Page 20 - ICT Nepal News Issue 01
P. 20

they have much more       government  offices  and  sea of un-trusted         INGOs of maintaining
           opportunities using it.   courts of law. Application  processes.              electronic good governance
           It helps all government   code  is like gold dust to   At last, the digital   by ending  wrongdoings
           agencies across  federal  attacker's it can provide  Signature  would  be a   while receiving  and
           government  and state  and  targeted  run-time  access  milestone in the initiative  provid  ing services including
           localgovernment  move     to high-value  data that  is  of the government,  non-  fake signature as well as
           to paperless  processing  not otherwise  protected.  govern  ment orga n ization,  documents.  ln a nutshell,
           basically giving relief from  Although,Crypto token  fi nancial institutions,  NGOs,  using Digital Signature
           manual process in support  based security may                                 saves time, money and
           of their mission for Digital  sound incongruous                               environment.
           Nepal transformation      as a solution to                                        Author: Chief
           strategy.  lt fastens     software and                                         Operoting  Officer of
           the government  work      cloud-based                                         Nepal Certifyi ng Compa ny
           significantly as, hundreds  vulnerabilities,  it
           of daily transactions can  remains  a tried-
           be performed  in short    and-tested
           duration with full security.  anchor  of
           Digital signatures  provides  trust in
           a uthentication  mecha nism  the
           and acceptability  in various  vast



                           Model of Digital Signature




                As mentioned  earlier;                                                 of data  is created. Since
              the digital signature                                                    the hash of data is a
              scheme  is based on                                                      unique representation
              pu bl ic key cryptogra phy.                                              of data, it is sufficient to
              The model of digital                                                     sign the hash in place of
              signature scheme  is                                                     data. The most important
              depicted in the following                             i  Fublic  i       reason of using hash
              illustration  -                                       !**ni              instead  of data directly
                 The following points   signature key are then  .  For verification,   for signing  is efficiency of
              explain the entire  process  fed to the signature  this hash value and   the scheme.
              in detail -               algorithm  which         output of verification   Let us assume RSA
              .  Each person  adopting   produces  the digital   algorithm  are        is used as the signing
                this scheme  has a      signature on given       compared. Based       algorithm.  As discussed
                public-private  key pa ir.  hash. Signature  is  on the comparison     in public key encryption
              .  Generally, the key pairs  appended  to the data  result, verifi er decides  cha pter, the encryption/
                used for encryption/    and then both are sent   whether  the digital  signing  process using
                decryption  and         to the verifier.         signature is valid.   RSA involves  modular
                signing/verifying  are  Verifier feeds the     .  Since digital signature  exponentiailon.
                different.  The private  digital signature and   is created by'private'   Signing large data
                key used for signing    the verification  key    key of signer and no  through modular
                is referred to as the   into the verification    one else can have this  exponentiation  is
                signature key and       algorithm.  The          key; the signer cannot  computationally
                the public key as the   verification  algorithm  repudiate signing the  expensive  and time
                verification  key.      gives some value as      data in future.       consuming.  The hash of
              .  Signer  feeds data to  output.                                        the data is a relatively
                the hash function  and  Verifier also runs       It should be noticed  small  digest of the data,
                generates  hash of      same hash function    that instead  of signing  hence signing  a hash
                data.                   on received  data to  data directly  by signing  is more efficient than
              .  Hash value and         generate hash value.  algorithm,  usually  a hash  signing the entire data.




                                                 [20)  IITINEPAL  [fanuary  201.7)
   15   16   17   18   19   20   21   22   23   24   25