Centre for Digital Public Infrastructure
english
english
  • THE DPI WIKI
    • 🎉About the DPI Wiki
    • 🔆What is DPI?
    • ✨DPI Overview
    • 📝DPI Tech Architecture Principles
      • 🔗Interoperability
      • 🧱Minimalist & Reusable Building Blocks
      • 💡Diverse, Inclusive Innovation
      • 💠Federated & Decentralised by Design
      • 🔐Security & Privacy By Design
    • 🎯DPI Implementation & Execution Guidance
    • 🆚DPG and DPI
    • ❓What DPI can I build?
    • 🥇First use case for DPI
    • 📘Inputs for designing a DPI informed digital transformation strategy
    • 💰How much does it cost to build DPI?
    • 📢Is my system a DPI?
      • TL; DR - Is my system a DPI?
  • Mythbusters and FAQs
    • 🔯DPI and Mandating Adoption
    • 🔯DPI and Private Competition
    • 🔯DPI and Privacy / Security
    • 🔯DPI and the Digital Divide
  • Technical Notes
    • 🆔Identifiers & Registries
      • Digital ID
        • Capabilities on ID system
        • ID-Auth
        • Face Authentication
        • eKYC/ Identity profile sharing
        • Single Sign On (SSO)
        • QR Code for Offline ID
    • 📂Data Sharing, Credentials and Models
      • A primer to personal data sharing
      • Data standards
      • Verifiable Credentials
      • Building Data Analytics Pipelines
      • eLockers
      • Non-personal Anonymised Datasets
    • 🔏Trust Infra
      • Digital Signatures and PKI
      • eConsent
      • eSign
    • 🛒Discovery & Fulfilment
      • Platforms to Protocols
    • 💸Payments
      • Financial Address
      • Interoperable QR Code
      • Interoperable Authentication
      • Interoperable Bill Payments
      • Cash in Cash Out (CICO)
      • Financial Address Mapper (G2P Connect)
      • G2P Payments
  • Initiatives
    • 🌐DPI advisory
    • 🚀DPI as a Packaged Solution (DaaS)
      • 💡Why do we need DaaS?
      • 🎯DaaS in a nutshell
      • 📦Pre-packaged DaaS kits
      • ♻️Reusable DaaS Artefacts
      • 3️⃣A 3-step process from idea to implementation!
      • 📈Funded DaaS Program overview
      • 👩‍💻Cohort 1: DaaS Offerings
        • Digital authentication
        • Digital credentials
        • ID Account Mapper
      • 🖥️Co-create with us!
      • 💬Upcoming DaaS cohorts
        • Functional Registries
        • AI Assistant
      • ❓FAQs on DaaS
        • Country x DPG MOU /LoI FAQs
        • Ecosystem Participation Terms FAQs
    • 📑DPI Residents Program
    • ⚖️DPI-CPA
    • 💸G2P Connect
    • 📨User Centric Credentialing & Personal Data Sharing
    • ⚕️DPI for Health
    • 🌍Agri Connect (forthcoming)
  • References
    • Glossary
    • Curated Specifications
  • Additional Info
    • 🤝Licensing
    • ✍️Contact Us
Powered by GitBook
On this page
Export as PDF
  1. Technical Notes
  2. Trust Infra

Digital Signatures and PKI

Digital signatures are cryptographic mechanisms used to verify the authenticity and integrity of electronic data. In healthcare, where the accuracy and confidentiality of information are paramount, they play a crucial role in ensuring electronic records remain trustworthy.

Public Key Infrastructure (PKI) is at the heart of digital signatures.

  1. Key Pairs: PKI uses two related cryptographic keys: a private key (kept secret by the owner) and a public key (shared openly).

  2. Signing: When data needs to be signed, the owner's private key is used to generate a unique digital signature for that data. This process often involves creating a hash of the data and encrypting it using the private key.

  3. Verification: Anyone can verify the signature using the corresponding public key. They decrypt the signature to retrieve the original hash and compare it against a new hash of the received data. If they match, the data is unchanged and verified.

While individuals and organizations are common entities using digital signatures, non-human entities like websites, servers, or software can also use them.

Digital Certificates for Websites: Websites use digital certificates to establish secure (HTTPS) connections. The website's certificate, which contains its public key and has been digitally signed by a Certificate Authority (CA), is provided to visitors. This assures visitors they're interacting with a genuine website, not a malicious impersonator.

Data Fields: Individual data fields within larger datasets can be digitally signed, ensuring the integrity of specific pieces of information within broader systems (eg: registries)

PreviousTrust InfraNexteConsent

Last updated 1 year ago

🔏