This tutorial helps you to learn about Digital Signature. See how a digital signature work? Key Concepts: Encrytption & Decryption, Algortithms, RSA, Public Key & Private Key, Advantage of DSC, Disadvantage of DSC
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
Â
What is a Digital Signature? | How Digital Signature work?
1. â˘It is a type of asymmetric cryptography used to simulate the security properties of a
signature in digital, rather than written, form. Digital signature schemes normally give
two algorithms, one for signing which involves the user's secret or private key, and one
for verifying signatures which involves the user's public key. The output of the
signature process is called the âdigital signatureâ.
â˘It is an electronic signature that can be used to authenticate the identity of the sender
of a message or the signer of a document, and possibly to ensure that the original
content of the message or document that has been sent is unchanged. Digital signatures
are easily transportable, cannot be imitated by someone else, and can be automatically
time-stamped. The ability to ensure that the original signed message arrived means that
the sender cannot easily repudiate it later.
What is a Digital Signature?
2. Concepts
⢠A 1024 bits number is a very big number much bigger than the total number of
electrons in whole world.
⢠Trillions of Trillions of pairs of numbers exist in this range with each pair having
following property
â A message encrypted with one element of the pair can be decrypted ONLY
by the other element of the same pair
⢠Two numbers of a pair are called keys, the Public Key & the Private Key. User
himself generates his own key pair on his computer
⢠Any message irrespective of its length can be compressed or abridged uniquely into
a smaller length message called the Digest or the Hash.
⢠Smallest change in the message will change the Hash value
3. Symmetric-key
ciphers:
ď§Block ciphers
ď§Stream ciphers
Public-key
ciphers
CRYPTOGRAPHIC GOALS
Cryptographic goals
Confidentiality Data integrity Authentication Non-repudiation
Message authentication
Entity authenticationArbitrary length
hash functions
Message
Authentication
codes (MACs)
Digital signatures
Authentication
primitives
Digital signatures
MACs
Digital
signatures
4. What is Digital Signature?
⢠Hash value of a message when encrypted with the private key of a person is his
digital signature on that e-Document
â Digital Signature of a person therefore varies from document to document
thus ensuring authenticity of each word of that document.
â As the public key of the signer is known, anybody can verify the message
and the digital signature
message
Signing
algorithm
message signature
Signerâs private key
Unsecured channel
Signer
Signature
verification
algorithm
Signerâs public key
Verifier
Ok / not Ok
5. Why Digital Signatures?
â˘To provide Authenticity, Integrity and Non-repudiation
to electronic documents
â˘To use the Internet as the safe and secure medium for e-
Commerce and e-Governance
6. The use of digital signatures usually involves two processes, one performed by the signer and the
other by the receiver of the digital signature:
â˘Digital signature creation uses a hash result derived from and unique to both the signed
message and a given private key. For the hash result to be secure, there must be only a negligible
possibility that the same digital signature could be created by the combination of any other
message or private key.
â˘Digital signature verification is the process of checking the digital signature by reference to
the original message and a given public key, thereby determining whether the digital signature was
created for that same message using the private key that corresponds to the referenced public key.
How it works?
7. ENCRYPTION
Caesar Cipher
The shift is linear and equi-distributed 3changes
I agree lcdjuhh
Key Cipher
The shift is linear (cyclic) 269
k.n.gupta 62 mewam3rzjba
i+3=l
Space=c [+3]
k+2=m
(dot)=e [+6]
n=w [+9]
Char 1 2 3 4 5 6 7 8 9
a b c d e f g h i j
b c d e f g h i j k
c d e f g h i j k l
d e f g h i j k l m
e f g h i j k l m n
f g h i j k l m n o
g h i j k l m n o p
h i j k l m n o p q
i j k l m n o p q r
j k l m n o p q r s
k l m n o p q r s t
l m n o p q r s t u
m n o p q r s t u v
n o p q r s t u v w
o p q r s t u v w x
p q r s t u v w x y
q r s t u v w x y z
r s t u v w x y z 0
s t u v w x y z 0 1
t u v w x y z 0 1 2
u v w x y z 0 1 2 3
v w x y z 0 1 2 3 4
w x y z 0 1 2 3 4 5
x y z 0 1 2 3 4 5 6
y z 0 1 2 3 4 5 6 7
z 0 1 2 3 4 5 6 7 8
0 1 2 3 4 5 6 7 8 9
1 2 3 4 5 6 7 8 9 .
2 3 4 5 6 7 8 9 .
3 4 5 6 7 8 9 . a
4 5 6 7 8 9 . a b
5 6 7 8 9 . a b c
6 7 8 9 . a b c d
7 8 9 . a b c d e
8 9 . a b c d e f
9 . a b c d e f g
. (Dot) a b c d e f g h
Space a b c d e f g h i
8. ENCRYPTION
Message 2
The Internet knows no geographical boundaries.
It has redefined time and space. Advances in
computer and telecommunication technologies
have led to the explosive growth of the Internet.
This in turn is affecting the methods of
communication, work, study, education,
interaction, leisure, health, governance, trade
and commerce.
Encrypted Message 2
a520eecb61a770f947ca856cd675463f1c95a
9a2b8d4e6a71f80830c87f5715f5f59334978
dd7e97da0707b48a1138d77ced56feba2b46
7c398683c7dbeb86b854f120606a7ae1ed93
4f5703672adab0d7be66dccde1a763c736cb
9001d0731d541106f50bb7e54240c40ba780
b7a553bea570b99c9ab3df13d75f8ccfdddea
af3a749fd1411
Message 1
Central to the growth of e-commerce and e-
governance is the issue of trust in electronic
environment.
Encrypted Message 1
9a46894335be49f0b9cab28d755aaa9cd985
71b275bbb0adb405e6931e856ca3e5e569ed
d135285482
DECRYPTION
Encrypted Message 1
9a46894335be49f0b9cab28d755aaa9cd98571b
275bbb0adb405e6931e856ca3e5e569edd13528
5482
Message 1
Central to the growth of e-commerce and e-
governance is the issue of trust in electronic
environment.
Encrypted Message 2
a520eecb61a770f947ca856cd675463f1c95a9a2b
8d4e6a71f80830c87f5715f5f59334978dd7e97da
0707b48a1138d77ced56feba2b467c398683c7db
eb86b854f120606a7ae1ed934f5703672adab0d7
be66dccde1a763c736cb9001d0731d541106f50b
b7e54240c40ba780b7a553bea570b99c9ab3df13
d75f8ccfdddeaaf3a749fd1411
Message 2
The Internet knows no geographical boundaries. It has
redefined time and space. Advances in computer and
telecommunication technologies have led to the
explosive growth of the Internet. This in turn is
affecting the methods of communication, work, study,
education, interaction, leisure, health, governance,
trade and commerce.
Same Key
SYMMETRIC
Different Keys
[Keys of a pair â Public and Private]
ASYMMETRIC
[PKI]
9. EXAMPLE
Assume you were going to send the draft of a contract to your lawyer in another town.
You want to give your lawyer the assurance that it was unchanged from what you sent
and that it is really from you.
1.You copy-and-paste the contract (it's a short one!) into an e-mail note.
2.Using special software, you obtain a message hash (mathematical summary) of the
contract.
3.You then use a private key that you have previously obtained from a public-private key
authority to encrypt the hash.
4.The encrypted hash becomes your digital signature of the message. (Note that it will
be different each time you send a message.)
At the other end, your lawyer receives the message.
1.To make sure it's intact and from you, your lawyer makes a hash of the received
message.
2.Your lawyer then uses your public key to decrypt the message hash or summary.
3.If the hashes match, the received message is valid.
10. DIGITAL
SIGNATURES
⢠Digital Signatures are numbers
⢠These are document content dependent
I agree
efcc61c1c03db8d8ea8569545c073c814a0ed755
My place of birth is at Gwalior.
fe1188eecd44ee23e13c4b6655edc8cd5cdb6f25
I am 62 years old.
0e6d7d56c4520756f59235b6ae981cdb5f9820a0
I am an Engineer.
ea0ae29b3b2c20fc018aaca45c3746a057b893e7
I am a Engineer.
01f1d8abd9c2e6130870842055d97d315dff1ea3
⢠These are digital signatures of same person on different documents
11. RSA
⢠Developed in 1978 by Rivest, Shamir and Adleman (RSA)
⢠Most popular public key cryptosystem
⢠Based on the hard problem of âinteger factorizationâ
12. KEY-GENERATION FOR
RSA(CONT.)
1. Generate two large random distinct primes
p and q, each roughly the same size
2. Compute n = pq and
3. Select random integer e:
4. Compute unique integer d:
5. Public key is (n, e); Private key is d
( ) ( 1)( 1)n p qĎ = â â
1 , such that gcd( , ) 1e eĎ Ď< < =
1 , such that 1modd edĎ Ď< < =
13. KEY-GENERATION FOR
RSA(CONT.)
⢠Usually numbers with the right bit length are chosen randomly and tested for
primality
⢠Statistical tests are used to determine the probability that these numbers are
primes
i.e. Strassen â Test
Miller â Rabin â Test
⢠There is always an insignificantly low chance that number is not prime
14. USED NOTATION
⢠M is a set of elements, called the message
space = Zn
⢠MS is a set of elements, called the signing space =
Zn
⢠R is a 1 to 1 mapping from M to MS, called the
redundancy function
⢠MR is the image of R: {y| y = R(x), xРM}
⢠R-1
is the inverse of R: MR M
15. RSA SIGNATURE GENERATION AND
VERIFICATION
⢠To sign a message A should:
⢠Compute:
where R(m) is a redundancy function
⢠Compute:
⢠Aâs signature for m is s
⢠To verify Aâs signature and recover m, B should:
⢠Obtain Aâs authentic public key (n, e)
⢠Compute:
⢠Verify that ; if not, reject the signature
⢠Recover
]n,[),m(Rm~ 10 â= rangetheinintegeran
nmodm~s d
=
nmodsm~ e
=
RMm~ â
)m~(Rm 1â
=
Mmâ
16. PROOF THAT SIGNATURE VERIFICATION
WORKS
⢠Eulerâs theorem: ,
where is the Eulerâs function of n
⢠If s is a signature for m, then:
⢠Since , then:
⢠Finally:
)m(Rm~,nm~s d
== mod
))n((ed,pqn Ďmod1âĄ=
)n(m~m~m~
m~m~m~s
q)n(
q)n())n((ede
mod
mod
âĄâ âĄ
âĄâĄâĄâĄ
â
+â
Ď
ĎĎ 11
m))m(R(R)m~(R == ââ 11
11 =⥠)n,agcd(,na )n(
modĎ
)n(Ď
17. RSA SIGNATURE EXAMPLE
Alice
⢠p=5 q=7 n = 35 Ď(n) = 4¡6=24
⢠e = 5; d: ed = 5d=1 mod 24 => d = 5
Public key: (n=35, e=5) Private key: d=5
⢠M = [0, n-1]
⢠For all m РM R(m)=m
⢠m = 26; R(m) = 26 s = 265
mod 35 = 31
Bob:
⢠R(m) = 315
mod 35 = 26 Đ [0, n-1]
⢠m = R-1
(m) = 26
=m~
=m~
18. Digital Signatures
Each individual generates his own key pair
[Public key known to everyone & Private key only to the owner]
Private Key â Used for making digital signature
Public Key â Used to verify the digital signature
19. Paper signatures v/s Digital Signatures
Parameter Paper Electronic
Authenticity May be forged Can not be copied
Integrity Signature independent of
the document
Signature depends on the
contents of the document
Non-repudiation a. Handwriting expert
needed
b. Error prone
a. Any computer user
b. Error free
20. BENEFITS OF DIGITAL SIGNATURES
These are common reasons for applying a digital signature to communications:
⢠Authentication
Although messages may often include information about the entity sending a message, that
information may not be accurate. Digital signatures can be used to authenticate the source of
messages. When ownership of a digital signature secret key is bound to a specific user, a valid
signature shows that the message was sent by that user. The importance of high confidence in
sender authenticity is especially obvious in a financial context. For example, suppose a bank's
branch office sends instructions to the central office requesting a change in the balance of an
account. If the central office is not convinced that such a message is truly sent from an
authorized source, acting on such a request could be a grave mistake.
⢠Integrity
In many scenarios, the sender and receiver of a message may have a need for confidence that
the message has not been altered during transmission. Although encryption hides the contents
of a message, it may be possible to change an encrypted message without understanding it.
(Some encryption algorithms, known as nonmalleable ones, prevent this, but others do not.)
However, if a message is digitally signed, any change in the message will invalidate the
signature. Furthermore, there is no efficient way to modify a message and its signature to
produce a new message with a valid signature, because this is still considered to be
computationally infeasible by most cryptographic hash functions.
21. Drawbacks of digital signatures
Despite their usefulness, digital signatures do not alone solve all the
problems we might wish them to.
Non-repudiation
In a cryptographic context, the word repudiation refers to the act of
disclaiming responsibility for a message. A message's recipient may insist
the sender attach a signature in order to make later repudiation more
difficult, since the recipient can show the signed message to a third party
(eg, a court) to reinforce a claim as to its signatories and integrity.
However, loss of control over a user's private key will mean that all
digital signatures using that key, and so ostensibly 'from' that user, are
suspect. Nonetheless, a user cannot repudiate a signed message without
repudiating their signature key.
22. FAQS
1. In the digital signature who use the private key and who use
the public key?
Private key: sender
Public key: receiver
2. What are the benefits of digital signatures?
Authentication and Integrity