Monday, May 25, 2026
Indian Contract Act

Digital Signature, Authentication of Digital Signature-Law Notes

Prof. Mangesh Jawlekar
Post Views: 297

Introduction

Before knowing the digital signature, it is necessary to know what traditional signature is and it’s purpose. Historically, a signature is any mark or name written by a person differently  which is intended to be the evidence that it is theirs only. A signature has evidentiary value which authenticates a writing by identifying the person signing the signed document. A signature expresses the approval or authorisation by a person signing of the writing, or his intention that it have a legal effect. A signature on document often conveys a clarity and finality to the transaction.

The Information Technology Act, 2000 provides for use of ‘Electronic Signatures’ on the documents submitted in electronic form in order to ensure the security and authenticity of the documents filed electronically. A digital signature is basically a way to ensure that an electronic documents like mails, files containing texts are authentic. A digital signature is asymmetric cryptography, also known as public key cryptography.

Asymetric Cryptography

For understanding what asymetric cryptography is, let’s understand few words

Keys : Keys are used to create digital signatures. For every signature, there are two types of keys

Private key is used to actually sign message and is protected by a password

Public Key is available to other people. This is the key which other people can use to check our signature.

Encryption and Decryption : Encryption is the process of converting a normal message (plain text) into a meaningless message (ciphertext). Decryption is the process of converting a meaningless message (ciphertext) into its original form (plaintext). 

Cryptography : It is the process of hiding or coding information so that only the person to whom the message is sent can read it.

Asymmetric encryption : Asymmetric encryption uses pair of keys for encryption and decryption a public key and a private key. If the public key is used for encryption, then the related private key is used for decryption. If the private key is used for encryption, then the related public key is used for decryption. Asymmetric cryptosystem operates in two ways. What is encrypted by the public key can be decrypted by the private key and what is encrypted by by the private key can be decrypted by the public key.

Digital Signature

A digital signature can be defined as short unit of data that bears a mathematical relationship to the data in the document’s context and provides assurance to the recipient that the data is authentic. The term ‘electronic signature’ is sometimes used generally including all legally recognizable signatures. An electronic signature thus includes digtal signature.

Section 2(ta) of The Information Technology Act, 2000 defines “electronic signature”which means authentication of any electronic record by a subscriber by means of the electronic technique specified in the Second Schedule and includes digital signature; and

Section 2(p) defines “digital signature” which means authentication of any electronic record by a subscriber by means of an electronic method or procedure in accordance with the provisions of section 3;

Section 3. Authentication of electronic records.–(1) Subject to the provisions of this section any subscriber may authenticate an electronic record by affixing his digital signature. (2) The authentication of the electronic record shall be effected by the use of asymmetric crypto system and hash function which envelop and transform the initial electronic record into another electronic record. For the purposes of this sub-section, ―(hash function means an algorithm mapping or translation of one sequence of bits into another, generally smaller, set known as ’hash result’. In simple words, hash function is like a unique digital fingerprint generator.)

Digital signature can also be defined as a data which accompanies a digitally encoded message and which can be used to authenticate originator as well as message. In this case one sysytem generates digital signature with its private key which is then verified by its public key by another system.

Difference between handwritten signature and digital signature :

The handwritten signature is constant, same or similar on every document, while digital signature will be different for every message. The handwritten signature can be forged while the digital signature cannot be duplicated.

Electronic Commerce Act, 1988, India also provides that, with limited exceptions, electronic records and signatures should be accorded the same treatment as paper records and signature for purpose of complying with statutory writing signature evidentiary and record-keeping requirements.            

Section 5. Legal recognition of digital signatures. – Where any law provides that information or any other matter shall be authenticated by affixing the signature or any document shall be signed or bear the signature of any person, then, notwithstanding anything contained in such law, such requirement shall be deemed to have been satisfied if such information or matter is authenticated by means of digital signature affixed in such manner as may be prescribed by the Central Government.   Explanation.- For the purposes of this section, “signed”, with its grammatical variations and cognate expressions, shall, with reference to a person, means affixing of his hand written signature or any mark on any document and the expression “signature” shall be construed accordingly.  

Certifying authority to issue Digital Signature Certificate

Section 35 provides that, Certifying authority to issue Digital Signature Certificate :– Any person may make an application to the Certifying Authority for the issue of a Digital Signature Certificate in such form as may be prescribed by the Central Government, alongwith prescribed fees.                                On receipt of an application under sub-section, the Certifying Authority may, after consideration of the certification practice statement or the other statement as prescribed, and after making such enquiries as it may deem fit, grant the Digital Signature Certificate or for reasons to be recorded in writing, reject the application.