India to Redefine Digital Signature System

It has been reported in Economic times today that the Cyber regulations Advisory Committee is finalizing the standards for Digital Signature systems According to the report, the Ministry of Information Technology (MIT) is said to be considering to make it mandatory for Digital Certificates to be issued with two sets of keys, one set for digital signature and the other for encryption.

Readers may know that the Digital Signature system is based on the Public Key Infrastructure system where there is a unique pair of keys consisting of a Public and  a Private key.   The private key is always held in the custody of the owner and the public key  is distributed to the intended recipient of a message and also placed in the public repository. The unique property of these keys is that  a document encrypted with one can only be decrypted with the other and vice versa. The reliability of this property is so well established that any document that can be decrypted with a "Public Key of Mr X" is presumed to have been encrypted originally only with the corresponding "Private key of Mr X".

The normal practice for affixing Digital Signatures to documents is to follow the two step process.

Calculate a Hash Code for the document by using a standard hash algorithm which produces a one way hash code that is unique to any given document.

Encrypt the hash code with the private key of the key pair.

This encrypted hash code is sent to the addressee as an attachment to the main message.

On receipt of the  message with the encrypted hash code, the recipient follows the following two step process to verify the signature.

He decrypts the hash code with the public key of the sender which confirms the authentication process that the message has in deed  been sent by the holder of the corresponding private key.

He also recalculates the hash code of the message as received and tallies this with the decrypted value sent to him.

(P.S:. The actual process of signing and verification is done by the browser or the e-mail client automatically and the users only let their systems install the keys within the applications in the first place).

The above form of digital signature not only establishes the authentication but also the "Data Integrity" of the message during transmission since no two documents will have the same hash code. 

Encryption of the complete document can be done in addition to a affixing of the above signature if confidentiality has to be maintained during the transmission. Such encryption can be done either with the private key of the originator or with the public key of the addressee. In each of these cases, it can be decrypted with the corresponding other key of the pair. The standard practice is to encrypt mail messages with the public key of the recipient.

In order to also bestow the nature of "Non Repudiation" to the documents, the system is developed on the principle that the  custody of the private key never leaves the original generator of the key pair. The copy of the private key is therefore normally not kept even by the Certifying Authority. If therefore, the private key is lost, it is not possible to  recover it from the Certifying Authority.  Some Certifying authorities may provide replacement of keys while some don't provide even for such replacement.

What the Government is now proposing is that a user of the digital signature system should hold two pairs of keys one for signing and the other for encryption so that a copy of the "Encryption Private Key" can be mandatorily lodged with the Certifying Authority. The need for this is to intercept encrypted messages in case of necessity.

If this system has to be adopted, the standard Key generation and Digital Certification software being used world wide has to be modified. The browsers such as Netscape and Internet explorer needs to be made compatible with the system of two sets of keys to be used during the process of transmitting any secured message.

It appears that this intended proposal from the CRAC is not technologically feasible without a major upheaval of the system. It has already been pointed out by that the ITA-2000 has the dubious distinction of defining what was known as "Cracking "as "Hacking". Now we will have the dubious distinction of making all the globally used browsers incompatible with the system of Digital Signatures we are about to adopt.

There is a need to rethink on the subject.

march 31, 2001

 Report in Economic Times

Do readers have a views on this? or suggestions?. If so, Your views can be sent here

Back to