Difference between Encryption and Signing – Digital Signature Certificate (DSC)

E-pass 2003What is Digital Certificate?

A Digital Signature Certificate (DSC) is a secure digital key that certifies the identity of the holder, issued by a Certifying Authority (CA). It typically contains your identity (name, email, country, APNIC account name and your public key). Digital Certificates use Public Key Infrastructure meaning data that has been digitally signed or encrypted by a private key can only be decrypted by its corresponding public key. A digital certificate is an electronic “credit card” that establishes your credentials when doing business or other transactions on the Web.

What are the types of Digital Signature Certificates ?

1. Class 2
2. Class 3

What is an eToken?

USB e-Token can be password protected so that Digital Signature is never lost when computer is formatted or internet explorer changed. A virus cannot affect USB Token, and the digital certificate stored would always be secure. As per CCA’s Office Order, with effective from 7th December, 2013, All Certifying Authorities will be issuing Class 2 and 3 Digital Signature Certificates (DSC) only on FIPS 140-2 level 2 certified crypto tokens.

Difference between Encryption and Signing

Message encryption provides confidentiality. Allows users to encrypt document with the public key which can be decrypted only with the corresponding private key. To put it in simple terms when encrypting, you use their public key to write message and recipient uses their private key to read it. One of the most secure way protecting confidential documents.

Message signing binds the identity of the message source to this message. It ensures data integrity, message authentication, and non-repudiation altogether. When signing, you use your private key to write message’s signature, and they use your public key to check if it’s really yours.

Current Certifying Authorities (Licence issued by Ministry of communication and information technologies)

 USB Tokens Available in market

  • Gemalto
  • E-pass 2003
  • Trust Key
  • WD Proxy
  • Aladdin
  • Crypto