Information Technology (Certifying Authorities) Rules, 2000
5. Verification of Digital Signature.-
The verification of a Digital Signature shall be accomplished by computing a new hash result of the original electronic record by means of the hash function used to create a Digital Signature and by using the public key and the new hash result, the verifier shall check-
i. if the Digital Signature was created using the corresponding private key; and
ii. if the newly computed hash result matches the original result which was transformed into Digital Signature during the signing process. The verification software will confirm the Digital Signature as verified if:-
a. the signer’s private key was used to digitally sign the electronic record, which is known to be the case if the signer’s public key was used to verify the signature because the signer’s public key will verify only a Digital Signature created with the signer’s private key; and
b. the electronic record was unaltered, which is known to be the case if the hash result computed by the verifier is identical to the hash result extracted from the Digital Signature during the verification process.