Published on

Topic: Digital Signatures
Date: 31st August 2009

Published in: Business, Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. Presentation on Digital Signatures…!
  2. 2. <ul><li>Contents </li></ul><ul><li>Encryption </li></ul><ul><li>How Encryption and Digital Signatures Work </li></ul><ul><li>Digital signature overview </li></ul><ul><li>Definition of digital signature </li></ul><ul><li>Use of digital signature </li></ul><ul><li>What is needed to create </li></ul><ul><li>How does it works </li></ul><ul><li>Legal aspects </li></ul><ul><li>Example </li></ul><ul><li>Advantages and Disadvantages </li></ul><ul><li>End </li></ul>
  3. 3. <ul><li>Encryption </li></ul><ul><li>Encryption is the conversion of data into a form, called a ciphertext . </li></ul><ul><li>The use of encryption/decryption is as old as the art of communication. </li></ul><ul><li>Encryption/decryption is especially important in wireless communications. </li></ul><ul><li>Encryption/decryption is a good idea when carrying out any kind of sensitive transaction . </li></ul><ul><li>such as a credit-card purchase online, or the discussion of a company secret between different departments in the organization. </li></ul>
  4. 4. <ul><ul><li>Private key encryption </li></ul></ul><ul><li>-Private key means that each computer has a secret key (code) that it can use to encrypt a packet of information before it is sent over the network to the other computer. </li></ul><ul><li>Private key requires that you know which computers will talk to each other and install the key on each one. </li></ul>
  5. 5. Private key encryption is essentially the same as a secret code that the two computers must each know in order to decode the information. The code would provide the key to decoding the message. Think of it like this. You create a coded message to send to a friend where each letter is substituted by the letter that is second from it. So &quot;A&quot; becomes &quot;C&quot; and &quot;B&quot; becomes &quot;D&quot;. You have already told a trusted friend that the code is &quot;Shift by 2&quot;. Your friend gets the message and decodes it. Anyone else who sees the message will only see nonsense .
  6. 6. <ul><li>Public key encryption </li></ul><ul><li>- Public key encryption uses a combination of a private key and a public key. The private key is known only to your computer while the public key is given by your computer to any computer that wants to communicate securely with it. To decode an encrypted message, a computer must use the public key provided by the originating computer and it's own private key. </li></ul>
  7. 7. The key is based on a hash value. This is a value that is computed from a base input number using a hashing algorithm. The important thing about a hash value is that it is nearly impossible to derive the original input number without knowing the data used to create the hash value. Here's a simple example: Input number Hashing algorithm Hash value 10667 Input # x 143 1525381
  8. 8. <ul><li>How Encryption and Digital Signatures Work </li></ul><ul><li>This is a very basic introduction to encryption and digital signatures. </li></ul><ul><li>It explains how they work and gives some examples of how they are used. Encryption scrambles or modifies a message or document so it cannot be read and understood, except by the intended recipient. A key is necessary to reverse the scrambling or modification, to make the message readable. </li></ul><ul><li> Encryption is used for secrecy in communication. </li></ul>
  9. 9. Digital signatures are used to verify that a message or document was authored by a certain person, and that it was not altered or modified by anyone else. Encryption and digital signatures can be used together, or separately a message may be encrypted, but not digitally signed (only people with the key can read it, but the reader cannot be certain who actually wrote it)
  10. 10. <ul><li>a message may be digitally signed, but not encrypted (everyone can tell who wrote it, and everyone can read it) </li></ul><ul><li>a message may be encrypted first, then digitally signed (only someone with the key can read it, but anyone can tell who wrote it) </li></ul><ul><li>a message may be digitally signed first, then encrypted (only someone with the key can read it, and only that same reader can be sure who sent the document) </li></ul>
  11. 11. <ul><li>Types of Encryption </li></ul><ul><li>Encryption depends on modifying or scrambling messages so a key is necessary to understand the message. </li></ul><ul><li>As an example, suppose we take a message and change each letter of the alphabet by substituting a later letter. </li></ul><ul><li>If the key is 1, then choose the next letter: A becomes B, B becomes C, C becomes D, and so on…. </li></ul><ul><li>If the key is 2, then choose the letter two letters later: A becomes C, B becomes D, C becomes E, and so on…. </li></ul>
  12. 12. For other keys, use the key to skip the specified number of letters. If the original message is CATS HAVE FUR then the encrypted version depends on the key as follows: (key = 1) DBUT IBWF GVS (key = 2) ECVU JCXG HWT (key = 3) FDWV KDYH IXU ...and so forth
  13. 13. <ul><li>Digital Signatures Overview </li></ul><ul><li>Sign the document in another fashion. </li></ul><ul><li>This is referred to as a digital signature . </li></ul><ul><li>Digital signatures are ways of providing the legal proof necessary to confirm a document as being authentic. </li></ul><ul><li>Who those who are not familiar with digital signatures, the question remains: </li></ul><ul><li>--What is a digital signature ? </li></ul><ul><li>--How is it implemented ? </li></ul>
  14. 14. <ul><li>What is a digital signature? </li></ul><ul><li>A digital signature is an electronic signature. </li></ul><ul><li>A digital signature is a term used for marking or signing an electronic document by a process meant to be analogous to paper signatures. </li></ul><ul><li>A digital signature is an electronic construct that purports to replace in an electronic world what is called wet or ink signatures in the paper world. </li></ul><ul><li>A digital signature is basically a way to ensure that an electronic document (e-mail, spreadsheet, text file, etc.) is authentic. Authentic means that you know who created the document and you know that it has not been altered in any way since that person created it. </li></ul><ul><li>Digital Signatures </li></ul>
  15. 15. <ul><li>Use of digital signature? </li></ul><ul><li>The purpose of a digital signature is the same as your handwritten signature. </li></ul><ul><li>A digital signature uses digital keys (public-key cryptology). </li></ul><ul><li>A digital signature attaches the identity of the signer to the document and records a binding commitment to the document. </li></ul>
  16. 16. To use digital signature software requires some initial setup: you will need a signing certificate. Digital signatures can help you save time and paper-handling costs. Example: If in your business you commonly sign documents or need to verify the authenticity of documents.
  17. 17. <ul><li>What is needed to create a digital signature? </li></ul><ul><li>You will need to get your personal signing certificate. </li></ul><ul><li>Creating your certificate involves creating a public-private digital key pair and a Certificate Authority. </li></ul><ul><li>The process of creating your public-private key pair is easy and quick. </li></ul><ul><li>The public key certificate creates proof of the identity of the signer by using the services of a certificate authority. </li></ul><ul><li>A certificate authority uses a variety of processes to associate the particular public key with an individual. </li></ul><ul><li>The combination of your public key and proof of identity result in a public key certificate - also called a signer's certificate. </li></ul>
  18. 18. <ul><li>How Digital Signature Works </li></ul><ul><li>A digital signature is generated by your email software and your private key, working together. </li></ul><ul><li>Your message's signature generates according to standards PGP, so the receiver must also have that standard supported. </li></ul><ul><li>The use of digital signatures usually involves two processes, one performed by the signer and the other by the receiver of the digital signature. </li></ul>
  19. 19. <ul><li>Digital Signature Creation : </li></ul><ul><li>- uses a hash result derived from and unique to both the signed message and a given private key. </li></ul><ul><li>For the hash result to be secure, there must be only a negligible possibility that the same digital signature could be created by the combination of any other message or private key. </li></ul>
  20. 20. The formula depends on two inputs: the sequence of characters representing the electronic data to be signed, and a secret number referred to as a signature's private key, associated with the signing party and which only that party has access to. The resulting computed value, representing the digital signature, is then attached to the electronic data just as a paper signature becomes a part of a paper document.
  21. 21. <ul><li>Digital Signature Verification - </li></ul><ul><li>It is the process of checking the digital signature by the reference to the original message and a given public key. </li></ul><ul><li>Verifying also relies on a formula. </li></ul>
  22. 22. Here, the formula depends on three inputs: The sequence of characters representing the supposedly originally signed electronic data, the public key of the signing party, and the value representing the supposedly authentic digital signature. The output of the formula is a simple answer: yes or no. 'Yes' signifies that the digital signature is indeed an authentic digital signature on the presented electronic data, and it is associated with the party linked to the public key being used.
  23. 24. <ul><li>Legal Aspects of Digital Signatures </li></ul><ul><li>The digital signature is what makes a document a legal. </li></ul><ul><li>It is a representation of assuring the document meats all legal and is authentic in its framework </li></ul><ul><li>So the information in the document can be put into action. </li></ul><ul><li>The actual digital signature provides the following: </li></ul><ul><li>• Evidence </li></ul><ul><li>• Ceremony </li></ul><ul><li>• Approval </li></ul><ul><li>• Efficiency </li></ul>
  24. 25. • Evidence: In order for the document to have power, the originator has to prove he or she is the sole owner and executioner of the document. This is what the digital signature does. It provides the necessary evidence to those viewing the document that it is real and the person signing it is real. • Ceremony: Basically, any time a document is signed it is based on a ceremony or tradition of making the document legal. Without the signature, the document would not be validated as authentic and legal. Providing a digital signature proves that the signor is entering into a commitment voluntarily
  25. 26. • Approval : As is stated by law, when a document must be made legal, it needs to be approved in order for the information to be turned legal and acted on. By placing a digital signature on the document makes it this way. This way the document can be acted on in a legal way. • Efficiency: One thing the digital signature does is if saves time and money because the signature turns the document instead a legal transaction. This way no further inquiries are needed to verify or clarify the information on the document, as being legit or not.
  26. 27. The Noble County Surveyor's Office uses a digital signature system on their publicly signed papers. This means your signature is securely applied to a digital document. It’s more secure than a pen and ink signature, and it saves paper and time. <ul><li>Here’s an Example </li></ul>
  27. 28. <ul><li>How does it work? </li></ul><ul><li>You are applying for a building permit - you stop by our office and have a “drainage check” done (that is, we inspect your property for any tiles or open drains that you will need to work around). </li></ul><ul><li>A document is generated on our computer that explains what was found on your property, it tells the Building Department if/what precautions need to be taken before you build. </li></ul><ul><li>Before this document is printed it needs your signature. We have a “black box” – a digital signature pad that you will sign. As you write the signature is being “digitally” burned into the document. </li></ul><ul><li>This is a very secure system. It is encrypted and date stamped to help prove your signature </li></ul>
  28. 29. <ul><ul><li>Advantages: </li></ul></ul><ul><li>Authentication , identification of the person that signs. </li></ul><ul><li>No replacement , the signature was made by </li></ul><ul><li>the person that signed using devices under </li></ul><ul><li>his control; </li></ul><ul><li>Advantages and Disadvantages of Digital Signatures </li></ul>Integrity of data , every change will be detected; No repudiation , because the author can not denied that he has written and sent;
  29. 30. The Advantages of using digital signatures include: • Imposter prevention: By using digital signatures you are eliminating the possibility of committing fraud by an imposter signing the document. Since the digital signature cannot be altered, this makes forging the signature impossible. • Message integrity: By having a digital signature you are in fact proving the document to be valid. You are assuring the recipient that the document is free from forgery or false information.
  30. 31. <ul><li>• Legal requirements: </li></ul><ul><li>Using a digital signature satisfies some type of legal requirement for the document in question. A digital signature takes care of any formal legal aspect of executing the document. </li></ul><ul><ul><li>Disadvantages: </li></ul></ul><ul><li>The disadvantages of using digital signatures involve the primary avenue for any business: money. </li></ul><ul><li>This is because the business may have to spend more money than usual to work with digital signatures including buying certificates from certification authorities and getting the verification software. </li></ul>
  31. 32. Q U E R I E s ?
  32. 33. Thank you & Signing off Silpa END