Presentation is loading. Please wait.

Presentation is loading. Please wait.

Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.

Published byHoward Quinn Modified over 8 years ago

Similar presentations

Presentation on theme: "Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy."— Presentation transcript:

1 Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy Controller

2 Electronic Transactions The success of electronic transactions depends on “the trust that the transacting parties place in the security of the transmission and content of their communications” Authenticity Non-Repudiability Confidentiality Integrity

3 Information Technology (IT) Act, 2000 Accorded legal recognition to Digital signatures Digital signatures treated at par with handwritten signatures Technology-specific

4 Public key cryptography for Digital signatures Pair of keys for every entity One Public key – known to everyone One Private key – known only to the possessor To digitally sign an electronic document the signer uses his/her Private key. To verify a digital signature the verifier uses the signer’s Public key. No need to communicate private keys

5 Creating a Digital signature Encryption Algorithm Signed document Document + Digital signature Document + Digital signature Private Key

6 Verifying a Digital signature Decryption Algorithm Document + Digital signature Document + Digital signature Signature verification and Document integrity Public Key of signer

7 Public key Cryptography & Digital Signatures Assurance of Authenticity of the Digital Signature created by the Private key is determined by the Trust that can be placed in the Public key Public key Certificates or Digital Signature Certificates bind a “public key” to an “Identity”

8 Public key Cryptography & Digital Signatures Change in Document => Change in the Digital Signature Digital Signature is bound to the Document as well as the Signer => Assurance of Integrity

9 Issues in Public key Cryptosystems How will verifier get signers public key? How will verifier authenticate signers public key ? How will the signer be prevented from repudiating his/her digital signature?

10 Public key Cryptography & Digital Signatures Digital Signature Certificates(containing the public key) are issued by Certifying Authorities after Identity verification Responsibility of protecting the private key lies with its owner. Loss or compromise of private key should be communicated to the CA so as to result in REVOCATION of the corresponding Digital Signature Certificate.

11 Certifying Authority Issues Digital signature Certificates (Public Key Certificates). Is widely known and trusted Has well defined methods of assuring the identity of the parties to whom it issues certificates. Confirms the attribution of a public key to a person by means of a public key certificate. Always maintains online access to the Digital Signature Certificates issued.

12 Public Key Certification User credentials User’s Public Key CA’s Name Validation period Signature of CA User credentials User’s Public Key CA’s Name Validation period Signature of CA User 1 certificate User 2 certificate. User 1 certificate User 2 certificate. Digitally Signed using CA’s private key Digitally Signed using CA’s private key User credentials User credentials User’s Public key User’s Public key Digital Signature Certificate Certificate Database Publish Certificate Request

13 Certificate Revocation List (CRL) A list of Certificates that have been revoked and declared invalid

14 Public Key Infrastructure & the IT Act 2000 Controller of Certifying Authorities as the “Root” Authority certifies the technologies and practices of all the Certifying Authorities licensed to issue Digital Signature Certificates

15 CCA’s role Licensing Certifying Authorities (CAs) under section 21 of the IT Act and exercising supervision over their activities. Controller of Certifying Authorities as the “Root” Authority certifies the technologies and practices of all the Certifying Authorities licensed to issue Digital Signature Certificates Certifying the public keys of the CAs, as Public Key Certificates (PKCs). Laying down the standards to be maintained by the CAs, Addressing the issues related to the licensing process including: Approving the Certification Practice Statement(CPS); Auditing the physical and technical infrastructure of the applicants through a panel of auditors maintained by the CCA.

16 Audit Process Adequacy of security policies and their implementation; Existence of adequate physical security; Evaluation of functionalities in technology as it supports CA operations; Compliance to the adopted Certification Practice Statement (CPS); Adequacy of contracts/agreements for all outsourced CA operations; Adherence to Information Technology Act 2000, the Rules, Regulations and Guidelines issued by the Controller from time-to-time.

17 CCA’s technical Infrastructure The CCA operates the following :- Root Certifying Authority (RCAI) under section 18(b) of the IT Act, and National Repository of Digital Signature Certificates (NRDC) under section 20 of the IT Act.

18 Internet Directory Client CA LAN Cert/CRL RCAI CCA NRDC Relying Party Subscriber  CA Public Keys Certified by RCAI  CA’s Revoked Keys CCA : Certificates of Public Keys of CAs National Repository of Certificates

19 CCA TCSCANICCASafescrypt India PKI IDRBTCA iCert (CBEC) (n)Code MTNLTrustline

20 PKI enabled Applications eProcurement IFFCO DGS&D ONGC GAIL Air-India Railways Others MCA21 Income Tax e-filing IRCTC DGFT RBI Applications (SFMS)

21 Challenges ahead Interoperability Uniformity in certificate contents Validation methods - Certificate Revocation Lists,.. International alliances End User Adoption Application interoperability. Digital Signature Certificate interoperability. Trusted Verification Authority. Storage medium

22 Challenges ahead..contd Awareness Understanding of digital signature concepts Knowledge about legal rights, duties and liability of owning digital certificate

23 Controller of Certifying Authorities http://cca.gov.in Thank you

Download ppt "Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy."

Similar presentations

PKI Strategy PKI Requirements Standard –Based on e-MARC or other Certificate Policy Statements –Specify key aspects that must be met by CA Cert format.

PKI Strategy PKI Requirements Standard –Based on e-MARC or other Certificate Policy Statements –Specify key aspects that must be met by CA Cert format.
© 1998-2003 ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.
© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.

© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.
1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation 23-25 May 2012, Kish Island, I.R.IRAN.

1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.

Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct, 17 2012.

Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct,
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.

HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.
Public Key Infrastructure (X509 PKI)

Public Key Infrastructure (X509 PKI)
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC513-01 Instructor:Professor Anvari Student ID:106845 Name:Xin Wen Date:11/25/00.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Encryption and the Law: The need for a legal regulatory framework for PKI Yee Fen Lim Department of Law Macquarie University.

Encryption and the Law: The need for a legal regulatory framework for PKI Yee Fen Lim Department of Law Macquarie University.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.

E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.

Similar presentations

Ads by Google