin need the signature for blockchain authentication. This allows transaction data
management as well as ownership of the currency.
4. Healthcare Sector
The Healthcare sector uses it for administrative processes, admissions, prescriptions, and strengthening data
security. All the hospitals must abide by the guidelines in the Health Insurance Portability and Accountability Act
of 1996.
5. Manufacturing Organizations
The manufacturing companies use to improve their efficiency by speeding up the processes. This includes
product design, quality assurance, invoice, etc.