CS6701 - Cryptography and Network Security

1. Digital Signature
S. Janani, AP/CSE
Kamaraj College of Engineering and Technology

2. Contents
Introduction
Why DS?
Basic Requirements
Working Technology
Application

3. Introduction
• Provide authenticity
• Done by the presence or absence of an authorized handwritten
signature
• An attachment to any piece of electronic information, which
represents the content of the document and the identity of the
owner of that document uniquely

4. Why DS?
• Hash value of a message when encrypted with the private key of a
person
• varies from document to document
• As the public key of the signer is known, anybody can verify the
message and the digital signature
• To provide Authenticity, Integrity and Non-repudiation to
electronic documents

5. Basic Requirements
• Private Key
Only accessible to the signer. It is used to generate the digital signature
which is then attached to the message
• Public Key
The public key is made available to all those who receive the signed
messages from the sender. It is used for verification of the received
message
• Digital Signature Certificate
Third party makes the public key available to all those who are intended to
receive the signed messages from the subscriber

6. Working Technology

8.  Encryption depends on modifying or scrambling
messages.
So a key is necessary to understand the message.
If the original message is
GOD IS GREAT
then the encrypted version depends on the key as follows:
(key = 1) HPE JT HSFBU
(key = 2) IQF KU ITGCV
(key = 3) JRG LV JSHDW
Simple Encryption Example

9. Parameter Paper Electronic
Authenticity May be forged Can not be copied
Integrity Signature independent of
the document
Signature depends on the
contents of the document
Non-repudiation a. Handwriting expert
needed
b. Error prone
a. Any computer user
b. Error free
Paper Signatures v/s Digital
Signatures

10. • Institutional overhead:
The cost of establishing and utilizing certification
authorities, repositories, and other important
services, as well as assuring quality in the
performance of their functions.
• Subscriber and Relying Party Costs:
A digital signer will require software, and will
probably have to pay a certification authority some
price to issue a certificate. Hardware to secure the
subscriber's private key may also be advisable.
Challenges and Opportunities

11. • Electronic Mail
• Data storage
• Electronic funds transfer
• Software Distribution
• Smart Cards
Applications

12. Smart CardiKey
Biometrics – adds another level of security to these tokens
iKEY is one of the most commonly used
token as it doesn’t need a special reader
and can be connected to the system
using USB port.
Hardware Tokens

14. GnuPG – Gnu Privacy Guard

15. • Key Generation
• Exchanging Keys
• Encryption/Decryption using keys
• Making and verifying signatures
Steps

16. Key Generation
• gpg --gen-key
▫ Select key generation algorithm
▫ Key generation
▫ Key duration
▫ User Id and password

17. Exchanging key pair
▫ gpg --list-keys
▫ gpg --output alice.gpg --export alice@cyb.org
• Exporting a public key
▫ gpg --armor --export alice@cyb.org
• Importing a public key
▫ gpg --import blake.gpg

18. Encrypting/Decrypting documents
• gpg --output doc.gpg --encrypt --recipient blake@cyb.org doc
• gpg --output doc --decrypt doc.gpg

19. Making and verifying signature
• gpg --output doc.sig --sign doc
• gpg --verify doc.sig doc