3. LEARNING OBJECTIVE
• To know what is Encryption and Decryption
• Their types and how it works
• To know what is Digital Signature and Digital
Signature Certificate
• Types of DS, Advantages and Disadvantages
• To know about SSL
7. Symmetric encryption
• Symmetric encryption is a type of encryption where only one key is
used to both encrypt and decrypt electronic information.
• By using symmetric encryption algorithms, data is converted to a form
that cannot be understood by any one who does not possess the secret
key to decrypt it.
• There are two types of symmetric encryption algorithms
1. Block algorithms
2. Stream algorithms
8. Symmetric encryption
• Due to the better performance and faster speed of symmetric encryption, symmetric
cryptography is typically used for bulk encryption / encrypting large amounts of data.
Some examples are:
1. Payment applications
2. Validation to confirm that the sender of a message is who he claims to be
3. Random number generation or hashing
• Drawbacks of symmetric encryption:
1. Key exhaustion
2. Attribution of data
3. Key management at large scale
• Maintaining large scale symmetric encryption systems is a very challenging task. This is
especially true when we want to achieve banking grade security and auditability.
9. ASYMMETRIC ENCRYPTION
• Asymmetric encryption encrypts and decrypts the data using two
separate yet mathematically-connected cryptographic keys
• These keys are known as a ‘public key’ and a ‘private key.’
Together, they’re called a ‘public and private key pair.’
• Let’s see how these two keys work together to create the
formidable force that is asymmetric encryption.
11. PURPOSE OF ENCRYPTION
• Helps protect your online privacy by turning personal
information into “for your eyes only”
• You should make sure that your emails are being
sent over an encrypted connection, or that you are
encrypting each message - internet privacy concerns
are real
• Hacking is big business-many of the large-scale data
breaches that you may have heard about in the news
demonstrate that cybercriminals are often out to steal
personal information for financial gain.
• Regulations demand it :
1. The health insurance portability and accountability
act (hipaa)
2. Family education rights and privacy act (FERPA)
3. Fair credit practices act (FCPA) &other similar
laws.
13. DIGITAL SIGNATURE (DS)
What is digital signature?
• A digital signature is a mathematically generated code
that validates the authenticity of a software, message, or
digital file. It uses encryption techniques that are secure
enough to be considered legal and binding in some
countries. It guarantees that the file has not been altered
during transmission, providing a layer of security
against cyber threats and attacks.
• When a person creates a digital signature, two
additional encrypted files are created. These are the
“private key” which stays with the signature owner, and
the “public key” which is sent along with the signed
document to let the recipient open it.
• A digital signature is like a person’s thumbprint. It is
undeniable proof of that person’s identity.
14. What is digital signature certificate(DSC)?
• Digital Signature Certificates (DSC)
are the digital equivalent (that is
electronic format) of physical or paper
certificates. Few Examples of physical
certificates are drivers' licenses,
passports or membership cards.
• A Digital Signature is nothing but an
authentication of any electronic
document by a subscriber to the
document. Such an authentication is
done by the way of an electronic
method or process according to
Section 3 of The Information
Technology Act, 2000.
• Types:-
• Class 1 digital signature certificate
• Class 2 digital signature certificate
• Class 3 digital signature certificate
15. ROLE OF A DIGITAL SIGNATURE
• In many regions, including parts of North America, the European
Union, and APAC, digital signatures are considered legally binding
and hold the same value as traditional document signatures.
• In addition to digital document signing, they are also used for financial
transactions, email service providers, and software distribution, areas
where the authenticity and integrity of digital communications are
crucial.
• Industry-standard technology called public key infrastructure ensures a
digital signature's data authenticity and integrity.
16. HOW DOES A DIGITAL SIGNATURE WORK?
• Digital signatures are based on Public Key infrastructure. By this mechanism,
two keys are generated, a Public Key and Private Key. The private key is kept
by the signer and it should be kept securely. When a signer digitally signs a
document, a cryptographic hash is generated for the document.
• That cryptographic hash is then encrypted using the sender's private key,
which is stored in a secure HSM box. It is then appended to the document and
sent to the recipients along with the sender's public key.
• The recipient can decrypt the encrypted hash with the sender's public key
certificate. A cryptographic hash is again generated on the recipient's end.
• Both cryptographic hashes are compared to check its authenticity. If they
match, the document hasn't been tampered with and is considered valid
17. ATTRIBUTES OF DIGITAL SIGNATURE
• Digital signature applies cryptographic measures to the content of a message or
document in order to show the following to the message’s recipient:
1. Authentication
2. Non-repudiation
3. Integrity
18. USES & APPLICATIONOF DIGITAL SIGNATURE
USES OF DIGITAL SIGNATURE:
• Same as that of a handwritten signature
• The foremost efilling, etender and
eprocurement websites where the use of
Digital signature in required for login
1. MCA
2. Income Tax
3. Sales Tax
Application of digital signature:
1. Electronic mail
2. Data storage
3. Electronic fund transfer
4. Blind signature
5. Smart cards
19. TYPES OF DIGITAL SIGNATURE
• Based on the technology it uses, here are 3 types of digital signatures that you
need to recognize:
1. Simple
2. Basic
3. Advanced & Qualified
21. DISADVANTAGES OF DIGITAL SIGNATURE
• Expiry
• Certificates
• Law
• Compatibility
• Software
• Technology
22. ELECTRONIC SIGN V/S DIGITAL SIGN
• Electronic signature and digital
signature are
often used interchangeably but the
truth is that these two concepts are
different.
• The main difference between the two
is that digital signature is mainly used
to secure documents and is authorized
by certification authorities while
electronic signature is often associated
with a contract where the signer has
got the intention to do so.
25. SECURE SOCKET LAYER (SSL)
Concept –
Security of data in transit over the internet has become
increasingly necessary.
SSL is a protocol developed by Netscape for security of
data in transit, which covers all networks that use
TCP/IP.
Both Netscape Navigator and Internet Explorer support
SSL and many websites use this protocol.
It uses a program layer located between the Internet's
Hypertext Transfer Protocol (HTTP) and Transport
Control Protocol(TCP) layers.
26. SECURE SOCKET LAYER (SSL)
SSL protocol is used to give data encryption
and authentication to the server.
Browsers that use SSL protocol show a
dialog box on the screen, while Netscape
shows a blue key.
SSL uses a cryptographic system where 2
keys are used to encrypt data.
SSL has recently been succeeded by
Transport Layer Security (TLS) which is
based on SSL.
Example –
SSL is used to secure communication
between a web browser and a web server.
This turns a website's address from HTTP to
HTTPS, the 'S' standing for 'secure'.
27. How Does SSL Works?
• A browser or server attempts to connect to a website (i.e. a web server) secured
with SSL. The browser/server requests that the web server identify itself.
• The web server sends the browser/server a copy of its SSL certificate.
• The browser/server checks to see whether or not it trusts the SSL certificate. If so,
it sends a message to the web server.
• The web server sends back a digitally signed acknowledgement to start an SSL
encrypted session.
• Encrypted data is shared between the browser/server and the web server.
29. IMPORTANCE OF SSL
• SSL Protects Data
• SSL Affirms Your Identity
• Better Search Engine Ranking
• SSL Helps You Satisfy PCI/DSS
Requirements
30. IMPORTANCE OF SSL
• SSL Improves Customer Trust
• Google Makes SSL Mandatory
in 2018
• SSL Protects from Phishing and
other Attacks
31. WHAT ARE SSL CERTIFICATES ?
• Security Socket Layer (SSL) Certificates are small data files that
digitally bind a cryptographic key to an organization’s details.
• SSL certificates are what enable websites to move from HTTP to
HTTPS, which is more secure.
• Typically, SSL is used to secure credit card transactions, data transfer
and logins, and more recently is becoming the norm when securing
browsing of social media sites.
• SSL Certificates bind together:
1. A domain name, server name or hostname.
2. An organizational identity (i.e. company name) and location
32. TYPES OF SSL CERTIFICATES
There are three types of SSL certificates:
1. Single Domain SSL Certificates – A single-domain SSL certificate applies to
one domain and one domain only. It cannot be used to authenticate any other
domain, not even subdomains of the domain it is issued for.
2. Wildcard SSL Certificates- Wildcard SSL certificates are for a single domain
and all its subdomains. A subdomain is under the umbrella of the main domain.
Usually subdomains will have an address that begins with something other than
'www.’
3. Multi-Domain SSL Certificates (MDC) - A multi-domain SSL certificate, or
MDC, lists multiple distinct domains on one certificate. With an MDC, domains
that are not subdomains of each other can share a certificate.