Page:Electronic Transactions Act 2010.pdf/31

32 :“asymmetric cryptosystem” means a system capable of generating a secure key pair, consisting of a private key for creating a digital signature, and a public key to verify the digital signature;
 * “certificate” means a record issued for the purpose of supporting digital signatures which purports to confirm the identity or other significant characteristics of the person who holds a particular key pair;
 * “certification authority” means a person who issues a certificate;
 * “certification practice statement” means a statement issued by a certification authority to specify the practices that the certification authority employs in issuing certificates;
 * “correspond”, in relation to a private key or public key, means to belong to the same key pair;
 * “digital signature” means an electronic signature consisting of a transformation of an electronic record using an asymmetric cryptosystem and a hash function such that a person having the initial untransformed electronic record and the signer’s public key can accurately determine—
 * (a) whether the transformation was created using the private key that corresponds to the signer’s public key; and
 * (b) whether the initial electronic record has been altered since the transformation was made;
 * “hash function” means an algorithm mapping or translating one sequence of bits into another, generally smaller, set (the hash result) such that—
 * (a) a record yields the same hash result every time the algorithm is executed using the same record as input;
 * (b) it is computationally infeasible that a record can be derived or reconstituted from the hash result produced by the algorithm; and
 * (c) it is computationally infeasible that 2 records can be found that produce the same hash result using the algorithm;
 * “key pair”, in an asymmetric cryptosystem, means a private key and its mathematically related public key, having the property that the public key can verify a digital signature that the private key creates;
 * “operational period”, in relation to a certificate, means a period beginning on the date and time the certificate is issued by a certification authority (or on a later date and time if stated in the certificate), and ending on the date and time the certificate expires (as stated in the certificate) or is earlier revoked or suspended;
 * “private key” means the key of a key pair used to create a digital signature;
 * “public key” means the key of a key pair used to verify a digital signature;