Page 1User-Friendly Digital Signatures           Jon Matonis, CEO, Hush Communications             Digital Identity Forum ...
Page 3 Digital Signatures & the Market    • Until recently, digital signatures were not      considered legally binding wi...
Page 5       What are Digital Signatures ?• Digital signatures ensure that someone  cannot deny that they authorized a par...
Page 7         Complex PKI Deployments• Issuing a digital certificate can cost anywhere  from $5 to $10 per customer.• The...
Page 9         Complex PKI Deployments• PKI-based digital certificates are inefficient  and cumbersome where a certificate...
Page 11   The Hush Communications Solution• The Hush Encryption Engine ™ ensures that  no one but you can access your priv...
Page 13                Hush Technology• And then, upload the encrypted private key to one of  the Hush servers.           ...
Page 15                Hush Technology• And finally, decrypted with the user’s passphrase.                                ...
Page 17           Hush Digital Signatures• Hush offers its users the option to digitally  sign their email and attachments...
Page 19                     October 23, 00Copyright 2000 Hush Communications                           Page 20            ...
Page 21   Sending a Digitally Signed Message• First, the data is signed with the user’s private key,  which the user retri...
Page 23   Verifying a Digitally Signed Message• First, the signed data arrives at the recipient’s  computer.              ...
Page 25   Verifying a Digitally Signed Message• Finally, the public key is used to verify the  authenticity and integrity ...
Page 27 Contact Hush CommunicationsWorldwide                Sales & BusinessHeadquarters             Development OfficeHus...
Upcoming SlideShare
Loading in …5
×

User-Friendly Digital Signatures

782 views

Published on

Digital Identity Forum in London, October 2000

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
782
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

User-Friendly Digital Signatures

  1. 1. Page 1User-Friendly Digital Signatures Jon Matonis, CEO, Hush Communications Digital Identity Forum October 17 & 18th 2000 Marlborough Hotel London, UK October 23, 00 Copyright 2000 Hush Communications Page 2 Overview• Digital Signatures & the Market• What are Digital Signatures ?• Signatures v. Certificates• Complex PKI Deployments• The Hush Communications Solution: Technology• The Hush Communications Solution: Trust• Contact Hush October 23, 00 Copyright 2000 Hush Communications 1
  2. 2. Page 3 Digital Signatures & the Market • Until recently, digital signatures were not considered legally binding within the United States; • Europe has been quicker to adopt digital signatures as a replacement for the traditional written signature; • Touted as the link between consumers and e- commerce, digital signatures are an emerging technology poised to generate significantly larger transaction sizes. October 23, 00 Copyright 2000 Hush Communications Page 4 What are Digital Signatures ?• Digital signatures verify with mathematical certainty that the message, document, or other media received originated from the anticipated sender (authentication);• Digital signatures ensure that what you send over the Internet is exactly what is received at the other end (integrity); October 23, 00 Copyright 2000 Hush Communications 2
  3. 3. Page 5 What are Digital Signatures ?• Digital signatures ensure that someone cannot deny that they authorized a particular transaction (non-repudiation);• There are multiple ways to create digital signatures, including biometrics, like face printing and retina scans, but the most common methods involve cryptographic algorithms and protocols. October 23, 00 Copyright 2000 Hush Communications Page 6 Signatures v. Certificates• A digital signature is created by encrypting data with a private key.• A digital certificate is a public key that is digitally signed by a Certificate Authority (CA). October 23, 00 Copyright 2000 Hush Communications 3
  4. 4. Page 7 Complex PKI Deployments• Issuing a digital certificate can cost anywhere from $5 to $10 per customer.• The enterprise software needed to manage the key, which decrypts and encrypts a message, can cost as much as $10 to $100 a person.• Consumers must pay a periodic fee for the use of a digital certificate.• Most signing devices are linked to a particular PC or network. October 23, 00 Copyright 2000 Hush Communications Page 8 Complex PKI Deployments• The private portion of the digital identity must be accessible exclusively to the owner and must be used to decrypt and sign data.• Most PKI solutions require that the user possess their private key, which is inherently unsafe and reliant upon properly configured hardware. October 23, 00 Copyright 2000 Hush Communications 4
  5. 5. Page 9 Complex PKI Deployments• PKI-based digital certificates are inefficient and cumbersome where a certificate is required to authenticate an individual user.• Traditional PKI doesn’t have roaming capability. October 23, 00 Copyright 2000 Hush Communications Page 10 The Hush Communications Solution The Hush Encryption Engine ™ allows end- users to store their private key on a Hush server. The user doesn’t have to carry a private key, smart card, or store the key on a hard drive. However, even though Hush manages the private key, it is always encrypted and is inaccessible to anyone at Hush or elsewhere. October 23, 00 Copyright 2000 Hush Communications 5
  6. 6. Page 11 The Hush Communications Solution• The Hush Encryption Engine ™ ensures that no one but you can access your private key.• The Engine doesn’t tie you to a single computer.• The Engine is compatible with multiple online applications.• The Engine works with the Java ™ technology in most common Web browsers. October 23, 00 Copyright 2000 Hush Communications Page 12 Hush Technology• Hush users generate their private key on their own computer first, during signup of installation, and encrypt it with a passphrase. October 23, 00 Copyright 2000 Hush Communications 6
  7. 7. Page 13 Hush Technology• And then, upload the encrypted private key to one of the Hush servers. October 23, 00 Copyright 2000 Hush Communications Page 14 Hush Technology• After that, whenever a user starts a secure communications session, the private key automatically is retrieved from the server. October 23, 00 Copyright 2000 Hush Communications 7
  8. 8. Page 15 Hush Technology• And finally, decrypted with the user’s passphrase. October 23, 00 Copyright 2000 Hush Communications Page 16 IMPORTANT SECURITY NOTE• When the private key resides on a Hush key server, it is encrypted with a passphrase. That passphrase NEVER leaves the user’s computer. At no point is the private key or any private data accessible to anyone at Hush. Even if Hush were to be subpoenaed, we would not be able to learn or reveal your private key. October 23, 00 Copyright 2000 Hush Communications 8
  9. 9. Page 17 Hush Digital Signatures• Hush offers its users the option to digitally sign their email and attachments.• Hush’s digital signature feature is a method for the individual user to authenticate their online identity. October 23, 00 Copyright 2000 Hush Communications Page 18 October 23, 00 Copyright 2000 Hush Communications 9
  10. 10. Page 19 October 23, 00Copyright 2000 Hush Communications Page 20 October 23, 00Copyright 2000 Hush Communications 10
  11. 11. Page 21 Sending a Digitally Signed Message• First, the data is signed with the user’s private key, which the user retrieved at the start of the session, when the user logs in with their passphrase. October 23, 00 Copyright 2000 Hush Communications Page 22 Signed Message is Transmitted• Then, the signed data is sent on to its final destination. October 23, 00 Copyright 2000 Hush Communications 11
  12. 12. Page 23 Verifying a Digitally Signed Message• First, the signed data arrives at the recipient’s computer. October 23, 00 Copyright 2000 Hush Communications Page 24 Verifying a Digitally Signed Message• Then, the sender’s public key is automatically retrieved from a Hush key server. October 23, 00 Copyright 2000 Hush Communications 12
  13. 13. Page 25 Verifying a Digitally Signed Message• Finally, the public key is used to verify the authenticity and integrity of the data. October 23, 00 Copyright 2000 Hush Communications Page 26 The Hush Communications Solution• Hush offers Private Label services as a way for leading companies to brand their secure messaging.• Trusted Private Label partners control the registration and revocation process.• Digital signatures are enforced and backed up by the policies of the Private Label partner. October 23, 00 Copyright 2000 Hush Communications 13
  14. 14. Page 27 Contact Hush CommunicationsWorldwide Sales & BusinessHeadquarters Development OfficeHush Communications Hush Communications22 Upper Pembroke St. 2825 E. CottonwoodDublin 2, Ireland Parkway, Ste. 500Phone +353-1-241-0303 Salt Lake City, UT 84121Fax +353-1-241-0370 Phone +801-990-3490alliances@hushmail.com Fax +801-990-3111 sales@hushmail.com October 23, 00 Copyright 2000 Hush Communications 14

×