2. Define four aspects of security in a network: privacy,
authentication, integrity, and nonrepudiation.
Understand how these aspects can be achieved using
encryption and decryption.
Understand the difference between secret-key and
public-key encryption.
OBJECTIVES
Realize how a digital signature can provide privacy,
integrity, and nonrepudiation.
3. Aspects of security
Privacy :only the sender and the receiver of the message are
able to understand the contents of the messages.
Authentication : the receiver needs to be sure of the sender’s
identity.(vice versa)
Integrity : the contents of the message should not be changed
during transmission.
Non-repudiation: a secure system needs to prove that the
sender actually sent the message.
4. Privacy/Confidentiality/Secrecy
The privacy can be achieved using encryption / decryption
methods.
Two categories of encryption/decryption:
Secret key(Symmetric key)
Public key(Asymmetric key)
5. Secret key encryption
Ciphertext : data are encrypted
Plaintext : the data are not encrypted
Note that the secret key encryption algorithms are often
referred to as symmetric encryption algorithms.
6. Symmetric encryption
A Single key, a shared key
Encrypt with the key
Decrypt with the same key
Secret key
Keep it secret!
If it gets out, you’ll need another key
Does not scale very well
Give the key to a lot of people
Watch them lose the key
Very fast to use
Not a lot of overhead
Often combined with asymmetric encryption
12. Digital signature
Digital signature
When an author signs a document, it cannot be changed.
When you send a document electronically, you can also sign it.
Digital signature can be done in two ways:
You can sign the whole document
You can sign a digest(piece) of the document
A digital signature is basically a way to answer that
an electronic document (email, spreadsheet, text
file etc.) is authentic.
13. Digital Signature Algorithm
Digital Signature can be used to identify the message source
and the integrity of the message by using specialised Digital
Signature Algorithm(DSA).
Slightest modification in then message would discard the
message and report back to its sender…
14. Hashing
M(P1)=H
M = Hash function
P1= Plain Text
H1= Hash Value
For Example
Input number: 191089
Hashing algorithm: Input number x 243
Hash value: 46434627
15. Signing the document
Step-1: The original text/document goes through the hash
algorithm to generate a hash value, say H1
Step-2: This hash value H1 is encrypted by using the
signer’s(sender’s) Private key to generate the digital
signature, say D1
Step-3: This digital signature combined with the original text
becomes the ‘Digitally signed document’ and send over the
public/ private network.
16. Verifying the document
Step-1: The document part is hashed to generate a value, say
H2.
Step-2: The digital signature D1 is decrypted by using the
Public key of the sender to generate another value, say H3.
Step-3: If H2 and H3 matches then the authenticity of the
document is verified otherwise the document generated may
not be exact!