For individuals A digital signature involves two components-the public key and the private key. The sender signs a document using his private key that ensures the document’s safety in transit as the text is encrypted and only the sender has access to his private key. Therefore, by signing a document with it, he authenticates that it has originated with him and not been tampered with en route. The recipient of this document uses the sender’s public key to authenticate the encrypted document and to decrypt it into a readable text format. There are several ways to authenticate a person or the information on a computer. Some of them are password, checksum, CRC (cyclic redundancy check), private key encryption, public key encryption and digital certificate. IT Act 2000 The Indian Information Technology Act 2000 ('Act') came into effect from October 17, 2000. The Act is by and large based on the United Nations Commission on International Trade Law (UNCITRAL) model law on electronic commerce. The objective of the Act is to provide for legal recognition of electronic transactions and digital signatures. Section 5 of the Act gives legal recognition to digital signatures. Digital signatures have been legalised in India since 2000. However, since then, hardly any provisions of the Act have been implemented, except for the appointment of the Certifying Authority which took place in 2001. A Few Provisions of IT Act 2000 Legal recognition of digital signatures (section 5). "Where any law provides that information or any other matter shall be authenticated by affixing the signature, or any document should be signed or bear the signature of any person, then, notwithstanding anything contained in such law, such requirement shall be deemed to have been satisfied if such information or matter is authenticated by the means of digital signature affixed in such manner as may be prescribed by the Central Government." Electronic Record (Section 2(1) (t)). "Means data, record or data generated, image or sound stored, received or sent in an electronic form, or microfilm or computer generated micro-fiche." Legal recognition of Electronic Record (section 4). "Where any law provides that the information or any other matter shall be in writing or in typewritten or printed form, then, notwithstanding anything contained in such law, such requirement shall be deemed to have been satisfied if such information or matter is: (a) rendered or made available in an electronic form; and (b) accessible so as to be usable for a subsequent reference." Secure Electronic Record (Section 14). "Where any security procedure has been applied to an electronic record at a specific point of time, then such record shall be deemed to be a secure electronic record from such point of time to the time of verification." Secure Digital Signature (Section 15). "If, by application of a security procedure agreed to by the parties concerned, it can be verified that a digital signature, at the time it was affixed, was: (a) unique to the subscriber affixing it; (b) capable of identifying such subscriber; (c) created in a manner or using a means under the exclusive control of the subscriber and is linked to the electronic record to which it relates in such a manner that if the electronic record was altered the digital signature would be invalidated, then such digital signature shall be deemed to be a secure digital signature." Certifying Authority (Section (2(1)(g)). "Means a person who has been granted a licence to issue a Digital Signature Certificate under section 24" (issuance of certificates by Controller). Treatment of Certification Authorities (Chapter VI). "This Act authorises the Central Government to appoint a Controller of Certifying Authorities. The duties of the Controller are listed under Chapter VI of the Act, and include exercising supervision over the activities of certification authorities and defining the duties of these certification authorities." Towards wider adoption The adoption of digital signatures in India is still at an early stage. Though the idea of digital signatures appears to be sound, it has not lived up to expectations. At the moment, applications of digital signatures are limited to sectors such as banking and financial services, online stock-trading portals, and engineering conglomerates (to authenticate critical engineering drawings and documents). For more details please visit http://www.networkmagazineindia.com/200610/coverstory03.shtml" alt="135" title="" style="max-width:120%;"/>