32
NO. 16 OF 2010
- “asymmetric cryptosystem” means a system capable of generating a secure key pair, consisting of a private key for creating a digital signature, and a public key to verify the digital signature;
- “certificate” means a record issued for the purpose of supporting digital signatures which purports to confirm the identity or other significant characteristics of the person who holds a particular key pair;
- “certification authority” means a person who issues a certificate;
- “certification practice statement” means a statement issued by a certification authority to specify the practices that the certification authority employs in issuing certificates;
- “correspond”, in relation to a private key or public key, means to belong to the same key pair;
- “digital signature” means an electronic signature consisting of a transformation of an electronic record using an asymmetric cryptosystem and a hash function such that a person having the initial untransformed electronic record and the signer’s public key can accurately determine—
- (a) whether the transformation was created using the private key that corresponds to the signer’s public key; and
- (b) whether the initial electronic record has been altered since the transformation was made;
- “hash function” means an algorithm mapping or translating one sequence of bits into another, generally smaller, set (the hash result) such that—
- (a) a record yields the same hash result every time the algorithm is executed using the same record as input;
- (b) it is computationally infeasible that a record can be derived or reconstituted from the hash result produced by the algorithm; and
- (c) it is computationally infeasible that 2 records can be found that produce the same hash result using the algorithm;
- “key pair”, in an asymmetric cryptosystem, means a private key and its mathematically related public key, having the property that the public key can verify a digital signature that the private key creates;
- “operational period”, in relation to a certificate, means a period beginning on the date and time the certificate is issued by a certification authority (or on a later date and time if stated in the certificate), and ending on the date and time the certificate expires (as stated in the certificate) or is earlier revoked or suspended;
- “private key” means the key of a key pair used to create a digital signature;
- “public key” means the key of a key pair used to verify a digital signature;