SlideShare a Scribd company logo

Digital signature

Download as PPT, PDF
AJAL A J
AJAL A J

Easy for the signer to sign a message There is no point in having a digital signature scheme that involves the signer needing to use slow and complex operations to compute a digital signature. Easy for anyone to verify a message Similarly we would like the verification of a digital signature to be as efficient as possible. Hard for anyone to forge a digital signature It should be practically impossible for anyone who is not the legitimate signer to compute a digital signature on a message that appears to be valid. By “appears to be valid” we mean that anyone who attempts to verify the digital signature is led to believe that they have just successfully verified a valid digital signature on a message.

Engineering
1 of 31
E- Business & need of Digital Signature
Electronic payments: the players Consumer Merchant Financial institutions Physical tokens representing value
Digital cash 01011010110101011101011010101101 01101010110101101010110101011010 10110111101011111011010000000110 101010110101 Since digital cash is represented by data, it is easily replicated. How do we prevent: •Counterfeiting? •Multiple spending?
4 Electronic signatures The European Community Directive on electronic signatures refers to the concept of an electronic signature as: data in electronic form attached to, or logically connected with, other electronic data and which serves as a method of authentication What different things can you think of that might satisfy this rather vague notion of an electronic signature?
5 Advanced electronic signatures The European Community Directive on electronic signatures also refers to the concept of an advanced electronic signature as: an electronic signature that is: 1. uniquely linked to the signatory 2. capable of identifying the signatory 3. created using means under the sole control of the signatory 4. linked to data to which it relates in such a way that subsequent changes in the data is detectable
6 Security requirements • Data origin authentication of the signer – A digital signature validates the message in the sense that assurance is provided about the integrity of the message and of the identity of the entity that signed the message. • Non-repudiation – A digital signature can be stored by anyone who receives the signed message as evidence that the message was sent and of who sent it. This evidence could later be presented to a third party who could use the evidence to resolve any dispute that relates to the contents and/or origin of the message. We will define a digital signature on a message to be some data that provides:
7 Symmetric-key ciphers: Block ciphers Stream ciphers Public-key ciphers Cryptographic goals Confidentiality Data integrity Authentication Non-repudiation Message authentication Entity authenticationArbitrary length hash functions Message Authentication codes (MACs) Digital signatures Authentication primitives Digital signatures MACs Digital signatures
8 Input to a digital signature • The message – Since a digital signature needs to offer data origin authentication (and non-repudiation) it is clear that the digital signature itself must be a piece of data that depends on the message, and cannot be a completely separate identifier. – It may be sent as a separate piece of data to the message, but its computation must involve the message. • A secret parameter known only by the signer – Since a digital signature needs to offer non-repudiation, its calculation must involve a secret parameter that is known only by the signer. – The only possible exception to this rule is if the other entity is totally trusted by all parties involved in the signing and verifying of digital signatures.
9 Properties of a digital signature • Easy for the signer to sign a message – There is no point in having a digital signature scheme that involves the signer needing to use slow and complex operations to compute a digital signature. • Easy for anyone to verify a message – Similarly we would like the verification of a digital signature to be as efficient as possible. • Hard for anyone to forge a digital signature – It should be practically impossible for anyone who is not the legitimate signer to compute a digital signature on a message that appears to be valid. By “appears to be valid” we mean that anyone who attempts to verify the digital signature is led to believe that they have just successfully verified a valid digital signature on a message.
•is a type of asymmetric cryptography used to simulate the security properties of a signature in digital, rather than written, form. Digital signature schemes normally give two algorithms, one for signing which involves the user's secret or private key, and one for verifying signatures which involves the user's public key. The output of the signature process is called the "digital signature.“ •is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged. Digital signatures are easily transportable, cannot be imitated by someone else, and can be automatically time-stamped. The ability to ensure that the original signed message arrived means that the sender cannot easily repudiate it later. What is a digital signature?
• The use of digital signatures usually involves two processes, one performed by the signer and the other by the receiver of the digital signature: • Digital signature creation uses a hash result derived from and unique to both the signed message and a given private key. For the hash result to be secure, there must be only a negligible possibility that the same digital signature could be created by the combination of any other message or private key. • Digital signature verification is the process of checking the digital signature by reference to the original message and a given public key, thereby determining whether the digital signature was created for that same message using the private key that corresponds to the referenced public key. How it works
Paper Signatures V/s Digital Signatures Parameter Paper Electronic Authenticity May be forged Can not be copied Integrity Signature independent of the document Signature depends on the contents of the document Non- repudiation a. Handwriting expert needed b. Error prone a. Any computer user b. Error free V/s
Electronic RecordElectronic Record 1. Very easy to make copies 2. Very fast distribution 3. Easy archiving and retrieval 4. Copies are as good as original 5. Easily modifiable 6. Environmental Friendly Because of 4 & 5 together, these lack authenticity
Digital signatures employ a type of Asymmetric Cryptography. The Scheme typically consists of three Algorithms  A key generation algorithm that selects a private key uniformly at random from a set of possible private keys. The algorithm outputs the private key and a corresponding public key.  A signing algorithm that, given a message and a private key, produces a signature.  A signature verifying algorithm that, given a message, public key and a signature, either accepts or rejects the message's claim to authenticity Hash value of a message when encrypted with the private key of a person is his digital signature on that e-Document
Digital SignaturesDigital Signatures Each individual generates his own key pair [Public key known to everyone & Private key only to the owner] Private Key – Used for making Digital Signature Public Key – Used to verify the Digital Signature
Smart Card iKey Hardware Tokens
Example • Assume you were going to send the draft of a contract to your lawyer in another town. You want to give your lawyer the assurance that it was unchanged from what you sent and that it is really from you. 1. You copy-and-paste the contract (it's a short one!) into an e-mail note. 2. Using special software, you obtain a message hash (mathematical summary) of the contract. 3. You then use a private key that you have previously obtained from a public-private key authority to encrypt the hash. 4. The encrypted hash becomes your digital signature of the message. (Note that it will be different each time you send a message.) • At the other end, your lawyer receives the message. 1. To make sure it's intact and from you, your lawyer makes a hash of the received message. 2. Your lawyer then uses your public key to decrypt the message hash or summary. 3. If the hashes match, the received message is valid.
18 Hash functions 1. Condenses arbitrary long inputs into a fixed length output – You stuff as much data as you want into the function, and it churns out an output (or hash) that is always the same fixed length. – In general this hash is much smaller than the data that was put into the function. – Because the hash is a smaller thing that represents a larger thing, it sometimes referred to as a digest, and the hash function as a message digest function. A hash function is a mathematical function that generally has the following three properties:
19 Hash functions 2. Is one-way – The hash function should be easy to compute, but given the hash of some data it should be very hard to recover the original data from the hash. 3. It is hard to find two inputs with the same output – It should be hard to find two different inputs (of any length) that when fed into the hash function result in the same hash (collision free). – Note that it is impossible for a hash function not to have collisions. If arbitrarily large inputs are all being reduced to a fixed length hash then there will be lots of collisions. (For example - it is impossible to give each of 60 million people a different 4 digit PIN.) The point is that these collisions should be hard to find.
Message Hash Function Message Digest Signature Function Digital Signature Message Signature Private Key
Message Hash Function Message Digest Digest Signature Signature Function Message Digest If the message digest are identical, the signature is valid. If they are different, the signature is not valid. Signer’s Public Key
Digital Signatures • Digital Signatures are numbers • Same Length – 40 digits • They are document content dependent I am George kutty efcc61c1c03db8d8ea8569545c073c814a0ed755 My place of birth is at Thrissur. fe1188eecd44ee23e13c4b6655edc8cd5cdb6f25 I am 27 years old. 0e6d7d56c4520756f59235b6ae981cdb5f9820a0 I am an Engineer. ea0ae29b3b2c20fc018aaca45c3746a057b893e7 I am a Engineer. 01f1d8abd9c2e6130870842055d97d315dff1ea3 • These are digital signatures of same person on different documents
• Application Request • Issuance of Digital Signatures • Accessing Website with Membership ID for Enrollment of Request On line • Driver Downloading • Member Login How To Get & Use Digital Signature
Benefits of digital signatures These are common reasons for applying a digital signature to communications: • Authentication Although messages may often include information about the entity sending a message, that information may not be accurate. Digital signatures can be used to authenticate the source of messages. When ownership of a digital signature secret key is bound to a specific user, a valid signature shows that the message was sent by that user. The importance of high confidence in sender authenticity is especially obvious in a financial context. For example, suppose a bank's branch office sends instructions to the central office requesting a change in the balance of an account. If the central office is not convinced that such a message is truly sent from an authorized source, acting on such a request could be a grave mistake. • Integrity In many scenarios, the sender and receiver of a message may have a need for confidence that the message has not been altered during transmission. Although encryption hides the contents of a message, it may be possible to change an encrypted message without understanding it. (Some encryption algorithms, known as nonmalleable ones, prevent this, but others do not.) However, if a message is digitally signed, any change in the message will invalidate the signature. Furthermore, there is no efficient way to modify a message and its signature to produce a new message with a valid signature, because this is still considered to be computationally infeasible by most cryptographic hash functions.
Drawbacks of digital signatures Despite their usefulness, digital signatures do not alone solve all the problems we might wish them to. Non-repudiation In a cryptographic context, the word repudiation refers to the act of disclaiming responsibility for a message. A message's recipient may insist the sender attach a signature in order to make later repudiation more difficult, since the recipient can show the signed message to a third party (eg, a court) to reinforce a claim as to its signatories and integrity. However, loss of control over a user's private key will mean that all digital signatures using that key, and so ostensibly 'from' that user, are suspect. Nonetheless, a user cannot repudiate a signed message without repudiating their signature key.
Prevention From Misuse
Prevention From Misuse  Don’t Hand over you DSC Media USB/Card to any one  Don’t tell your PIN to anyone  Document Digitally Signed carries same legal status as manually signing as per the IT Act
To prevent this misuse… • Assign each user fixed keys • Usually be done by third party: VeriSign… • Moreover, common good practice: sign first, encrypt later.
Questions? 1. In the digital signature who use the private key and who use the public key? Private key: sender Public key: receiver 2. What are the benefits of digital signatures? Authentication and Integrity

Recommended

Digital Signature
Digital SignatureDigital Signature
Digital Signaturesaurav5884
 
Digital Signature
Digital SignatureDigital Signature
Digital SignatureMohamed Talaat
 
Digital signature
Digital signatureDigital signature
Digital signatureNisha Menon K
 
Digital certificates
Digital certificatesDigital certificates
Digital certificatesSimmi Kamra
 
Digital signature
Digital signatureDigital signature
Digital signatureAJAL A J
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)Soham Kansodaria
 
Digital signatures
Digital signaturesDigital signatures
Digital signaturesIshwar Dayal
 
Digital signature
Digital signatureDigital signature
Digital signaturePraseela R
 

Recommended

Digital Signature
Digital SignatureDigital Signature
Digital Signaturesaurav5884
 
Digital Signature
Digital SignatureDigital Signature
Digital SignatureMohamed Talaat
 
Digital signature
Digital signatureDigital signature
Digital signatureNisha Menon K
 
Digital certificates
Digital certificatesDigital certificates
Digital certificatesSimmi Kamra
 
Digital signature
Digital signatureDigital signature
Digital signatureAJAL A J
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)Soham Kansodaria
 
Digital signatures
Digital signaturesDigital signatures
Digital signaturesIshwar Dayal
 
Digital signature
Digital signatureDigital signature
Digital signaturePraseela R
 
Digital Signature
Digital SignatureDigital Signature
Digital Signaturenayakslideshare
 
Digital signature
Digital signatureDigital signature
Digital signature9799907840kd
 
Digital signatures
Digital signaturesDigital signatures
Digital signaturesReachLocal Services India
 
What is a Digital Signature? | How Digital Signature work?
What is a Digital Signature? | How Digital Signature work?What is a Digital Signature? | How Digital Signature work?
What is a Digital Signature? | How Digital Signature work?MSA Technosoft
 
Digital signature
Digital signatureDigital signature
Digital signatureHossain Md Shakhawat
 
Digital signature
Digital signatureDigital signature
Digital signatureYash Karanke
 
Digital signature & certificate
Digital signature & certificateDigital signature & certificate
Digital signature & certificateNetGains Technologies Pvt. Ltd.
 
Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Venkatesh Jambulingam
 
Digital signature
Digital signatureDigital signature
Digital signatureFilipp Kolobov
 
Secure electronic transaction (set)
Secure electronic transaction (set)Secure electronic transaction (set)
Secure electronic transaction (set)Agnė Chomentauskaitė
 
Digital Signature ppt
Digital Signature pptDigital Signature ppt
Digital Signature pptOECLIB Odisha Electronics Control Library
 
Digital signature
Digital signatureDigital signature
Digital signatureCHESStest{perfect Kadhu}
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network SecurityPa Van Tanku
 
Digital signature & eSign overview
Digital signature & eSign overviewDigital signature & eSign overview
Digital signature & eSign overviewRishi Pathak
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptkusum sharma
 
Digital signature
Digital signatureDigital signature
Digital signatureMohanasundaram Nattudurai
 
Cryptography
CryptographyCryptography
CryptographyKalyani Government Engineering College
 
Cryptography
CryptographyCryptography
Cryptographygueste4c97e
 
E mail security using Certified Electronic Mail (CEM)
E mail security using Certified Electronic Mail (CEM)E mail security using Certified Electronic Mail (CEM)
E mail security using Certified Electronic Mail (CEM)Pankaj Bhambhani
 
Blockchain and Cryptocurrency for Dummies
Blockchain and Cryptocurrency for DummiesBlockchain and Cryptocurrency for Dummies
Blockchain and Cryptocurrency for DummiesNarudom Roongsiriwong, CISSP
 
Digital Signatures
Digital SignaturesDigital Signatures
Digital SignaturesSumanth Paramesh
 
Digital signature introduction
Digital signature introductionDigital signature introduction
Digital signature introductionAsim Neupane
 

More Related Content

What's hot

What is a Digital Signature? | How Digital Signature work?
What is a Digital Signature? | How Digital Signature work?What is a Digital Signature? | How Digital Signature work?
What is a Digital Signature? | How Digital Signature work?MSA Technosoft
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network SecurityPa Van Tanku
 
Digital signature & eSign overview
Digital signature & eSign overviewDigital signature & eSign overview
Digital signature & eSign overviewRishi Pathak
 
E mail security using Certified Electronic Mail (CEM)
E mail security using Certified Electronic Mail (CEM)E mail security using Certified Electronic Mail (CEM)
E mail security using Certified Electronic Mail (CEM)Pankaj Bhambhani
 

What's hot (20)

Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Digital signatures
Digital signaturesDigital signatures
Digital signatures
 
What is a Digital Signature? | How Digital Signature work?
What is a Digital Signature? | How Digital Signature work?What is a Digital Signature? | How Digital Signature work?
What is a Digital Signature? | How Digital Signature work?
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Digital signature & certificate
Digital signature & certificateDigital signature & certificate
Digital signature & certificate
 
Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Public key Infrastructure (PKI)
Public key Infrastructure (PKI)
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Secure electronic transaction (set)
Secure electronic transaction (set)Secure electronic transaction (set)
Secure electronic transaction (set)
 
Digital Signature ppt
Digital Signature pptDigital Signature ppt
Digital Signature ppt
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
 
Digital signature & eSign overview
Digital signature & eSign overviewDigital signature & eSign overview
Digital signature & eSign overview
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
E mail security using Certified Electronic Mail (CEM)
E mail security using Certified Electronic Mail (CEM)E mail security using Certified Electronic Mail (CEM)
E mail security using Certified Electronic Mail (CEM)
 
Blockchain and Cryptocurrency for Dummies
Blockchain and Cryptocurrency for DummiesBlockchain and Cryptocurrency for Dummies
Blockchain and Cryptocurrency for Dummies
 

Viewers also liked

Digital signature introduction
Digital signature introductionDigital signature introduction
Digital signature introductionAsim Neupane
 
DIGITAL SIGNATURE
DIGITAL SIGNATUREDIGITAL SIGNATURE
DIGITAL SIGNATUREravijain90
 
Cryptography and applications
Cryptography and applicationsCryptography and applications
Cryptography and applicationsthai
 
Digital signature 2
Digital signature 2Digital signature 2
Digital signature 2Ankita Dave
 
Seminar ppt on digital signature
Seminar ppt on digital signatureSeminar ppt on digital signature
Seminar ppt on digital signaturejolly9293
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signaturesRohit Bhat
 
Electronic Health Records - Privacy Concerns, by Phil Booth (National Coordin...
Electronic Health Records - Privacy Concerns, by Phil Booth (National Coordin...Electronic Health Records - Privacy Concerns, by Phil Booth (National Coordin...
Electronic Health Records - Privacy Concerns, by Phil Booth (National Coordin...Colin Mitchell
 
Electronic Records and Signatures
Electronic Records and SignaturesElectronic Records and Signatures
Electronic Records and SignaturesClientSide
 
Digital Signatures
Digital SignaturesDigital Signatures
Digital SignaturesEhtisham Ali
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
Dss digital signature standard and dsa algorithm
Dss digital signature standard and dsa algorithmDss digital signature standard and dsa algorithm
Dss digital signature standard and dsa algorithmAbhishek Kesharwani
 
Distribution of public keys and hmac
Distribution of public keys and hmacDistribution of public keys and hmac
Distribution of public keys and hmacanuragjagetiya
 
Digital signatures
Digital signatures Digital signatures
Digital signaturesSTUDENT
 

Viewers also liked (20)

Digital Signatures
Digital SignaturesDigital Signatures
Digital Signatures
 
Digital signature introduction
Digital signature introductionDigital signature introduction
Digital signature introduction
 
DIGITAL SIGNATURE
DIGITAL SIGNATUREDIGITAL SIGNATURE
DIGITAL SIGNATURE
 
Cryptography and applications
Cryptography and applicationsCryptography and applications
Cryptography and applications
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Digital signature 2
Digital signature 2Digital signature 2
Digital signature 2
 
Cryptography
CryptographyCryptography
Cryptography
 
Seminar ppt on digital signature
Seminar ppt on digital signatureSeminar ppt on digital signature
Seminar ppt on digital signature
 
Dsa & Digi Cert
Dsa & Digi CertDsa & Digi Cert
Dsa & Digi Cert
 
Cryptography
CryptographyCryptography
Cryptography
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signatures
 
Electronic Health Records - Privacy Concerns, by Phil Booth (National Coordin...
Electronic Health Records - Privacy Concerns, by Phil Booth (National Coordin...Electronic Health Records - Privacy Concerns, by Phil Booth (National Coordin...
Electronic Health Records - Privacy Concerns, by Phil Booth (National Coordin...
 
Electronic Records and Signatures
Electronic Records and SignaturesElectronic Records and Signatures
Electronic Records and Signatures
 
Digital Signatures
Digital SignaturesDigital Signatures
Digital Signatures
 
Fuzzy Set | Statistics
Fuzzy Set | StatisticsFuzzy Set | Statistics
Fuzzy Set | Statistics
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
 
Dss digital signature standard and dsa algorithm
Dss digital signature standard and dsa algorithmDss digital signature standard and dsa algorithm
Dss digital signature standard and dsa algorithm
 
Distribution of public keys and hmac
Distribution of public keys and hmacDistribution of public keys and hmac
Distribution of public keys and hmac
 
Digital signatures
Digital signatures Digital signatures
Digital signatures
 
Fuzzy Set
Fuzzy SetFuzzy Set
Fuzzy Set
 

Similar to Digital signature

E business--dig sig
E business--dig sigE business--dig sig
E business--dig sigravik09783
 
Information Security (Digital Signatures)
Information Security (Digital Signatures)Information Security (Digital Signatures)
Information Security (Digital Signatures)Zara Nawaz
 
Digital signature.pptx
Digital signature.pptxDigital signature.pptx
Digital signature.pptxDaveN31
 
Asymmetric Cryptography digital sig.pptx
Asymmetric Cryptography digital sig.pptxAsymmetric Cryptography digital sig.pptx
Asymmetric Cryptography digital sig.pptxamshal
 
Digital Signature in Indian Evidence act .pptx
Digital Signature in Indian Evidence act .pptxDigital Signature in Indian Evidence act .pptx
Digital Signature in Indian Evidence act .pptx9jz8vgkshv
 
Digital Signatdsbuisduifhudosffdosfure.pptx
Digital Signatdsbuisduifhudosffdosfure.pptxDigital Signatdsbuisduifhudosffdosfure.pptx
Digital Signatdsbuisduifhudosffdosfure.pptxMuthuvasanSR
 
Ecommerce 27-1.pptx
Ecommerce 27-1.pptxEcommerce 27-1.pptx
Ecommerce 27-1.pptxAkash588342
 
Creation & Verification of Digital Signature using Digisigner
Creation & Verification of Digital Signature using DigisignerCreation & Verification of Digital Signature using Digisigner
Creation & Verification of Digital Signature using DigisignerPalash Mehar
 

Similar to Digital signature (20)

Digital signatures and e-Commerce
Digital signatures and e-CommerceDigital signatures and e-Commerce
Digital signatures and e-Commerce
 
E business--dig sig
E business--dig sigE business--dig sig
E business--dig sig
 
Information Security (Digital Signatures)
Information Security (Digital Signatures)Information Security (Digital Signatures)
Information Security (Digital Signatures)
 
Digital_signature_ppt.pptx
Digital_signature_ppt.pptxDigital_signature_ppt.pptx
Digital_signature_ppt.pptx
 
Digital signature.pptx
Digital signature.pptxDigital signature.pptx
Digital signature.pptx
 
D.Silpa
D.SilpaD.Silpa
D.Silpa
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Asymmetric Cryptography digital sig.pptx
Asymmetric Cryptography digital sig.pptxAsymmetric Cryptography digital sig.pptx
Asymmetric Cryptography digital sig.pptx
 
Ds over
Ds overDs over
Ds over
 
Unit v
Unit vUnit v
Unit v
 
Digital Signature in Indian Evidence act .pptx
Digital Signature in Indian Evidence act .pptxDigital Signature in Indian Evidence act .pptx
Digital Signature in Indian Evidence act .pptx
 
Digital Signatdsbuisduifhudosffdosfure.pptx
Digital Signatdsbuisduifhudosffdosfure.pptxDigital Signatdsbuisduifhudosffdosfure.pptx
Digital Signatdsbuisduifhudosffdosfure.pptx
 
Digital Signatures
Digital SignaturesDigital Signatures
Digital Signatures
 
Ecommerce 27-1.pptx
Ecommerce 27-1.pptxEcommerce 27-1.pptx
Ecommerce 27-1.pptx
 
SHA_and_DS.pdf
SHA_and_DS.pdfSHA_and_DS.pdf
SHA_and_DS.pdf
 
Cryptography
CryptographyCryptography
Cryptography
 
Creation & Verification of Digital Signature using Digisigner
Creation & Verification of Digital Signature using DigisignerCreation & Verification of Digital Signature using Digisigner
Creation & Verification of Digital Signature using Digisigner
 
Digital signatur
Digital signaturDigital signatur
Digital signatur
 
Digital signturue
Digital signturueDigital signturue
Digital signturue
 

More from AJAL A J

KEAM KERALA ENTRANCE EXAM
KEAM KERALA ENTRANCE EXAMKEAM KERALA ENTRANCE EXAM
KEAM KERALA ENTRANCE EXAMAJAL A J
 
Paleontology Career
Paleontology CareerPaleontology Career
Paleontology CareerAJAL A J
 
CHEMISTRY basic concepts of chemistry
CHEMISTRY basic concepts of chemistryCHEMISTRY basic concepts of chemistry
CHEMISTRY basic concepts of chemistryAJAL A J
 
Biogeochemical cycles
Biogeochemical cyclesBiogeochemical cycles
Biogeochemical cyclesAJAL A J
 
ac dc bridges
ac dc bridgesac dc bridges
ac dc bridgesAJAL A J
 
Hays bridge schering bridge wien bridge
Hays bridge schering bridge wien bridgeHays bridge schering bridge wien bridge
Hays bridge schering bridge wien bridgeAJAL A J
 
App Naming Tip
App Naming Tip App Naming Tip
App Naming Tip AJAL A J
 
flora and fauna of himachal pradesh and kerala
flora and fauna of himachal pradesh and keralaflora and fauna of himachal pradesh and kerala
flora and fauna of himachal pradesh and keralaAJAL A J
 
B.Sc Cardiovascular Technology(CVT)
B.Sc Cardiovascular Technology(CVT) B.Sc Cardiovascular Technology(CVT)
B.Sc Cardiovascular Technology(CVT) AJAL A J
 
11 business strategies to make profit
11 business strategies to make profit 11 business strategies to make profit
11 business strategies to make profit AJAL A J
 
PCOS Polycystic Ovary Syndrome
PCOS Polycystic Ovary SyndromePCOS Polycystic Ovary Syndrome
PCOS Polycystic Ovary SyndromeAJAL A J
 
Courses and Career Options after Class 12 in Humanities
Courses and Career Options after Class 12 in HumanitiesCourses and Career Options after Class 12 in Humanities
Courses and Career Options after Class 12 in HumanitiesAJAL A J
 
MANAGEMENT Stories
MANAGEMENT Stories MANAGEMENT Stories
MANAGEMENT StoriesAJAL A J
 
NEET PREPRATION TIPS AND STRATEGY
NEET PREPRATION TIPS AND STRATEGYNEET PREPRATION TIPS AND STRATEGY
NEET PREPRATION TIPS AND STRATEGYAJAL A J
 
REVOLUTIONS IN AGRICULTURE
REVOLUTIONS IN AGRICULTUREREVOLUTIONS IN AGRICULTURE
REVOLUTIONS IN AGRICULTUREAJAL A J
 
NRI QUOTA IN NIT'S
NRI QUOTA IN NIT'S NRI QUOTA IN NIT'S
NRI QUOTA IN NIT'S AJAL A J
 
Subjects to study if you want to work for a charity
Subjects to study if you want to work for a charitySubjects to study if you want to work for a charity
Subjects to study if you want to work for a charityAJAL A J
 
IIT JEE A KERALA PERSPECTIVE
IIT JEE A KERALA PERSPECTIVE IIT JEE A KERALA PERSPECTIVE
IIT JEE A KERALA PERSPECTIVE AJAL A J
 
Clat 2020 exam COMPLETE DETAILS
Clat 2020 exam COMPLETE DETAILSClat 2020 exam COMPLETE DETAILS
Clat 2020 exam COMPLETE DETAILSAJAL A J
 

More from AJAL A J (20)

KEAM KERALA ENTRANCE EXAM
KEAM KERALA ENTRANCE EXAMKEAM KERALA ENTRANCE EXAM
KEAM KERALA ENTRANCE EXAM
 
Paleontology Career
Paleontology CareerPaleontology Career
Paleontology Career
 
CHEMISTRY basic concepts of chemistry
CHEMISTRY basic concepts of chemistryCHEMISTRY basic concepts of chemistry
CHEMISTRY basic concepts of chemistry
 
Ecology
EcologyEcology
Ecology
 
Biogeochemical cycles
Biogeochemical cyclesBiogeochemical cycles
Biogeochemical cycles
 
ac dc bridges
ac dc bridgesac dc bridges
ac dc bridges
 
Hays bridge schering bridge wien bridge
Hays bridge schering bridge wien bridgeHays bridge schering bridge wien bridge
Hays bridge schering bridge wien bridge
 
App Naming Tip
App Naming Tip App Naming Tip
App Naming Tip
 
flora and fauna of himachal pradesh and kerala
flora and fauna of himachal pradesh and keralaflora and fauna of himachal pradesh and kerala
flora and fauna of himachal pradesh and kerala
 
B.Sc Cardiovascular Technology(CVT)
B.Sc Cardiovascular Technology(CVT) B.Sc Cardiovascular Technology(CVT)
B.Sc Cardiovascular Technology(CVT)
 
11 business strategies to make profit
11 business strategies to make profit 11 business strategies to make profit
11 business strategies to make profit
 
PCOS Polycystic Ovary Syndrome
PCOS Polycystic Ovary SyndromePCOS Polycystic Ovary Syndrome
PCOS Polycystic Ovary Syndrome
 
Courses and Career Options after Class 12 in Humanities
Courses and Career Options after Class 12 in HumanitiesCourses and Career Options after Class 12 in Humanities
Courses and Career Options after Class 12 in Humanities
 
MANAGEMENT Stories
MANAGEMENT Stories MANAGEMENT Stories
MANAGEMENT Stories
 
NEET PREPRATION TIPS AND STRATEGY
NEET PREPRATION TIPS AND STRATEGYNEET PREPRATION TIPS AND STRATEGY
NEET PREPRATION TIPS AND STRATEGY
 
REVOLUTIONS IN AGRICULTURE
REVOLUTIONS IN AGRICULTUREREVOLUTIONS IN AGRICULTURE
REVOLUTIONS IN AGRICULTURE
 
NRI QUOTA IN NIT'S
NRI QUOTA IN NIT'S NRI QUOTA IN NIT'S
NRI QUOTA IN NIT'S
 
Subjects to study if you want to work for a charity
Subjects to study if you want to work for a charitySubjects to study if you want to work for a charity
Subjects to study if you want to work for a charity
 
IIT JEE A KERALA PERSPECTIVE
IIT JEE A KERALA PERSPECTIVE IIT JEE A KERALA PERSPECTIVE
IIT JEE A KERALA PERSPECTIVE
 
Clat 2020 exam COMPLETE DETAILS
Clat 2020 exam COMPLETE DETAILSClat 2020 exam COMPLETE DETAILS
Clat 2020 exam COMPLETE DETAILS
 

Recently uploaded

Automobile Management System Project Report.pdf
Automobile Management System Project Report.pdfAutomobile Management System Project Report.pdf
Automobile Management System Project Report.pdfKamal Acharya
 
Quality defects in TMT Bars, Possible causes and Potential Solutions.
Quality defects in TMT Bars, Possible causes and Potential Solutions.Quality defects in TMT Bars, Possible causes and Potential Solutions.
Quality defects in TMT Bars, Possible causes and Potential Solutions.PrashantGoswami42
 
Introduction to Machine Learning Unit-5 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-5 Notes for II-II Mechanical EngineeringIntroduction to Machine Learning Unit-5 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-5 Notes for II-II Mechanical EngineeringC Sai Kiran
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationRobbie Edward Sayers
 
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Dr.Costas Sachpazis
 
Event Management System Vb Net Project Report.pdf
Event Management System Vb Net Project Report.pdfEvent Management System Vb Net Project Report.pdf
Event Management System Vb Net Project Report.pdfKamal Acharya
 
Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptx
Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptxCloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptx
Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptxMd. Shahidul Islam Prodhan
 
Courier management system project report.pdf
Courier management system project report.pdfCourier management system project report.pdf
Courier management system project report.pdfKamal Acharya
 
LIGA(E)11111111111111111111111111111111111111111.ppt
LIGA(E)11111111111111111111111111111111111111111.pptLIGA(E)11111111111111111111111111111111111111111.ppt
LIGA(E)11111111111111111111111111111111111111111.pptssuser9bd3ba
 
NO1 Pandit Amil Baba In Bahawalpur, Sargodha, Sialkot, Sheikhupura, Rahim Yar...
NO1 Pandit Amil Baba In Bahawalpur, Sargodha, Sialkot, Sheikhupura, Rahim Yar...NO1 Pandit Amil Baba In Bahawalpur, Sargodha, Sialkot, Sheikhupura, Rahim Yar...
NO1 Pandit Amil Baba In Bahawalpur, Sargodha, Sialkot, Sheikhupura, Rahim Yar...Amil baba
 
fundamentals of drawing and isometric and orthographic projection
fundamentals of drawing and isometric and orthographic projectionfundamentals of drawing and isometric and orthographic projection
fundamentals of drawing and isometric and orthographic projectionjeevanprasad8
 
Final project report on grocery store management system..pdf
Final project report on grocery store management system..pdfFinal project report on grocery store management system..pdf
Final project report on grocery store management system..pdfKamal Acharya
 
RS Khurmi Machine Design Clutch and Brake Exercise Numerical Solutions
RS Khurmi Machine Design Clutch and Brake Exercise Numerical SolutionsRS Khurmi Machine Design Clutch and Brake Exercise Numerical Solutions
RS Khurmi Machine Design Clutch and Brake Exercise Numerical SolutionsAtif Razi
 
Immunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary AttacksImmunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary Attacksgerogepatton
 
Top 13 Famous Civil Engineering Scientist
Top 13 Famous Civil Engineering ScientistTop 13 Famous Civil Engineering Scientist
Top 13 Famous Civil Engineering Scientistgettygaming1
 
Explosives Industry manufacturing process.pdf
Explosives Industry manufacturing process.pdfExplosives Industry manufacturing process.pdf
Explosives Industry manufacturing process.pdf884710SadaqatAli
 
Natalia Rutkowska - BIM School Course in Kraków
Natalia Rutkowska - BIM School Course in KrakówNatalia Rutkowska - BIM School Course in Kraków
Natalia Rutkowska - BIM School Course in Krakówbim.edu.pl
 
CME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional ElectiveCME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional Electivekarthi keyan
 
Introduction to Casting Processes in Manufacturing
Introduction to Casting Processes in ManufacturingIntroduction to Casting Processes in Manufacturing
Introduction to Casting Processes in Manufacturingssuser0811ec
 
Halogenation process of chemical process industries
Halogenation process of chemical process industriesHalogenation process of chemical process industries
Halogenation process of chemical process industriesMuhammadTufail242431
 

Recently uploaded (20)

Automobile Management System Project Report.pdf
Automobile Management System Project Report.pdfAutomobile Management System Project Report.pdf
Automobile Management System Project Report.pdf
 
Quality defects in TMT Bars, Possible causes and Potential Solutions.
Quality defects in TMT Bars, Possible causes and Potential Solutions.Quality defects in TMT Bars, Possible causes and Potential Solutions.
Quality defects in TMT Bars, Possible causes and Potential Solutions.
 
Introduction to Machine Learning Unit-5 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-5 Notes for II-II Mechanical EngineeringIntroduction to Machine Learning Unit-5 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-5 Notes for II-II Mechanical Engineering
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
 
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
 
Event Management System Vb Net Project Report.pdf
Event Management System Vb Net Project Report.pdfEvent Management System Vb Net Project Report.pdf
Event Management System Vb Net Project Report.pdf
 
Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptx
Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptxCloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptx
Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptx
 
Courier management system project report.pdf
Courier management system project report.pdfCourier management system project report.pdf
Courier management system project report.pdf
 
LIGA(E)11111111111111111111111111111111111111111.ppt
LIGA(E)11111111111111111111111111111111111111111.pptLIGA(E)11111111111111111111111111111111111111111.ppt
LIGA(E)11111111111111111111111111111111111111111.ppt
 
NO1 Pandit Amil Baba In Bahawalpur, Sargodha, Sialkot, Sheikhupura, Rahim Yar...
NO1 Pandit Amil Baba In Bahawalpur, Sargodha, Sialkot, Sheikhupura, Rahim Yar...NO1 Pandit Amil Baba In Bahawalpur, Sargodha, Sialkot, Sheikhupura, Rahim Yar...
NO1 Pandit Amil Baba In Bahawalpur, Sargodha, Sialkot, Sheikhupura, Rahim Yar...
 
fundamentals of drawing and isometric and orthographic projection
fundamentals of drawing and isometric and orthographic projectionfundamentals of drawing and isometric and orthographic projection
fundamentals of drawing and isometric and orthographic projection
 
Final project report on grocery store management system..pdf
Final project report on grocery store management system..pdfFinal project report on grocery store management system..pdf
Final project report on grocery store management system..pdf
 
RS Khurmi Machine Design Clutch and Brake Exercise Numerical Solutions
RS Khurmi Machine Design Clutch and Brake Exercise Numerical SolutionsRS Khurmi Machine Design Clutch and Brake Exercise Numerical Solutions
RS Khurmi Machine Design Clutch and Brake Exercise Numerical Solutions
 
Immunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary AttacksImmunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary Attacks
 
Top 13 Famous Civil Engineering Scientist
Top 13 Famous Civil Engineering ScientistTop 13 Famous Civil Engineering Scientist
Top 13 Famous Civil Engineering Scientist
 
Explosives Industry manufacturing process.pdf
Explosives Industry manufacturing process.pdfExplosives Industry manufacturing process.pdf
Explosives Industry manufacturing process.pdf
 
Natalia Rutkowska - BIM School Course in Kraków
Natalia Rutkowska - BIM School Course in KrakówNatalia Rutkowska - BIM School Course in Kraków
Natalia Rutkowska - BIM School Course in Kraków
 
CME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional ElectiveCME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional Elective
 
Introduction to Casting Processes in Manufacturing
Introduction to Casting Processes in ManufacturingIntroduction to Casting Processes in Manufacturing
Introduction to Casting Processes in Manufacturing
 
Halogenation process of chemical process industries
Halogenation process of chemical process industriesHalogenation process of chemical process industries
Halogenation process of chemical process industries
 

Digital signature

  • 1. E- Business & need of Digital Signature
  • 2. Electronic payments: the players Consumer Merchant Financial institutions Physical tokens representing value
  • 3. Digital cash 01011010110101011101011010101101 01101010110101101010110101011010 10110111101011111011010000000110 101010110101 Since digital cash is represented by data, it is easily replicated. How do we prevent: •Counterfeiting? •Multiple spending?
  • 4. 4 Electronic signatures The European Community Directive on electronic signatures refers to the concept of an electronic signature as: data in electronic form attached to, or logically connected with, other electronic data and which serves as a method of authentication What different things can you think of that might satisfy this rather vague notion of an electronic signature?
  • 5. 5 Advanced electronic signatures The European Community Directive on electronic signatures also refers to the concept of an advanced electronic signature as: an electronic signature that is: 1. uniquely linked to the signatory 2. capable of identifying the signatory 3. created using means under the sole control of the signatory 4. linked to data to which it relates in such a way that subsequent changes in the data is detectable
  • 6. 6 Security requirements • Data origin authentication of the signer – A digital signature validates the message in the sense that assurance is provided about the integrity of the message and of the identity of the entity that signed the message. • Non-repudiation – A digital signature can be stored by anyone who receives the signed message as evidence that the message was sent and of who sent it. This evidence could later be presented to a third party who could use the evidence to resolve any dispute that relates to the contents and/or origin of the message. We will define a digital signature on a message to be some data that provides:
  • 7. 7 Symmetric-key ciphers: Block ciphers Stream ciphers Public-key ciphers Cryptographic goals Confidentiality Data integrity Authentication Non-repudiation Message authentication Entity authenticationArbitrary length hash functions Message Authentication codes (MACs) Digital signatures Authentication primitives Digital signatures MACs Digital signatures
  • 8. 8 Input to a digital signature • The message – Since a digital signature needs to offer data origin authentication (and non-repudiation) it is clear that the digital signature itself must be a piece of data that depends on the message, and cannot be a completely separate identifier. – It may be sent as a separate piece of data to the message, but its computation must involve the message. • A secret parameter known only by the signer – Since a digital signature needs to offer non-repudiation, its calculation must involve a secret parameter that is known only by the signer. – The only possible exception to this rule is if the other entity is totally trusted by all parties involved in the signing and verifying of digital signatures.
  • 9. 9 Properties of a digital signature • Easy for the signer to sign a message – There is no point in having a digital signature scheme that involves the signer needing to use slow and complex operations to compute a digital signature. • Easy for anyone to verify a message – Similarly we would like the verification of a digital signature to be as efficient as possible. • Hard for anyone to forge a digital signature – It should be practically impossible for anyone who is not the legitimate signer to compute a digital signature on a message that appears to be valid. By “appears to be valid” we mean that anyone who attempts to verify the digital signature is led to believe that they have just successfully verified a valid digital signature on a message.
  • 10. •is a type of asymmetric cryptography used to simulate the security properties of a signature in digital, rather than written, form. Digital signature schemes normally give two algorithms, one for signing which involves the user's secret or private key, and one for verifying signatures which involves the user's public key. The output of the signature process is called the "digital signature.“ •is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged. Digital signatures are easily transportable, cannot be imitated by someone else, and can be automatically time-stamped. The ability to ensure that the original signed message arrived means that the sender cannot easily repudiate it later. What is a digital signature?
  • 11. • The use of digital signatures usually involves two processes, one performed by the signer and the other by the receiver of the digital signature: • Digital signature creation uses a hash result derived from and unique to both the signed message and a given private key. For the hash result to be secure, there must be only a negligible possibility that the same digital signature could be created by the combination of any other message or private key. • Digital signature verification is the process of checking the digital signature by reference to the original message and a given public key, thereby determining whether the digital signature was created for that same message using the private key that corresponds to the referenced public key. How it works
  • 12. Paper Signatures V/s Digital Signatures Parameter Paper Electronic Authenticity May be forged Can not be copied Integrity Signature independent of the document Signature depends on the contents of the document Non- repudiation a. Handwriting expert needed b. Error prone a. Any computer user b. Error free V/s
  • 13. Electronic RecordElectronic Record 1. Very easy to make copies 2. Very fast distribution 3. Easy archiving and retrieval 4. Copies are as good as original 5. Easily modifiable 6. Environmental Friendly Because of 4 & 5 together, these lack authenticity
  • 14. Digital signatures employ a type of Asymmetric Cryptography. The Scheme typically consists of three Algorithms  A key generation algorithm that selects a private key uniformly at random from a set of possible private keys. The algorithm outputs the private key and a corresponding public key.  A signing algorithm that, given a message and a private key, produces a signature.  A signature verifying algorithm that, given a message, public key and a signature, either accepts or rejects the message's claim to authenticity Hash value of a message when encrypted with the private key of a person is his digital signature on that e-Document
  • 15. Digital SignaturesDigital Signatures Each individual generates his own key pair [Public key known to everyone & Private key only to the owner] Private Key – Used for making Digital Signature Public Key – Used to verify the Digital Signature
  • 17. Example • Assume you were going to send the draft of a contract to your lawyer in another town. You want to give your lawyer the assurance that it was unchanged from what you sent and that it is really from you. 1. You copy-and-paste the contract (it's a short one!) into an e-mail note. 2. Using special software, you obtain a message hash (mathematical summary) of the contract. 3. You then use a private key that you have previously obtained from a public-private key authority to encrypt the hash. 4. The encrypted hash becomes your digital signature of the message. (Note that it will be different each time you send a message.) • At the other end, your lawyer receives the message. 1. To make sure it's intact and from you, your lawyer makes a hash of the received message. 2. Your lawyer then uses your public key to decrypt the message hash or summary. 3. If the hashes match, the received message is valid.
  • 18. 18 Hash functions 1. Condenses arbitrary long inputs into a fixed length output – You stuff as much data as you want into the function, and it churns out an output (or hash) that is always the same fixed length. – In general this hash is much smaller than the data that was put into the function. – Because the hash is a smaller thing that represents a larger thing, it sometimes referred to as a digest, and the hash function as a message digest function. A hash function is a mathematical function that generally has the following three properties:
  • 19. 19 Hash functions 2. Is one-way – The hash function should be easy to compute, but given the hash of some data it should be very hard to recover the original data from the hash. 3. It is hard to find two inputs with the same output – It should be hard to find two different inputs (of any length) that when fed into the hash function result in the same hash (collision free). – Note that it is impossible for a hash function not to have collisions. If arbitrarily large inputs are all being reduced to a fixed length hash then there will be lots of collisions. (For example - it is impossible to give each of 60 million people a different 4 digit PIN.) The point is that these collisions should be hard to find.
  • 20.
  • 22. Message Hash Function Message Digest Digest Signature Signature Function Message Digest If the message digest are identical, the signature is valid. If they are different, the signature is not valid. Signer’s Public Key
  • 23.
  • 24. Digital Signatures • Digital Signatures are numbers • Same Length – 40 digits • They are document content dependent I am George kutty efcc61c1c03db8d8ea8569545c073c814a0ed755 My place of birth is at Thrissur. fe1188eecd44ee23e13c4b6655edc8cd5cdb6f25 I am 27 years old. 0e6d7d56c4520756f59235b6ae981cdb5f9820a0 I am an Engineer. ea0ae29b3b2c20fc018aaca45c3746a057b893e7 I am a Engineer. 01f1d8abd9c2e6130870842055d97d315dff1ea3 • These are digital signatures of same person on different documents
  • 25. • Application Request • Issuance of Digital Signatures • Accessing Website with Membership ID for Enrollment of Request On line • Driver Downloading • Member Login How To Get & Use Digital Signature
  • 26. Benefits of digital signatures These are common reasons for applying a digital signature to communications: • Authentication Although messages may often include information about the entity sending a message, that information may not be accurate. Digital signatures can be used to authenticate the source of messages. When ownership of a digital signature secret key is bound to a specific user, a valid signature shows that the message was sent by that user. The importance of high confidence in sender authenticity is especially obvious in a financial context. For example, suppose a bank's branch office sends instructions to the central office requesting a change in the balance of an account. If the central office is not convinced that such a message is truly sent from an authorized source, acting on such a request could be a grave mistake. • Integrity In many scenarios, the sender and receiver of a message may have a need for confidence that the message has not been altered during transmission. Although encryption hides the contents of a message, it may be possible to change an encrypted message without understanding it. (Some encryption algorithms, known as nonmalleable ones, prevent this, but others do not.) However, if a message is digitally signed, any change in the message will invalidate the signature. Furthermore, there is no efficient way to modify a message and its signature to produce a new message with a valid signature, because this is still considered to be computationally infeasible by most cryptographic hash functions.
  • 27. Drawbacks of digital signatures Despite their usefulness, digital signatures do not alone solve all the problems we might wish them to. Non-repudiation In a cryptographic context, the word repudiation refers to the act of disclaiming responsibility for a message. A message's recipient may insist the sender attach a signature in order to make later repudiation more difficult, since the recipient can show the signed message to a third party (eg, a court) to reinforce a claim as to its signatories and integrity. However, loss of control over a user's private key will mean that all digital signatures using that key, and so ostensibly 'from' that user, are suspect. Nonetheless, a user cannot repudiate a signed message without repudiating their signature key.
  • 29. Prevention From Misuse  Don’t Hand over you DSC Media USB/Card to any one  Don’t tell your PIN to anyone  Document Digitally Signed carries same legal status as manually signing as per the IT Act
  • 30. To prevent this misuse… • Assign each user fixed keys • Usually be done by third party: VeriSign… • Moreover, common good practice: sign first, encrypt later.
  • 31. Questions? 1. In the digital signature who use the private key and who use the public key? Private key: sender Public key: receiver 2. What are the benefits of digital signatures? Authentication and Integrity

Editor's Notes

  1. Customers purchase Merchants sell Financial providers: Integrity Back value of physical tokens (Money used to be backed by gold; no longer) Multiple merchants and financial institutions Cash, credit cards, and smartcards allow value to be mobile Cash is cumbersome and expensive Armored vehicles, guards, vaults,etc Muggings
  2. Проверить правильность схемы