Introduction to Digital signatures

34,990 views

Published on

Published in: Technology, Education
5 Comments
42 Likes
Statistics
Notes
No Downloads
Views
Total views
34,990
On SlideShare
0
From Embeds
0
Number of Embeds
14
Actions
Shares
0
Downloads
3,221
Comments
5
Likes
42
Embeds 0
No embeds

No notes for slide

Introduction to Digital signatures

  1. 1. Introduction to the world of Digital Signatures…! Rohit Bhat 1PI08EC092 VI Sem ECE
  2. 2. <ul><li>Encryption </li></ul><ul><li>Digital signature overview </li></ul><ul><li>Digital Signature Creation </li></ul><ul><li>Hashing </li></ul><ul><li>How Encryption and Digital Signatures Work </li></ul><ul><li>Digital Signature Verifications </li></ul><ul><li>Different Digital Signature Schemes </li></ul><ul><li>Legal aspects </li></ul><ul><li>Advantages and Disadvantages </li></ul>Contents
  3. 3. Encryption <ul><li>Encryption is the conversion of data into a form, called a CIPHER Text. </li></ul><ul><li>The use of encryption/decryption is as old as the art of communication. </li></ul><ul><li>Encryption/decryption is especially important in wireless communications. </li></ul><ul><li>Encryption/decryption is a good idea when carrying out any kind of sensitive transaction. </li></ul><ul><li>Ex: A credit-card purchase online, or the discussion of a company secret between different departments in the organization. </li></ul>
  4. 4. <ul><li>Private key encryption </li></ul><ul><li>Private key means that each computer has a secret key (code) that it can use to encrypt a packet of information before it is sent over the network to the other computer. </li></ul><ul><li>Public Key encryption </li></ul><ul><li>Public key encryption uses a combination of a private key and a public key. </li></ul><ul><li>The key is based on a hash value. This is a value that is computed from a base input number using a hashing algorithm. </li></ul><ul><ul><li>Types of Encryption </li></ul></ul>
  5. 5. <ul><li>Encryption depends on modifying or scrambling messages. </li></ul><ul><li>So a key is necessary to understand the message. </li></ul><ul><li>If the original message is GOD IS GREAT then the encrypted version depends on the key as follows: </li></ul><ul><li>(key = 1) HPE JT HSFBU </li></ul><ul><li>(key = 2) IQF KU ITGCV </li></ul><ul><li>(key = 3) JRG LV JSHDW </li></ul>Simple Encryption Example
  6. 6. <ul><li>What is a digital signature? </li></ul><ul><li>A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. </li></ul><ul><li>A digital signature can be used with any kind of message, whether it is encrypted or not, simply so that the receiver can be sure of the sender's identity and that the message arrived intact. </li></ul>Digital Signatures
  7. 7. Creation of Digital Signatures <ul><li>A digital signature scheme typically consists of three algorithms: </li></ul><ul><li>HASHING algorithm. </li></ul><ul><li>Signature Generation Algorithm </li></ul><ul><li>A signature verifying algorithm that, given a message, public key and a signature, either accepts or rejects the message's claim to authenticity. </li></ul>
  8. 8. Hashing <ul><li>Hashing is the transformation of a string of characters into a usually shorter fixed-length value or key that represents the original string. </li></ul><ul><li>As a simple example of the using of hashing in databases, a group of people could be arranged in a database like this: </li></ul><ul><li>Abernathy Sara, Epperdingle Roscoe, Moore Wilfred, Smith David (and many more sorted into alphabetical order) </li></ul><ul><li>After Hashing, each of them will be replaced by a 4 digit number (in this case) </li></ul><ul><li>7864=> Abernathy Sara 9802=> Epperdingle Roscoe 1990=> Moore Wilfred 8822=> Smith David (and so forth). </li></ul>
  9. 9. Hashing Algorithm <ul><li>The formula for hashing depends on two inputs: </li></ul><ul><li>the sequence of characters representing the electronic data to be signed </li></ul><ul><li>a secret number referred to as a signature's private key associated with the signing party and which only that party has access to </li></ul><ul><li>Some simple Hash Functions </li></ul><ul><li>The division-remainder method </li></ul><ul><li>Folding </li></ul><ul><li>Radix transformation </li></ul><ul><li>Digit rearrangement </li></ul>
  10. 10. Methods of Encryption based on Privacy <ul><li>Encryption scrambles or modifies a message or document so it cannot be read and understood, except by the intended recipient . </li></ul><ul><li>A key is necessary to reverse the scrambling or modification, to make the message readable. </li></ul><ul><li>Methods of Encryption based on Privacy are as follows: </li></ul><ul><li>a message may be digitally signed, but not encrypted </li></ul><ul><li>a message may be encrypted first, then digitally signed </li></ul><ul><li>a message may be digitally signed first, then encrypted </li></ul>
  11. 11. <ul><li>Public-private digital key pair </li></ul><ul><li>Certificate Authority. </li></ul><ul><li>The public key certificate creates proof of the identity of the signer by using the services of a certificate authority. </li></ul><ul><li>A certificate authority uses a variety of processes to associate the particular public key with an individual. </li></ul><ul><li>The combination of public key and proof of identity result in a public key certificate - also called a signer's certificate. </li></ul>Prerequisites to create a digital signature
  12. 12. <ul><li>It is the process of checking the digital signature by the reference to the original message and a given public key. </li></ul><ul><li>Verifying also relies on a formula. Here, the formula depends on three inputs: </li></ul><ul><ul><ul><ul><li>The sequence of characters representing the supposedly originally signed electronic data </li></ul></ul></ul></ul><ul><ul><ul><ul><li>The public key of the signing party </li></ul></ul></ul></ul><ul><ul><ul><ul><li>The value representing the supposedly authentic digital signature. </li></ul></ul></ul></ul><ul><li>The output of the formula is a simple answer: YES or NO . </li></ul>Digital Signature Verification
  13. 15. Digital Signature Schemes <ul><li>The following are the widely used Schemes for Digital Signatures </li></ul><ul><li>RSA Scheme </li></ul><ul><li>ElGamal Scheme </li></ul><ul><li>Schnorr Scheme </li></ul><ul><li>Digital Signature Standard (DSS) </li></ul>
  14. 16. RSA Algorithm <ul><li>RSA stands for Rivest, Shamir and Adleman who first publicly described the algorithm </li></ul><ul><li>RSA involves a public key and a private key .   </li></ul><ul><li>The keys for the RSA algorithm are generated the following way: </li></ul><ul><li>Choose two distinct prime numbers  p  and  q . </li></ul><ul><li>Compute  n  =  pq, n is used as a modulus in further steps </li></ul><ul><li>Compute φ( n ) = ( p  – 1)( q  – 1), where φ is Euler's quotient function. </li></ul><ul><li>Choose an integer  e  such that 1<  e  <φ( n ) and gcd( e ,φ( n )) = 1, i.e.  e  and φ( n ) are co-prime and e  is released as the public key exponent. </li></ul><ul><li>Determine  d  =  e –1  mod φ( n ); i.e.  d  is the multiplicative inverse of  e  mod φ( n ) and d  is kept as the private key exponent. </li></ul>
  15. 17. ElGamal Scheme <ul><li>The ElGamal signature scheme is a digital signature scheme which is based on the difficulty of computing discrete logarithms. </li></ul><ul><li>Taher ElGamal in 1984 devised this algorithm </li></ul><ul><li>The ElGamal signature scheme allows that a verifier can confirm the authenticity of a message  m  sent by the signer sent to him over an insecure channel. </li></ul><ul><li>System Parameters </li></ul><ul><li>Let  H  be a collision-resistant hash function. </li></ul><ul><li>Let  p  be a large prime such that computing discrete logarithms modulo  p  is difficult. </li></ul><ul><li>Let  g  <  p  be a randomly chosen generator of the multiplicative group of integers modulo  p  i.e Z p . </li></ul><ul><li>Key Generation </li></ul><ul><li>Signature Generation </li></ul><ul><li>Verification </li></ul>
  16. 18. Schnorr Digital Signature Scheme <ul><li>In Schnorr Scheme security is based on the intractability of certain discrete logarithm problems. </li></ul><ul><li>It is considered the simplest digital signature scheme to be provably secure in a random oracle model. </li></ul><ul><li>The Algorithm goes this way: </li></ul><ul><li>Choosing parameters </li></ul><ul><li>All users of the signature scheme agree on a group  G  with generator  g  of prime order  q  in which the discrete log problem is hard. Typically a Schnorr group is used. </li></ul><ul><li>All users agree on a cryptographic hash function H. </li></ul><ul><li>Key generation </li></ul><ul><li>Signing </li></ul><ul><li>Verifying </li></ul>
  17. 19. Digital Signature Standard (DSS) <ul><li>The DSA is used by a signatory to generate a digital signature on data and by a verifier to verify the authenticity of the signature. </li></ul><ul><li>Each signatory has a public and private key. </li></ul><ul><li>For both signature generation and verification, the data which is referred to as a message, M, is reduced by means of the Secure Hash Algorithm (SHA) </li></ul><ul><li>The DSA makes use of the following parameters: </li></ul><ul><li>p = a prime modulus, where 2 L-1  < p < 2 L  for 512 = < L = <1024 and L a multiple of 64 </li></ul><ul><li>q = a prime divisor of p - 1, where 2 159  < q < 2 160   </li></ul><ul><li>g = h (p-1)/q  mod p, where h is any integer with 1 < h < p - 1 such that h (p-1)/q  mod p > 1 (g has order q mod p) </li></ul><ul><li>k = a randomly or pseudorandomly generated integer with 0 < k < q </li></ul><ul><li>The integers p, q, and g can be public and can be common to a group of users. </li></ul><ul><li>A user's private and public keys are x and y, respectively. </li></ul>
  18. 20. Digital Signature Standard (DSS) <ul><li>The signature of a message M is the pair of numbers r and s computed according to the equations below: </li></ul><ul><li>r = (g k  mod p) mod q and  </li></ul><ul><li>s = (k -1 (SHA(M) + xr)) mod q. </li></ul><ul><li>In the above, k -1  is the multiplicative inverse of k, mod q; i.e. (k -1  k) mod q = 1 and 0< k -1 < q. </li></ul><ul><li>The verification process goes as below: </li></ul><ul><li>Let M', r' and s' be the received versions of M, r, and s, respectively, and let y be the public key of the signatory. </li></ul><ul><li>The verifier first checks to see that 0 < r' < q and 0 < s' < q; if either condition is violated the signature shall be rejected. </li></ul><ul><li>If these two conditions are satisfied, the verifier computes  </li></ul><ul><li>w = (s') -1  mod q ; u1 = ((SHA(M')w) mod q ; </li></ul><ul><li>u2 = ((r')w) mod q ; v = (((g) ul  (y) u2 ) mod p) mod q.  </li></ul><ul><li>If v = r', then the signature is verified else if v != r’ then the received message could have been modified and hence not authentic </li></ul>
  19. 21. <ul><li>The digital signature is that which makes a document a legal one. </li></ul><ul><li>It is a representation of assuring that the document meats all legal and is authentic in its framework. </li></ul><ul><li>The actual digital signature provides the following: </li></ul><ul><li>• Evidence </li></ul><ul><li>• Ceremony </li></ul><ul><li>• Approval </li></ul><ul><li>• Efficiency </li></ul>Legal Aspects of Digital Signatures
  20. 22. <ul><ul><li>Advantages </li></ul></ul><ul><li>Authentication , identification of the person that signs. </li></ul>Advantages of Digital Signatures Integrity of data , every change will be detected. Non repudiation , because the author cannot be denied of his work (he created and sent). Imposter prevention Elimination of possibility of committing fraud by an imposter
  21. 23. The disadvantages of using digital signatures involve the primary avenue for any business: money. Though the use of Digital Signatures is very powerful way to secure and authenticate a message or document, its advantages are hampered by lost or theft of keys and the use of vulnerable storage facilities. A number of Digital Signature standard exist which are incompatible with each other and there is a strong need of a standard through which these different methods (keys) can interact. Disadvantages
  22. 24. Q U E R I E s ?

×