Digital signatures use asymmetric cryptography to provide authentication, integrity and non-repudiation for electronic documents and communications. A digital signature is created using a private key and can be verified by anyone using the corresponding public key. This ensures the document was not altered and the sender cannot deny sending it. Private keys are protected using devices like smart cards or hardware tokens to keep them secure.

1. *Digital Signature
Authors:
Kolobov Filipp
Pakshintceva Tatiana

2. *Digital Signature
A digital signature is a mathematical scheme for
demonstrating the authenticity of a digital message
or document.
*Digital signature can be used in all electronic
communications
*Web, e-mail, e-commerce
*It is an electronic stamp or seal that append to the
document.
*Ensure the document being unchanged during
transmission.

3. Paper signatures v/s Digital Signatures
Parameter Paper Electronic
Authenticity May be forged Can not be copied
Integrity Signature
independent of
the document
Signature
depends on the
contents of the
document
Non-repudiation a. Handwriting
expert
needed
b. Error prone
a. Any
computer
user
b. Error free
V/s

4. *Digital Certificates
*Digital Certificate is a data with digital signature
from one trusted Certification Authority (CA).
*This data contains:
*Who owns this certificate
*Who signed this certificate
*The expired date
*User name & email address

5. *4 key services
*Authentication – Digital Certificate
*To identify a user who claim who he/she is, in order to access
the resource.
*Non-repudiation – Digital Signature
*To make the user becomes unable to deny that he/she has
sent the message, signed the document or participated in a
transaction.
*Confidentiality - Encryption
*To make the transaction secure, no one else is able to
read/retrieve the ongoing transaction unless the
communicating parties.
*Integrity - Encryption
*To ensure the information has not been tampered during
transmission.

6. *Private key and Public key
*The public key is used, for example, to encrypt
plaintext or to verify a digital signature; whereas the
private key is used for the opposite operation, in
these examples to decrypt ciphertext or to create a
digital signature.
*The public key is not secret and can be freely
distributed, shared with anyone.
*The private key is kept secret and never be divulged,
and it is password protected (Passphase).
*Private key are password-protected.

7. *Private key protection
*The Private key generated is
to be protected and kept
secret. The responsibility of
the secrecy of the key lies
with the owner.
*The key is secured using
*PIN Protected soft token
*Smart Cards
*Hardware Tokens

8. *PIN protected soft tokens
*The Private key is encrypted and kept
on the Hard Disk in a file, this file is
password protected.
*This forms the lowest level of security
in protecting the key, as
*The key is highly reachable.
*PIN can be easily known or cracked.
*Soft tokens are also not preferred
because
*The key becomes static and machine
dependent.
*The key is in known file format.

9. *Smart Cards
*The Private key is generated in
the crypto module residing in the
smart card.
*The key is kept in the memory of
the smart card.
*The key is highly secured as it
doesn’t leave the card, the
message digest is sent inside the
card for signing, and the
signatures leave the card.
*The card gives mobility to the
key and signing can be done on
any system. (Having smart card
reader)

10. *Hardware Tokens
*They are similar to smart
cards in functionality as
*Key is generated inside
the token.
*Key is highly secured as it
doesn’t leave the token.
*Highly portable.
*Machine Independent.

11. *Cryptography
Symmetric algorithms
Asymmetric algorithms

12. *Secret-key Encryption
*Use a secret key to encrypt a message into
ciphertext.
*Use the same key to decrypt the ciphertext
to the original message.
*Also called “Symmetric cryptography”.
Encryption DecryptionPlaintext Plaintext
Ciphertext
Secret Key Secret Key

13. *Secret Key How to?
Encrypted TextOriginal Text
+
Secret key
=
Encrypted Text Original TextSecret key
+ =
Encryption
Decryption

14. *Secret-Key Problem?
*All keys need to be replaced, if one
key is compromised.
*Not practical for the Internet
environment.
*On the other hand, the encryption
speed is fast.
*Suitable to encrypt your personal
data.

15. *Public-key Encryption
*Involves 2 distinct keys – public, private.
*The private key is kept secret and never be divulged,
and it is password protected (Passphase).
*The public key is not secret and can be freely
distributed, shared with anyone.
*It is also called “asymmetric cryptography”.
*Two keys are mathematically related, it is infeasible to
derive the private key from the public key.
*100 to 1000 times slower than secret-key algorithms.
Encryption DecryptionPlaintext Plaintext
Ciphertext
Public Key Private Key

16. *Public-Private Encryption
First, create public
and private key
Public key
Private key
Private key
Private key stored in
your personal computer
Public Key Directory
Public Key
Public key stored in the directory

17. *Message Encryption
(User A sends message to User B)
Public Key Directory
Text
User A
User B’s Public Key
Encryption
Encrypted
Text

18. Decryption with your Private key
Encrypted
Text
User B’s
Private key
Private key stored in
your personal computer
Decryption
Original Text
User B

19. *Asymmetric algorithms
Algorithm Name Key Length (bits)
DSA Up to 448
El Gamal 56
RSA 128
Diffie-Hellman Up to 2048
References:
DSA
El Gamal
RSA
Diffie-Hellman

20. *Thank you for your
patience!