3. Authentication of electronic records
Section 3. Authentication of electronic records
(1) Subject to the provisions of this section any subscriber may authenticate an electronic record by affixing his digital signature.
(2) The authentication of the electronic record shall be effected by the use of asymmetric crypto system and hash function which envelop and transform the initial electronic record into another electronic record.
Explanation.—For the purposes of this sub-section, “hash function” means an algorithm mapping or translation of one sequence of bits into another, generally smaller, set known as “hash result” such that an electronic record yields the same hash result every time the algorithm is executed with the same electronic record as its input making it computationally infeasible
(a) To derive or reconstruct the original electronic record from the hash result produced by the algorithm;
(b) that two electronic records can produce the same hash result using the algorithm.
(3) Any person by the use of a public key of the subscriber can verify the electronic record.
(4) The private key and the public key are unique to the subscriber and constitute a functioning key pair.
- This section gives validity to the use of Digital Signatures for authenticating documents.
- Digital Signatures should use the Assymetric Crypto System (i.e. the Public Key System) where a key pair is generated comprising of the Public Key and Private Key.
- The use of a hash function along with the signature, ensures that the integrity of the data is ensured. The hash function creates a unique ID for every electronic message. Eg: A text document containing “ABCD” will have a hash of “098vwpiurfgh0w73hgisoajdghnpaiuh9arp98ahro” if you tamper with the text document and change it to “ABCd” or “abcd” or “ABXY”, the new unique identification for that document will not remain the same and will change. This will immediately be visible to the recipient. The hash function cannot be reverse engineered easily i.e. you cannot convert the hash of “098vwpiurfgh0w73hgisoajdghnpaiuh9arp98ahro” to the real message “ABCD”
- No 2 electronic records can have the same hash value, unless they contain the exact same information.