SlideShare a Scribd company logo

What is a Digital Signature? | How Digital Signature work?

•Download as PPT, PDF•
•
MSA Technosoft
MSA Technosoft

This tutorial helps you to learn about Digital Signature. See how a digital signature work? Key Concepts: Encrytption & Decryption, Algortithms, RSA, Public Key & Private Key, Advantage of DSC, Disadvantage of DSC

Education
1 of 22
•It is a type of asymmetric cryptography used to simulate the security properties of a signature in digital, rather than written, form. Digital signature schemes normally give two algorithms, one for signing which involves the user's secret or private key, and one for verifying signatures which involves the user's public key. The output of the signature process is called the “digital signature”. •It is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged. Digital signatures are easily transportable, cannot be imitated by someone else, and can be automatically time-stamped. The ability to ensure that the original signed message arrived means that the sender cannot easily repudiate it later. What is a Digital Signature?
Concepts • A 1024 bits number is a very big number much bigger than the total number of electrons in whole world. • Trillions of Trillions of pairs of numbers exist in this range with each pair having following property – A message encrypted with one element of the pair can be decrypted ONLY by the other element of the same pair • Two numbers of a pair are called keys, the Public Key & the Private Key. User himself generates his own key pair on his computer • Any message irrespective of its length can be compressed or abridged uniquely into a smaller length message called the Digest or the Hash. • Smallest change in the message will change the Hash value
Symmetric-key ciphers: Block ciphers Stream ciphers Public-key ciphers CRYPTOGRAPHIC GOALS Cryptographic goals Confidentiality Data integrity Authentication Non-repudiation Message authentication Entity authenticationArbitrary length hash functions Message Authentication codes (MACs) Digital signatures Authentication primitives Digital signatures MACs Digital signatures
What is Digital Signature? • Hash value of a message when encrypted with the private key of a person is his digital signature on that e-Document – Digital Signature of a person therefore varies from document to document thus ensuring authenticity of each word of that document. – As the public key of the signer is known, anybody can verify the message and the digital signature message Signing algorithm message signature Signer’s private key Unsecured channel Signer Signature verification algorithm Signer’s public key Verifier Ok / not Ok
Why Digital Signatures? •To provide Authenticity, Integrity and Non-repudiation to electronic documents •To use the Internet as the safe and secure medium for e- Commerce and e-Governance
The use of digital signatures usually involves two processes, one performed by the signer and the other by the receiver of the digital signature: •Digital signature creation uses a hash result derived from and unique to both the signed message and a given private key. For the hash result to be secure, there must be only a negligible possibility that the same digital signature could be created by the combination of any other message or private key. •Digital signature verification is the process of checking the digital signature by reference to the original message and a given public key, thereby determining whether the digital signature was created for that same message using the private key that corresponds to the referenced public key. How it works?
ENCRYPTION Caesar Cipher The shift is linear and equi-distributed 3changes I agree lcdjuhh Key Cipher The shift is linear (cyclic) 269 k.n.gupta 62 mewam3rzjba i+3=l Space=c [+3] k+2=m (dot)=e [+6] n=w [+9] Char 1 2 3 4 5 6 7 8 9 a b c d e f g h i j b c d e f g h i j k c d e f g h i j k l d e f g h i j k l m e f g h i j k l m n f g h i j k l m n o g h i j k l m n o p h i j k l m n o p q i j k l m n o p q r j k l m n o p q r s k l m n o p q r s t l m n o p q r s t u m n o p q r s t u v n o p q r s t u v w o p q r s t u v w x p q r s t u v w x y q r s t u v w x y z r s t u v w x y z 0 s t u v w x y z 0 1 t u v w x y z 0 1 2 u v w x y z 0 1 2 3 v w x y z 0 1 2 3 4 w x y z 0 1 2 3 4 5 x y z 0 1 2 3 4 5 6 y z 0 1 2 3 4 5 6 7 z 0 1 2 3 4 5 6 7 8 0 1 2 3 4 5 6 7 8 9 1 2 3 4 5 6 7 8 9 . 2 3 4 5 6 7 8 9 . 3 4 5 6 7 8 9 . a 4 5 6 7 8 9 . a b 5 6 7 8 9 . a b c 6 7 8 9 . a b c d 7 8 9 . a b c d e 8 9 . a b c d e f 9 . a b c d e f g . (Dot) a b c d e f g h Space a b c d e f g h i
ENCRYPTION Message 2 The Internet knows no geographical boundaries. It has redefined time and space. Advances in computer and telecommunication technologies have led to the explosive growth of the Internet. This in turn is affecting the methods of communication, work, study, education, interaction, leisure, health, governance, trade and commerce. Encrypted Message 2 a520eecb61a770f947ca856cd675463f1c95a 9a2b8d4e6a71f80830c87f5715f5f59334978 dd7e97da0707b48a1138d77ced56feba2b46 7c398683c7dbeb86b854f120606a7ae1ed93 4f5703672adab0d7be66dccde1a763c736cb 9001d0731d541106f50bb7e54240c40ba780 b7a553bea570b99c9ab3df13d75f8ccfdddea af3a749fd1411 Message 1 Central to the growth of e-commerce and e- governance is the issue of trust in electronic environment. Encrypted Message 1 9a46894335be49f0b9cab28d755aaa9cd985 71b275bbb0adb405e6931e856ca3e5e569ed d135285482 DECRYPTION Encrypted Message 1 9a46894335be49f0b9cab28d755aaa9cd98571b 275bbb0adb405e6931e856ca3e5e569edd13528 5482 Message 1 Central to the growth of e-commerce and e- governance is the issue of trust in electronic environment. Encrypted Message 2 a520eecb61a770f947ca856cd675463f1c95a9a2b 8d4e6a71f80830c87f5715f5f59334978dd7e97da 0707b48a1138d77ced56feba2b467c398683c7db eb86b854f120606a7ae1ed934f5703672adab0d7 be66dccde1a763c736cb9001d0731d541106f50b b7e54240c40ba780b7a553bea570b99c9ab3df13 d75f8ccfdddeaaf3a749fd1411 Message 2 The Internet knows no geographical boundaries. It has redefined time and space. Advances in computer and telecommunication technologies have led to the explosive growth of the Internet. This in turn is affecting the methods of communication, work, study, education, interaction, leisure, health, governance, trade and commerce. Same Key SYMMETRIC Different Keys [Keys of a pair – Public and Private] ASYMMETRIC [PKI]
EXAMPLE Assume you were going to send the draft of a contract to your lawyer in another town. You want to give your lawyer the assurance that it was unchanged from what you sent and that it is really from you. 1.You copy-and-paste the contract (it's a short one!) into an e-mail note. 2.Using special software, you obtain a message hash (mathematical summary) of the contract. 3.You then use a private key that you have previously obtained from a public-private key authority to encrypt the hash. 4.The encrypted hash becomes your digital signature of the message. (Note that it will be different each time you send a message.) At the other end, your lawyer receives the message. 1.To make sure it's intact and from you, your lawyer makes a hash of the received message. 2.Your lawyer then uses your public key to decrypt the message hash or summary. 3.If the hashes match, the received message is valid.
DIGITAL SIGNATURES • Digital Signatures are numbers • These are document content dependent I agree efcc61c1c03db8d8ea8569545c073c814a0ed755 My place of birth is at Gwalior. fe1188eecd44ee23e13c4b6655edc8cd5cdb6f25 I am 62 years old. 0e6d7d56c4520756f59235b6ae981cdb5f9820a0 I am an Engineer. ea0ae29b3b2c20fc018aaca45c3746a057b893e7 I am a Engineer. 01f1d8abd9c2e6130870842055d97d315dff1ea3 • These are digital signatures of same person on different documents
RSA • Developed in 1978 by Rivest, Shamir and Adleman (RSA) • Most popular public key cryptosystem • Based on the hard problem of “integer factorization”
KEY-GENERATION FOR RSA(CONT.) 1. Generate two large random distinct primes p and q, each roughly the same size 2. Compute n = pq and 3. Select random integer e: 4. Compute unique integer d: 5. Public key is (n, e); Private key is d ( ) ( 1)( 1)n p qφ = − − 1 , such that gcd( , ) 1e eφ φ< < = 1 , such that 1modd edφ φ< < =
KEY-GENERATION FOR RSA(CONT.) • Usually numbers with the right bit length are chosen randomly and tested for primality • Statistical tests are used to determine the probability that these numbers are primes i.e. Strassen – Test Miller – Rabin – Test • There is always an insignificantly low chance that number is not prime
USED NOTATION • M is a set of elements, called the message space = Zn • MS is a set of elements, called the signing space = Zn • R is a 1 to 1 mapping from M to MS, called the redundancy function • MR is the image of R: {y| y = R(x), xЄ M} • R-1 is the inverse of R: MR M
RSA SIGNATURE GENERATION AND VERIFICATION • To sign a message A should: • Compute: where R(m) is a redundancy function • Compute: • A’s signature for m is s • To verify A’s signature and recover m, B should: • Obtain A’s authentic public key (n, e) • Compute: • Verify that ; if not, reject the signature • Recover ]n,[),m(Rm~ 10 −= rangetheinintegeran nmodm~s d = nmodsm~ e = RMm~ ∈ )m~(Rm 1− = Mm∈
PROOF THAT SIGNATURE VERIFICATION WORKS • Euler’s theorem: , where is the Euler’s function of n • If s is a signature for m, then: • Since , then: • Finally: )m(Rm~,nm~s d == mod ))n((ed,pqn φmod1≡= )n(m~m~m~ m~m~m~s q)n( q)n())n((ede mod mod ≡⋅≡ ≡≡≡≡ ⋅ +⋅ ϕ ϕϕ 11 m))m(R(R)m~(R == −− 11 11 =≡ )n,agcd(,na )n( modϕ )n(ϕ
RSA SIGNATURE EXAMPLE Alice • p=5 q=7 n = 35 φ(n) = 4·6=24 • e = 5; d: ed = 5d=1 mod 24 => d = 5 Public key: (n=35, e=5) Private key: d=5 • M = [0, n-1] • For all m Є M R(m)=m • m = 26; R(m) = 26 s = 265 mod 35 = 31 Bob: • R(m) = 315 mod 35 = 26 Є [0, n-1] • m = R-1 (m) = 26 =m~ =m~
Digital Signatures Each individual generates his own key pair [Public key known to everyone & Private key only to the owner] Private Key – Used for making digital signature Public Key – Used to verify the digital signature
Paper signatures v/s Digital Signatures Parameter Paper Electronic Authenticity May be forged Can not be copied Integrity Signature independent of the document Signature depends on the contents of the document Non-repudiation a. Handwriting expert needed b. Error prone a. Any computer user b. Error free
BENEFITS OF DIGITAL SIGNATURES These are common reasons for applying a digital signature to communications: • Authentication Although messages may often include information about the entity sending a message, that information may not be accurate. Digital signatures can be used to authenticate the source of messages. When ownership of a digital signature secret key is bound to a specific user, a valid signature shows that the message was sent by that user. The importance of high confidence in sender authenticity is especially obvious in a financial context. For example, suppose a bank's branch office sends instructions to the central office requesting a change in the balance of an account. If the central office is not convinced that such a message is truly sent from an authorized source, acting on such a request could be a grave mistake. • Integrity In many scenarios, the sender and receiver of a message may have a need for confidence that the message has not been altered during transmission. Although encryption hides the contents of a message, it may be possible to change an encrypted message without understanding it. (Some encryption algorithms, known as nonmalleable ones, prevent this, but others do not.) However, if a message is digitally signed, any change in the message will invalidate the signature. Furthermore, there is no efficient way to modify a message and its signature to produce a new message with a valid signature, because this is still considered to be computationally infeasible by most cryptographic hash functions.
Drawbacks of digital signatures Despite their usefulness, digital signatures do not alone solve all the problems we might wish them to. Non-repudiation In a cryptographic context, the word repudiation refers to the act of disclaiming responsibility for a message. A message's recipient may insist the sender attach a signature in order to make later repudiation more difficult, since the recipient can show the signed message to a third party (eg, a court) to reinforce a claim as to its signatories and integrity. However, loss of control over a user's private key will mean that all digital signatures using that key, and so ostensibly 'from' that user, are suspect. Nonetheless, a user cannot repudiate a signed message without repudiating their signature key.
FAQS 1. In the digital signature who use the private key and who use the public key? Private key: sender Public key: receiver 2. What are the benefits of digital signatures? Authentication and Integrity

Recommended

Digital signature
Digital signatureDigital signature
Digital signaturePraseela R
 
Digital signature
Digital signatureDigital signature
Digital signatureAJAL A J
 
Digital Signature
Digital SignatureDigital Signature
Digital Signaturesaurav5884
 
Digital signature
Digital signatureDigital signature
Digital signatureMohanasundaram Nattudurai
 
Seminar presentation on digital signature ppt
Seminar presentation on digital signature pptSeminar presentation on digital signature ppt
Seminar presentation on digital signature pptRavi Ranjan
 
Digital signature
Digital signatureDigital signature
Digital signatureAJAL A J
 
Digital signatures
Digital signaturesDigital signatures
Digital signaturesIshwar Dayal
 
DIGITAL SIGNATURE
DIGITAL SIGNATUREDIGITAL SIGNATURE
DIGITAL SIGNATUREravijain90
 

Recommended

Digital signature
Digital signatureDigital signature
Digital signaturePraseela R
 
Digital signature
Digital signatureDigital signature
Digital signatureAJAL A J
 
Digital Signature
Digital SignatureDigital Signature
Digital Signaturesaurav5884
 
Digital signature
Digital signatureDigital signature
Digital signatureMohanasundaram Nattudurai
 
Seminar presentation on digital signature ppt
Seminar presentation on digital signature pptSeminar presentation on digital signature ppt
Seminar presentation on digital signature pptRavi Ranjan
 
Digital signature
Digital signatureDigital signature
Digital signatureAJAL A J
 
Digital signatures
Digital signaturesDigital signatures
Digital signaturesIshwar Dayal
 
DIGITAL SIGNATURE
DIGITAL SIGNATUREDIGITAL SIGNATURE
DIGITAL SIGNATUREravijain90
 
Digital Signature.pptx
Digital Signature.pptxDigital Signature.pptx
Digital Signature.pptxMd. AManullah Galib
 
Digital certificates
Digital certificatesDigital certificates
Digital certificatesSimmi Kamra
 
Digital Signature
Digital SignatureDigital Signature
Digital SignatureMohamed Talaat
 
Digital signature
Digital signatureDigital signature
Digital signature9799907840kd
 
Message Authentication Requirement-MAC
Message Authentication Requirement-MACMessage Authentication Requirement-MAC
Message Authentication Requirement-MACSou Jana
 
Digital signature
Digital signatureDigital signature
Digital signatureFilipp Kolobov
 
Digital signature & certificate
Digital signature & certificateDigital signature & certificate
Digital signature & certificateNetGains Technologies Pvt. Ltd.
 
Digital signature
Digital signatureDigital signature
Digital signatureHossain Md Shakhawat
 
Cryptography
CryptographyCryptography
CryptographyBirmingham City University
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)Soham Kansodaria
 
Email Security Presentation
Email Security PresentationEmail Security Presentation
Email Security PresentationYosef Gamble
 
Digital signature
Digital signatureDigital signature
Digital signatureYash Karanke
 
Digital certificates &amp; its importance
Digital certificates &amp; its importanceDigital certificates &amp; its importance
Digital certificates &amp; its importancesvm
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolMohammed Adam
 
Seminar ppt on digital signature
Seminar ppt on digital signatureSeminar ppt on digital signature
Seminar ppt on digital signaturejolly9293
 
Digital Signature ppt
Digital Signature pptDigital Signature ppt
Digital Signature pptOECLIB Odisha Electronics Control Library
 
digital signature ppt
digital signature pptdigital signature ppt
digital signature pptNitesh Dubey
 
Digital signature
Digital signatureDigital signature
Digital signatureAbdullah Khosa
 
Cryptography
CryptographyCryptography
CryptographyEmaSushan
 
Encryption presentation final
Encryption presentation finalEncryption presentation final
Encryption presentation finaladrigee12
 
Digital signatures
Digital signaturesDigital signatures
Digital signaturesReachLocal Services India
 
Computer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowComputer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowBrijesh Vishwakarma
 

More Related Content

What's hot

Digital certificates
Digital certificatesDigital certificates
Digital certificatesSimmi Kamra
 
Digital Signature
Digital SignatureDigital Signature
Digital SignatureMohamed Talaat
 
Digital signature
Digital signatureDigital signature
Digital signature9799907840kd
 
Message Authentication Requirement-MAC
Message Authentication Requirement-MACMessage Authentication Requirement-MAC
Message Authentication Requirement-MACSou Jana
 
Digital signature
Digital signatureDigital signature
Digital signatureFilipp Kolobov
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)Soham Kansodaria
 
Email Security Presentation
Email Security PresentationEmail Security Presentation
Email Security PresentationYosef Gamble
 
Digital signature
Digital signatureDigital signature
Digital signatureYash Karanke
 
Digital certificates &amp; its importance
Digital certificates &amp; its importanceDigital certificates &amp; its importance
Digital certificates &amp; its importancesvm
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolMohammed Adam
 
Seminar ppt on digital signature
Seminar ppt on digital signatureSeminar ppt on digital signature
Seminar ppt on digital signaturejolly9293
 
digital signature ppt
digital signature pptdigital signature ppt
digital signature pptNitesh Dubey
 
Digital signature
Digital signatureDigital signature
Digital signatureAbdullah Khosa
 
Cryptography
CryptographyCryptography
CryptographyEmaSushan
 
Encryption presentation final
Encryption presentation finalEncryption presentation final
Encryption presentation finaladrigee12
 

What's hot (20)

Digital Signature.pptx
Digital Signature.pptxDigital Signature.pptx
Digital Signature.pptx
 
Digital certificates
Digital certificatesDigital certificates
Digital certificates
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Message Authentication Requirement-MAC
Message Authentication Requirement-MACMessage Authentication Requirement-MAC
Message Authentication Requirement-MAC
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Digital signature & certificate
Digital signature & certificateDigital signature & certificate
Digital signature & certificate
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Cryptography
CryptographyCryptography
Cryptography
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)
 
Email Security Presentation
Email Security PresentationEmail Security Presentation
Email Security Presentation
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Digital certificates &amp; its importance
Digital certificates &amp; its importanceDigital certificates &amp; its importance
Digital certificates &amp; its importance
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) Protocol
 
Seminar ppt on digital signature
Seminar ppt on digital signatureSeminar ppt on digital signature
Seminar ppt on digital signature
 
Digital Signature ppt
Digital Signature pptDigital Signature ppt
Digital Signature ppt
 
digital signature ppt
digital signature pptdigital signature ppt
digital signature ppt
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Cryptography
CryptographyCryptography
Cryptography
 
Encryption presentation final
Encryption presentation finalEncryption presentation final
Encryption presentation final
 

Similar to What is a Digital Signature? | How Digital Signature work?

Computer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowComputer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowBrijesh Vishwakarma
 
SHA_and_DS.pdf
SHA_and_DS.pdfSHA_and_DS.pdf
SHA_and_DS.pdfSantosh Gupta
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signaturesRohit Bhat
 
Information Security (Digital Signatures)
Information Security (Digital Signatures)Information Security (Digital Signatures)
Information Security (Digital Signatures)Zara Nawaz
 
How encryption works
How encryption worksHow encryption works
How encryption worksRaxTonProduction
 
Digital signature online - What is digital signature
Digital signature online - What is digital signatureDigital signature online - What is digital signature
Digital signature online - What is digital signatureKishankant Yadav
 
Ds over
Ds overDs over
Ds overjolly9293
 
E business--dig sig
E business--dig sigE business--dig sig
E business--dig sigravik09783
 
Digital_signature_ppt.pptx
Digital_signature_ppt.pptxDigital_signature_ppt.pptx
Digital_signature_ppt.pptxMIRZATABISHHASAN1
 
Digital signature.pptx
Digital signature.pptxDigital signature.pptx
Digital signature.pptxDaveN31
 
Network security
Network securityNetwork security
Network securityABHISHEK KUMAR
 
digital signature for SMS security
digital signature for SMS securitydigital signature for SMS security
digital signature for SMS securityNilu Desai
 
Security everywhere digital signature and digital fingerprint v1 (personal)
Security everywhere digital signature and digital fingerprint v1 (personal)Security everywhere digital signature and digital fingerprint v1 (personal)
Security everywhere digital signature and digital fingerprint v1 (personal)Paul Yang
 

Similar to What is a Digital Signature? | How Digital Signature work? (20)

Digital signatures
Digital signaturesDigital signatures
Digital signatures
 
Computer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowComputer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU Lucknow
 
SHA_and_DS.pdf
SHA_and_DS.pdfSHA_and_DS.pdf
SHA_and_DS.pdf
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signatures
 
D.Silpa
D.SilpaD.Silpa
D.Silpa
 
Information Security (Digital Signatures)
Information Security (Digital Signatures)Information Security (Digital Signatures)
Information Security (Digital Signatures)
 
How encryption works
How encryption worksHow encryption works
How encryption works
 
Digital signature online - What is digital signature
Digital signature online - What is digital signatureDigital signature online - What is digital signature
Digital signature online - What is digital signature
 
ccapresentation.ppt
ccapresentation.pptccapresentation.ppt
ccapresentation.ppt
 
Ds over
Ds overDs over
Ds over
 
E business--dig sig
E business--dig sigE business--dig sig
E business--dig sig
 
Digital_signature_ppt.pptx
Digital_signature_ppt.pptxDigital_signature_ppt.pptx
Digital_signature_ppt.pptx
 
Unit v
Unit vUnit v
Unit v
 
Digital signature.pptx
Digital signature.pptxDigital signature.pptx
Digital signature.pptx
 
Information Security
Information SecurityInformation Security
Information Security
 
Digital Signatures
Digital SignaturesDigital Signatures
Digital Signatures
 
Digital Signatures
Digital SignaturesDigital Signatures
Digital Signatures
 
Network security
Network securityNetwork security
Network security
 
digital signature for SMS security
digital signature for SMS securitydigital signature for SMS security
digital signature for SMS security
 
Security everywhere digital signature and digital fingerprint v1 (personal)
Security everywhere digital signature and digital fingerprint v1 (personal)Security everywhere digital signature and digital fingerprint v1 (personal)
Security everywhere digital signature and digital fingerprint v1 (personal)
 

More from MSA Technosoft

Computer networks-4
Computer networks-4Computer networks-4
Computer networks-4MSA Technosoft
 
Computer networks-3
Computer networks-3Computer networks-3
Computer networks-3MSA Technosoft
 
Computer networks-2
Computer networks-2Computer networks-2
Computer networks-2MSA Technosoft
 
Computer networks-1
Computer networks-1Computer networks-1
Computer networks-1MSA Technosoft
 
Cascading Style Sheets - CSS - Tutorial
Cascading Style Sheets - CSS - TutorialCascading Style Sheets - CSS - Tutorial
Cascading Style Sheets - CSS - TutorialMSA Technosoft
 
www | HTTP | HTML - Tutorial
www | HTTP | HTML - Tutorialwww | HTTP | HTML - Tutorial
www | HTTP | HTML - TutorialMSA Technosoft
 
Responsive Web Design | Website Designing
Responsive Web Design | Website DesigningResponsive Web Design | Website Designing
Responsive Web Design | Website DesigningMSA Technosoft
 
BFS, Breadth first search | Search Traversal Algorithm
BFS, Breadth first search | Search Traversal AlgorithmBFS, Breadth first search | Search Traversal Algorithm
BFS, Breadth first search | Search Traversal AlgorithmMSA Technosoft
 
MIS ( Management Information System ) | DEFINITION, IMPORTANCE & BENIFITS
MIS ( Management Information System ) | DEFINITION, IMPORTANCE & BENIFITSMIS ( Management Information System ) | DEFINITION, IMPORTANCE & BENIFITS
MIS ( Management Information System ) | DEFINITION, IMPORTANCE & BENIFITSMSA Technosoft
 
Hacking tutorial
Hacking tutorialHacking tutorial
Hacking tutorialMSA Technosoft
 
eCommerce | Electronic Commerce
eCommerce | Electronic CommerceeCommerce | Electronic Commerce
eCommerce | Electronic CommerceMSA Technosoft
 
Digital Marketing | Internet Marketing | Social Networking
Digital Marketing | Internet Marketing | Social NetworkingDigital Marketing | Internet Marketing | Social Networking
Digital Marketing | Internet Marketing | Social NetworkingMSA Technosoft
 
Cascading Style Sheet | CSS
Cascading Style Sheet | CSSCascading Style Sheet | CSS
Cascading Style Sheet | CSSMSA Technosoft
 
Data communication and computer networks | Network Topologies
Data communication and computer networks | Network TopologiesData communication and computer networks | Network Topologies
Data communication and computer networks | Network TopologiesMSA Technosoft
 

More from MSA Technosoft (14)

Computer networks-4
Computer networks-4Computer networks-4
Computer networks-4
 
Computer networks-3
Computer networks-3Computer networks-3
Computer networks-3
 
Computer networks-2
Computer networks-2Computer networks-2
Computer networks-2
 
Computer networks-1
Computer networks-1Computer networks-1
Computer networks-1
 
Cascading Style Sheets - CSS - Tutorial
Cascading Style Sheets - CSS - TutorialCascading Style Sheets - CSS - Tutorial
Cascading Style Sheets - CSS - Tutorial
 
www | HTTP | HTML - Tutorial
www | HTTP | HTML - Tutorialwww | HTTP | HTML - Tutorial
www | HTTP | HTML - Tutorial
 
Responsive Web Design | Website Designing
Responsive Web Design | Website DesigningResponsive Web Design | Website Designing
Responsive Web Design | Website Designing
 
BFS, Breadth first search | Search Traversal Algorithm
BFS, Breadth first search | Search Traversal AlgorithmBFS, Breadth first search | Search Traversal Algorithm
BFS, Breadth first search | Search Traversal Algorithm
 
MIS ( Management Information System ) | DEFINITION, IMPORTANCE & BENIFITS
MIS ( Management Information System ) | DEFINITION, IMPORTANCE & BENIFITSMIS ( Management Information System ) | DEFINITION, IMPORTANCE & BENIFITS
MIS ( Management Information System ) | DEFINITION, IMPORTANCE & BENIFITS
 
Hacking tutorial
Hacking tutorialHacking tutorial
Hacking tutorial
 
eCommerce | Electronic Commerce
eCommerce | Electronic CommerceeCommerce | Electronic Commerce
eCommerce | Electronic Commerce
 
Digital Marketing | Internet Marketing | Social Networking
Digital Marketing | Internet Marketing | Social NetworkingDigital Marketing | Internet Marketing | Social Networking
Digital Marketing | Internet Marketing | Social Networking
 
Cascading Style Sheet | CSS
Cascading Style Sheet | CSSCascading Style Sheet | CSS
Cascading Style Sheet | CSS
 
Data communication and computer networks | Network Topologies
Data communication and computer networks | Network TopologiesData communication and computer networks | Network Topologies
Data communication and computer networks | Network Topologies
 

Recently uploaded

Quarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up FridayQuarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up FridayMakMakNepo
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designMIPLM
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.arsicmarija21
 
Atmosphere science 7 quarter 4 .........
Atmosphere science 7 quarter 4 .........Atmosphere science 7 quarter 4 .........
Atmosphere science 7 quarter 4 .........LeaCamillePacle
 
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxGrade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxChelloAnnAsuncion2
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxEyham Joco
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceSamikshaHamane
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfphamnguyenenglishnb
 

Recently uploaded (20)

Quarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up FridayQuarter 4 Peace-education.pptx Catch Up Friday
Quarter 4 Peace-education.pptx Catch Up Friday
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 
Raw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptxRaw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptx
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-design
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.AmericanHighSchoolsprezentacijaoskolama.
AmericanHighSchoolsprezentacijaoskolama.
 
Atmosphere science 7 quarter 4 .........
Atmosphere science 7 quarter 4 .........Atmosphere science 7 quarter 4 .........
Atmosphere science 7 quarter 4 .........
 
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxGrade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in Pharmacovigilance
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
 

What is a Digital Signature? | How Digital Signature work?

  • 1. •It is a type of asymmetric cryptography used to simulate the security properties of a signature in digital, rather than written, form. Digital signature schemes normally give two algorithms, one for signing which involves the user's secret or private key, and one for verifying signatures which involves the user's public key. The output of the signature process is called the “digital signature”. •It is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged. Digital signatures are easily transportable, cannot be imitated by someone else, and can be automatically time-stamped. The ability to ensure that the original signed message arrived means that the sender cannot easily repudiate it later. What is a Digital Signature?
  • 2. Concepts • A 1024 bits number is a very big number much bigger than the total number of electrons in whole world. • Trillions of Trillions of pairs of numbers exist in this range with each pair having following property – A message encrypted with one element of the pair can be decrypted ONLY by the other element of the same pair • Two numbers of a pair are called keys, the Public Key & the Private Key. User himself generates his own key pair on his computer • Any message irrespective of its length can be compressed or abridged uniquely into a smaller length message called the Digest or the Hash. • Smallest change in the message will change the Hash value
  • 3. Symmetric-key ciphers: Block ciphers Stream ciphers Public-key ciphers CRYPTOGRAPHIC GOALS Cryptographic goals Confidentiality Data integrity Authentication Non-repudiation Message authentication Entity authenticationArbitrary length hash functions Message Authentication codes (MACs) Digital signatures Authentication primitives Digital signatures MACs Digital signatures
  • 4. What is Digital Signature? • Hash value of a message when encrypted with the private key of a person is his digital signature on that e-Document – Digital Signature of a person therefore varies from document to document thus ensuring authenticity of each word of that document. – As the public key of the signer is known, anybody can verify the message and the digital signature message Signing algorithm message signature Signer’s private key Unsecured channel Signer Signature verification algorithm Signer’s public key Verifier Ok / not Ok
  • 5. Why Digital Signatures? •To provide Authenticity, Integrity and Non-repudiation to electronic documents •To use the Internet as the safe and secure medium for e- Commerce and e-Governance
  • 6. The use of digital signatures usually involves two processes, one performed by the signer and the other by the receiver of the digital signature: •Digital signature creation uses a hash result derived from and unique to both the signed message and a given private key. For the hash result to be secure, there must be only a negligible possibility that the same digital signature could be created by the combination of any other message or private key. •Digital signature verification is the process of checking the digital signature by reference to the original message and a given public key, thereby determining whether the digital signature was created for that same message using the private key that corresponds to the referenced public key. How it works?
  • 7. ENCRYPTION Caesar Cipher The shift is linear and equi-distributed 3changes I agree lcdjuhh Key Cipher The shift is linear (cyclic) 269 k.n.gupta 62 mewam3rzjba i+3=l Space=c [+3] k+2=m (dot)=e [+6] n=w [+9] Char 1 2 3 4 5 6 7 8 9 a b c d e f g h i j b c d e f g h i j k c d e f g h i j k l d e f g h i j k l m e f g h i j k l m n f g h i j k l m n o g h i j k l m n o p h i j k l m n o p q i j k l m n o p q r j k l m n o p q r s k l m n o p q r s t l m n o p q r s t u m n o p q r s t u v n o p q r s t u v w o p q r s t u v w x p q r s t u v w x y q r s t u v w x y z r s t u v w x y z 0 s t u v w x y z 0 1 t u v w x y z 0 1 2 u v w x y z 0 1 2 3 v w x y z 0 1 2 3 4 w x y z 0 1 2 3 4 5 x y z 0 1 2 3 4 5 6 y z 0 1 2 3 4 5 6 7 z 0 1 2 3 4 5 6 7 8 0 1 2 3 4 5 6 7 8 9 1 2 3 4 5 6 7 8 9 . 2 3 4 5 6 7 8 9 . 3 4 5 6 7 8 9 . a 4 5 6 7 8 9 . a b 5 6 7 8 9 . a b c 6 7 8 9 . a b c d 7 8 9 . a b c d e 8 9 . a b c d e f 9 . a b c d e f g . (Dot) a b c d e f g h Space a b c d e f g h i
  • 8. ENCRYPTION Message 2 The Internet knows no geographical boundaries. It has redefined time and space. Advances in computer and telecommunication technologies have led to the explosive growth of the Internet. This in turn is affecting the methods of communication, work, study, education, interaction, leisure, health, governance, trade and commerce. Encrypted Message 2 a520eecb61a770f947ca856cd675463f1c95a 9a2b8d4e6a71f80830c87f5715f5f59334978 dd7e97da0707b48a1138d77ced56feba2b46 7c398683c7dbeb86b854f120606a7ae1ed93 4f5703672adab0d7be66dccde1a763c736cb 9001d0731d541106f50bb7e54240c40ba780 b7a553bea570b99c9ab3df13d75f8ccfdddea af3a749fd1411 Message 1 Central to the growth of e-commerce and e- governance is the issue of trust in electronic environment. Encrypted Message 1 9a46894335be49f0b9cab28d755aaa9cd985 71b275bbb0adb405e6931e856ca3e5e569ed d135285482 DECRYPTION Encrypted Message 1 9a46894335be49f0b9cab28d755aaa9cd98571b 275bbb0adb405e6931e856ca3e5e569edd13528 5482 Message 1 Central to the growth of e-commerce and e- governance is the issue of trust in electronic environment. Encrypted Message 2 a520eecb61a770f947ca856cd675463f1c95a9a2b 8d4e6a71f80830c87f5715f5f59334978dd7e97da 0707b48a1138d77ced56feba2b467c398683c7db eb86b854f120606a7ae1ed934f5703672adab0d7 be66dccde1a763c736cb9001d0731d541106f50b b7e54240c40ba780b7a553bea570b99c9ab3df13 d75f8ccfdddeaaf3a749fd1411 Message 2 The Internet knows no geographical boundaries. It has redefined time and space. Advances in computer and telecommunication technologies have led to the explosive growth of the Internet. This in turn is affecting the methods of communication, work, study, education, interaction, leisure, health, governance, trade and commerce. Same Key SYMMETRIC Different Keys [Keys of a pair – Public and Private] ASYMMETRIC [PKI]
  • 9. EXAMPLE Assume you were going to send the draft of a contract to your lawyer in another town. You want to give your lawyer the assurance that it was unchanged from what you sent and that it is really from you. 1.You copy-and-paste the contract (it's a short one!) into an e-mail note. 2.Using special software, you obtain a message hash (mathematical summary) of the contract. 3.You then use a private key that you have previously obtained from a public-private key authority to encrypt the hash. 4.The encrypted hash becomes your digital signature of the message. (Note that it will be different each time you send a message.) At the other end, your lawyer receives the message. 1.To make sure it's intact and from you, your lawyer makes a hash of the received message. 2.Your lawyer then uses your public key to decrypt the message hash or summary. 3.If the hashes match, the received message is valid.
  • 10. DIGITAL SIGNATURES • Digital Signatures are numbers • These are document content dependent I agree efcc61c1c03db8d8ea8569545c073c814a0ed755 My place of birth is at Gwalior. fe1188eecd44ee23e13c4b6655edc8cd5cdb6f25 I am 62 years old. 0e6d7d56c4520756f59235b6ae981cdb5f9820a0 I am an Engineer. ea0ae29b3b2c20fc018aaca45c3746a057b893e7 I am a Engineer. 01f1d8abd9c2e6130870842055d97d315dff1ea3 • These are digital signatures of same person on different documents
  • 11. RSA • Developed in 1978 by Rivest, Shamir and Adleman (RSA) • Most popular public key cryptosystem • Based on the hard problem of “integer factorization”
  • 12. KEY-GENERATION FOR RSA(CONT.) 1. Generate two large random distinct primes p and q, each roughly the same size 2. Compute n = pq and 3. Select random integer e: 4. Compute unique integer d: 5. Public key is (n, e); Private key is d ( ) ( 1)( 1)n p qφ = − − 1 , such that gcd( , ) 1e eφ φ< < = 1 , such that 1modd edφ φ< < =
  • 13. KEY-GENERATION FOR RSA(CONT.) • Usually numbers with the right bit length are chosen randomly and tested for primality • Statistical tests are used to determine the probability that these numbers are primes i.e. Strassen – Test Miller – Rabin – Test • There is always an insignificantly low chance that number is not prime
  • 14. USED NOTATION • M is a set of elements, called the message space = Zn • MS is a set of elements, called the signing space = Zn • R is a 1 to 1 mapping from M to MS, called the redundancy function • MR is the image of R: {y| y = R(x), xЄ M} • R-1 is the inverse of R: MR M
  • 15. RSA SIGNATURE GENERATION AND VERIFICATION • To sign a message A should: • Compute: where R(m) is a redundancy function • Compute: • A’s signature for m is s • To verify A’s signature and recover m, B should: • Obtain A’s authentic public key (n, e) • Compute: • Verify that ; if not, reject the signature • Recover ]n,[),m(Rm~ 10 −= rangetheinintegeran nmodm~s d = nmodsm~ e = RMm~ ∈ )m~(Rm 1− = Mm∈
  • 16. PROOF THAT SIGNATURE VERIFICATION WORKS • Euler’s theorem: , where is the Euler’s function of n • If s is a signature for m, then: • Since , then: • Finally: )m(Rm~,nm~s d == mod ))n((ed,pqn φmod1≡= )n(m~m~m~ m~m~m~s q)n( q)n())n((ede mod mod ≡⋅≡ ≡≡≡≡ ⋅ +⋅ ϕ ϕϕ 11 m))m(R(R)m~(R == −− 11 11 =≡ )n,agcd(,na )n( modϕ )n(ϕ
  • 17. RSA SIGNATURE EXAMPLE Alice • p=5 q=7 n = 35 φ(n) = 4¡6=24 • e = 5; d: ed = 5d=1 mod 24 => d = 5 Public key: (n=35, e=5) Private key: d=5 • M = [0, n-1] • For all m Є M R(m)=m • m = 26; R(m) = 26 s = 265 mod 35 = 31 Bob: • R(m) = 315 mod 35 = 26 Є [0, n-1] • m = R-1 (m) = 26 =m~ =m~
  • 18. Digital Signatures Each individual generates his own key pair [Public key known to everyone & Private key only to the owner] Private Key – Used for making digital signature Public Key – Used to verify the digital signature
  • 19. Paper signatures v/s Digital Signatures Parameter Paper Electronic Authenticity May be forged Can not be copied Integrity Signature independent of the document Signature depends on the contents of the document Non-repudiation a. Handwriting expert needed b. Error prone a. Any computer user b. Error free
  • 20. BENEFITS OF DIGITAL SIGNATURES These are common reasons for applying a digital signature to communications: • Authentication Although messages may often include information about the entity sending a message, that information may not be accurate. Digital signatures can be used to authenticate the source of messages. When ownership of a digital signature secret key is bound to a specific user, a valid signature shows that the message was sent by that user. The importance of high confidence in sender authenticity is especially obvious in a financial context. For example, suppose a bank's branch office sends instructions to the central office requesting a change in the balance of an account. If the central office is not convinced that such a message is truly sent from an authorized source, acting on such a request could be a grave mistake. • Integrity In many scenarios, the sender and receiver of a message may have a need for confidence that the message has not been altered during transmission. Although encryption hides the contents of a message, it may be possible to change an encrypted message without understanding it. (Some encryption algorithms, known as nonmalleable ones, prevent this, but others do not.) However, if a message is digitally signed, any change in the message will invalidate the signature. Furthermore, there is no efficient way to modify a message and its signature to produce a new message with a valid signature, because this is still considered to be computationally infeasible by most cryptographic hash functions.
  • 21. Drawbacks of digital signatures Despite their usefulness, digital signatures do not alone solve all the problems we might wish them to. Non-repudiation In a cryptographic context, the word repudiation refers to the act of disclaiming responsibility for a message. A message's recipient may insist the sender attach a signature in order to make later repudiation more difficult, since the recipient can show the signed message to a third party (eg, a court) to reinforce a claim as to its signatories and integrity. However, loss of control over a user's private key will mean that all digital signatures using that key, and so ostensibly 'from' that user, are suspect. Nonetheless, a user cannot repudiate a signed message without repudiating their signature key.
  • 22. FAQS 1. In the digital signature who use the private key and who use the public key? Private key: sender Public key: receiver 2. What are the benefits of digital signatures? Authentication and Integrity

Editor's Notes

  1. One cd rom=one tree