SlideShare a Scribd company logo

Digital signaturepattern 10 30

Download as PPT, PDF
J
Joaquin Ojeda

This document describes the pattern for digital signatures using hashing. A digital signature allows a principal to prove that a message was originated from them and verifies that the message has not been altered. It works by hashing the message to a fixed length digest, then encrypting the digest with the sender's private key. When received, the signature can be validated by decrypting with the public key and comparing hashes to ensure the message was not modified. Digital signatures provide message authentication, integrity, and non-repudiation of origin.

1 of 16
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume
Secure Systems Research Group - FAU Introduction • A digital signature is a type of public key cryptography. • PKC uses a key pair, a private and a public key, for encryption and decryption operations. • When a message is encrypted using a key, it only can be decoded with the other key (matching key).
Secure Systems Research Group - FAU Pattern for Digital Signature with hashing • Intent Digital Signature allows a principal to prove that a message was originated from it. It also provides message integrity by indicating whether a message was altered during transmission.
Secure Systems Research Group - FAU Context • Participants of electronic transactions that need to exchange documents or messages through insecure networks. • We assume that a principal possesses a key pair: a private key that is secretly kept by the principal and a public key that is in an accessible repository. The generation of these key pairs and the distribution of public keys are out of scope of this pattern.
Secure Systems Research Group - FAU Problem • In many applications we need to verify the origin of a message (message authentication). How do we verify that a message came from a particular principal? Messages that travel through insecure channels can be captured and intentionally modified by attackers.
Secure Systems Research Group - FAU Problem • The solution for this problem is affected by the following forces: – For legal or business reasons we need to be able to verify who sent a particular message. Otherwise, the sender may deny having sent it. – Messages may be altered during transmission, so we need to verify that the data is in its original form when it reaches its destination. – The length of the signed message should not be significantly larger than the original message; otherwise we would waste time and bandwidth.
Secure Systems Research Group - FAU Solution • Apply properties of public key cryptographic algorithms to messages in order to create a signature that will be unique for each message. The message first is compressed (hashed) to a smaller size (digest), and then it is encrypted using the sender’s private key. When the signed message arrives at its target, the receiver verifies the signature using the sender’s public key and uses the hashed digest to verify that the message has not been altered.
Secure Systems Research Group - FAU • Structure Solution
Secure Systems Research Group - FAU Solution • Dynamics Sequence Diagram for Use Case: Sign a message
Secure Systems Research Group - FAU Solution • Dynamics Sequence Diagram for Use Case: Verify a signature Signed Message Message Signature
Secure Systems Research Group - FAU Consequences • This pattern presents the following advantages: – A key pair is bound to a principal whose private key is used to sign the message. If the signature is validated using its public key, then we know that the sender created and sent the message. We assume that he keeps his private key secure, and it has not been compromised. – Also, when a signature is validated using a principal’s public key, the sender cannot deny that he created and sent the message. If a message is signed using another private key that does not belong to the sender, the validity of the signature fails. – Any change in the original message will produce another digest value that will be different from the value obtained after decrypting the signature using the sender’s public key. – A message is compressed to a fixed length string using the digest algorithm before it is signed. As a result, the process of signing is faster, and the signature is shorter in length.
Secure Systems Research Group - FAU Consequences • The pattern also has some (possible) liabilities: – This pattern assumes that the owner of the public key is who he says he is. In other words, both participants trust in the identity of each other. Thus, certificates issued by some certification authority are needed. – Both the sender and the receiver have to previously agree what cryptographic algorithm they support.
Secure Systems Research Group - FAU Implementation • Use Strategy Pattern [Gam94] to select different hashing and signature algorithm. The most widely used hashing algorithms are MD5 and SHA1. The two popular digital signature algorithms are RSA and Digital Signature Algorithm (DSA). • Digital signatures can be implemented in different applications such as in email communication, distribution of documents over the Internet, or web services. For example, one can sign email’s contents or any other document’s content such as PDF. In both cases, the signature is appended to the email or document. When digital signatures are applied in web services, they are also embedded within XML messages. However, these signatures are treated as XML elements, and they have additional features such as signing parts of a message or external resources which can be XML or any other data type.
Secure Systems Research Group - FAU Known Uses • Digital Signatures have been widely used in different products. – Adobe Reader and Acrobat [Ado05] have an extended security feature that allows users to digitally sing PDF documents. – CoSign [Arx] digitally signs different types of documents, files, forms, and other electronic transactions. – GNuPG [Gnu] digitally signs e-mail messages. – Java Cryptographic Architecture [Sun] includes APIs for digital signature. – Microsoft .Net [Mic07] includes APIs for asymmetric cryptography such as digital signature. – XML Signature [W3C08] is one of the foundation web services security standards that defines the structure and process of digital signatures in XML messages.
Secure Systems Research Group - FAU Related Patterns • Encryption/Decryption using public key cryptography [Bra98] • Generation and Distribution of public keys [Leh02] • Certificates [Mor06] contain information about its owner such as public key, name, validity period, and so forth. Certificates are issued by Certificate Authority that confirms that the public key contained in the certificate belongs to the owner of the certificate. • Strategy Pattern [Gam94] defines how to separate the implementation of related algorithms from the selection of one of them.
Secure Systems Research Group - FAU • Comments

Recommended

public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructure
vimal kumar
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI Technology
Sylvain Maret
 
Lecture 9 key distribution and user authentication
Lecture 9 key distribution and user authentication Lecture 9 key distribution and user authentication
Lecture 9 key distribution and user authentication
rajakhurram
 
Network security & cryptography full notes
Network security & cryptography full notesNetwork security & cryptography full notes
Network security & cryptography full notes
gangadhar9989166446
 
Network security unit 1,2,3
Network security unit 1,2,3 Network security unit 1,2,3
Network security unit 1,2,3
WE-IT TUTORIALS
 
BAIT1103 Chapter 2
BAIT1103 Chapter 2BAIT1103 Chapter 2
BAIT1103 Chapter 2limsh
 
Cryptography
CryptographyCryptography
Cryptography
Abhi Prithi
 
Cryptography and PKI
Cryptography and PKICryptography and PKI
Cryptography and PKI
Rabei Hassan
 

Recommended

public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructure
vimal kumar
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI Technology
Sylvain Maret
 
Lecture 9 key distribution and user authentication
Lecture 9 key distribution and user authentication Lecture 9 key distribution and user authentication
Lecture 9 key distribution and user authentication
rajakhurram
 
Network security & cryptography full notes
Network security & cryptography full notesNetwork security & cryptography full notes
Network security & cryptography full notes
gangadhar9989166446
 
Network security unit 1,2,3
Network security unit 1,2,3 Network security unit 1,2,3
Network security unit 1,2,3
WE-IT TUTORIALS
 
BAIT1103 Chapter 2
BAIT1103 Chapter 2BAIT1103 Chapter 2
BAIT1103 Chapter 2limsh
 
Cryptography
CryptographyCryptography
Cryptography
Abhi Prithi
 
Cryptography and PKI
Cryptography and PKICryptography and PKI
Cryptography and PKI
Rabei Hassan
 
Security services and mechanisms
Security services and mechanismsSecurity services and mechanisms
Security services and mechanisms
Rajapriya82
 
BAIT1103 Chapter 3
BAIT1103 Chapter 3BAIT1103 Chapter 3
BAIT1103 Chapter 3limsh
 
Email security
Email securityEmail security
Email security
Indrajit Sreemany
 
S/MIME
S/MIMES/MIME
S/MIME
maria azam
 
L4 internet security
L4 internet securityL4 internet security
L4 internet securitylistergc
 
Network Security Primer
Network Security PrimerNetwork Security Primer
Network Security Primer
Venkatesh Iyer
 
Ch01
Ch01Ch01
Ch01n C
 
pgp s mime
pgp s mimepgp s mime
pgp s mime
Chirag Patel
 
Ch14
Ch14Ch14
Ch14Francis Alamina
 
Key distribution code.ppt
Key distribution code.pptKey distribution code.ppt
Key distribution code.ppt
Prabhat Kumar
 
Research trends review on RSA scheme of asymmetric cryptography techniques
Research trends review on RSA scheme of asymmetric cryptography techniquesResearch trends review on RSA scheme of asymmetric cryptography techniques
Research trends review on RSA scheme of asymmetric cryptography techniques
journalBEEI
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
 
Pgp
PgpPgp
PgpNilanjan Danda
 
Pgp
PgpPgp
Pgp
Reham Maher El-Safarini
 
Digital certificates
Digital certificatesDigital certificates
Digital certificates
Buddhika Karunanayaka
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacy
Punnya Babu
 
Security
SecuritySecurity
Security
Sri Manakula Vinayagar Engineering College
 
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)
inventionjournals
 
A novel paradigm in authentication system
A novel paradigm in authentication systemA novel paradigm in authentication system
A novel paradigm in authentication system
IJNSA Journal
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signaturesRohit Bhat
 
Outlook and thunderbird ii
Outlook and thunderbird iiOutlook and thunderbird ii
Outlook and thunderbird ii
BanukaVidusanka
 
Digital signature
Digital signatureDigital signature
Digital signature
AJAL A J
 

More Related Content

What's hot

Security services and mechanisms
Security services and mechanismsSecurity services and mechanisms
Security services and mechanisms
Rajapriya82
 
BAIT1103 Chapter 3
BAIT1103 Chapter 3BAIT1103 Chapter 3
BAIT1103 Chapter 3limsh
 
Email security
Email securityEmail security
Email security
Indrajit Sreemany
 
S/MIME
S/MIMES/MIME
S/MIME
maria azam
 
L4 internet security
L4 internet securityL4 internet security
L4 internet securitylistergc
 
Network Security Primer
Network Security PrimerNetwork Security Primer
Network Security Primer
Venkatesh Iyer
 
Ch01
Ch01Ch01
Ch01n C
 
pgp s mime
pgp s mimepgp s mime
pgp s mime
Chirag Patel
 
Key distribution code.ppt
Key distribution code.pptKey distribution code.ppt
Key distribution code.ppt
Prabhat Kumar
 
Research trends review on RSA scheme of asymmetric cryptography techniques
Research trends review on RSA scheme of asymmetric cryptography techniquesResearch trends review on RSA scheme of asymmetric cryptography techniques
Research trends review on RSA scheme of asymmetric cryptography techniques
journalBEEI
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
 
Pgp
PgpPgp
Pgp
Reham Maher El-Safarini
 
Digital certificates
Digital certificatesDigital certificates
Digital certificates
Buddhika Karunanayaka
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacy
Punnya Babu
 
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)
inventionjournals
 
A novel paradigm in authentication system
A novel paradigm in authentication systemA novel paradigm in authentication system
A novel paradigm in authentication system
IJNSA Journal
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signaturesRohit Bhat
 

What's hot (20)

Security services and mechanisms
Security services and mechanismsSecurity services and mechanisms
Security services and mechanisms
 
BAIT1103 Chapter 3
BAIT1103 Chapter 3BAIT1103 Chapter 3
BAIT1103 Chapter 3
 
Email security
Email securityEmail security
Email security
 
S/MIME
S/MIMES/MIME
S/MIME
 
L4 internet security
L4 internet securityL4 internet security
L4 internet security
 
Network Security Primer
Network Security PrimerNetwork Security Primer
Network Security Primer
 
Ch01
Ch01Ch01
Ch01
 
pgp s mime
pgp s mimepgp s mime
pgp s mime
 
Ch14
Ch14Ch14
Ch14
 
Key distribution code.ppt
Key distribution code.pptKey distribution code.ppt
Key distribution code.ppt
 
Research trends review on RSA scheme of asymmetric cryptography techniques
Research trends review on RSA scheme of asymmetric cryptography techniquesResearch trends review on RSA scheme of asymmetric cryptography techniques
Research trends review on RSA scheme of asymmetric cryptography techniques
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 
Pgp
PgpPgp
Pgp
 
Pgp
PgpPgp
Pgp
 
Digital certificates
Digital certificatesDigital certificates
Digital certificates
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacy
 
Security
SecuritySecurity
Security
 
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)
 
A novel paradigm in authentication system
A novel paradigm in authentication systemA novel paradigm in authentication system
A novel paradigm in authentication system
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signatures
 

Similar to Digital signaturepattern 10 30

Outlook and thunderbird ii
Outlook and thunderbird iiOutlook and thunderbird ii
Outlook and thunderbird ii
BanukaVidusanka
 
Digital signature
Digital signatureDigital signature
Digital signature
AJAL A J
 
Iaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security withIaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security with
Iaetsd Iaetsd
 
IS-Crypttools.pptx
IS-Crypttools.pptxIS-Crypttools.pptx
IS-Crypttools.pptx
V.V.Vanniaperumal College for Women
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
 
Digital Signatures
Digital SignaturesDigital Signatures
Digital Signatures
Sumanth Paramesh
 
ebusiness digital,E business signature .
ebusiness digital,E business signature .ebusiness digital,E business signature .
ebusiness digital,E business signature .
SowmyaSomu8
 
Digital Signatures
Digital SignaturesDigital Signatures
Digital Signatures
Sumanth Paramesh
 
Module 2.Cryptography and Cryptanalysis
Module 2.Cryptography and CryptanalysisModule 2.Cryptography and Cryptanalysis
Module 2.Cryptography and Cryptanalysis
Sitamarhi Institute of Technology
 
Encryption in Cryptography
Encryption in CryptographyEncryption in Cryptography
Encryption in Cryptography
Uttara University
 
Unit v
Unit vUnit v
Unit v
Bathshebaparimala
 
Vulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS ProtocolVulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS Protocol
csandit
 
VULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOLVULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOL
cscpconf
 
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
blondellchancy
 
Digital Certified Mail
Digital Certified MailDigital Certified Mail
Digital Certified Mail
Matthew Chang
 
Alfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transitAlfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transit
Toni de la Fuente
 
OpenOffice.org Digital Signatures, OOoCon 2004
OpenOffice.org Digital Signatures, OOoCon 2004OpenOffice.org Digital Signatures, OOoCon 2004
OpenOffice.org Digital Signatures, OOoCon 2004Malte Timmermann
 

Similar to Digital signaturepattern 10 30 (20)

Outlook and thunderbird ii
Outlook and thunderbird iiOutlook and thunderbird ii
Outlook and thunderbird ii
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Iaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security withIaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security with
 
IS-Crypttools.pptx
IS-Crypttools.pptxIS-Crypttools.pptx
IS-Crypttools.pptx
 
Info security & crypto
Info security & cryptoInfo security & crypto
Info security & crypto
 
Unit08
Unit08Unit08
Unit08
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 
Digital Signatures
Digital SignaturesDigital Signatures
Digital Signatures
 
ebusiness digital,E business signature .
ebusiness digital,E business signature .ebusiness digital,E business signature .
ebusiness digital,E business signature .
 
Digital Signatures
Digital SignaturesDigital Signatures
Digital Signatures
 
Module 2.Cryptography and Cryptanalysis
Module 2.Cryptography and CryptanalysisModule 2.Cryptography and Cryptanalysis
Module 2.Cryptography and Cryptanalysis
 
Module 2.pdf
Module 2.pdfModule 2.pdf
Module 2.pdf
 
Encryption in Cryptography
Encryption in CryptographyEncryption in Cryptography
Encryption in Cryptography
 
Unit v
Unit vUnit v
Unit v
 
Vulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS ProtocolVulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS Protocol
 
VULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOLVULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOL
 
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
7222019 TestOut LabSimhttpscdn.testout.comclient-v5-.docx
 
Digital Certified Mail
Digital Certified MailDigital Certified Mail
Digital Certified Mail
 
Alfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transitAlfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transit
 
OpenOffice.org Digital Signatures, OOoCon 2004
OpenOffice.org Digital Signatures, OOoCon 2004OpenOffice.org Digital Signatures, OOoCon 2004
OpenOffice.org Digital Signatures, OOoCon 2004
 

More from Joaquin Ojeda

Entrega de trofeos CPL
Entrega de trofeos CPLEntrega de trofeos CPL
Entrega de trofeos CPL
Joaquin Ojeda
 
FS_and_SWAP
FS_and_SWAPFS_and_SWAP
FS_and_SWAP
Joaquin Ojeda
 
Kolmanskop
KolmanskopKolmanskop
Kolmanskop
Joaquin Ojeda
 
Geek Tatoos
Geek TatoosGeek Tatoos
Geek Tatoos
Joaquin Ojeda
 
JQ's Bugatti-Veyron
JQ's Bugatti-VeyronJQ's Bugatti-Veyron
JQ's Bugatti-Veyron
Joaquin Ojeda
 
Salon Manga Gran Canaria
Salon Manga Gran CanariaSalon Manga Gran Canaria
Salon Manga Gran Canaria
Joaquin Ojeda
 
Valdano en LPGC
Valdano en LPGCValdano en LPGC
Valdano en LPGC
Joaquin Ojeda
 
Stone Designs
Stone DesignsStone Designs
Stone Designs
Joaquin Ojeda
 
Charla de Presott
Charla de PresottCharla de Presott
Charla de Presott
Joaquin Ojeda
 
Humor Grafico
Humor GraficoHumor Grafico
Humor Grafico
Joaquin Ojeda
 

More from Joaquin Ojeda (10)

Entrega de trofeos CPL
Entrega de trofeos CPLEntrega de trofeos CPL
Entrega de trofeos CPL
 
FS_and_SWAP
FS_and_SWAPFS_and_SWAP
FS_and_SWAP
 
Kolmanskop
KolmanskopKolmanskop
Kolmanskop
 
Geek Tatoos
Geek TatoosGeek Tatoos
Geek Tatoos
 
JQ's Bugatti-Veyron
JQ's Bugatti-VeyronJQ's Bugatti-Veyron
JQ's Bugatti-Veyron
 
Salon Manga Gran Canaria
Salon Manga Gran CanariaSalon Manga Gran Canaria
Salon Manga Gran Canaria
 
Valdano en LPGC
Valdano en LPGCValdano en LPGC
Valdano en LPGC
 
Stone Designs
Stone DesignsStone Designs
Stone Designs
 
Charla de Presott
Charla de PresottCharla de Presott
Charla de Presott
 
Humor Grafico
Humor GraficoHumor Grafico
Humor Grafico
 

Recently uploaded

Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
MysoreMuleSoftMeetup
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
siemaillard
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
DeeptiGupta154
 
The French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free downloadThe French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free download
Vivekanand Anglo Vedic Academy
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
camakaiclarkmusic
 
Polish students' mobility in the Czech Republic
Polish students' mobility in the Czech RepublicPolish students' mobility in the Czech Republic
Polish students' mobility in the Czech Republic
Anna Sz.
 
Palestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptxPalestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptx
RaedMohamed3
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
MIRIAMSALINAS13
 
Honest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptxHonest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptx
timhan337
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
Jisc
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
Jisc
 
The geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideasThe geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideas
GeoBlogs
 
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
EugeneSaldivar
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
Special education needs
 
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfWelcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
TechSoup
 
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Atul Kumar Singh
 
Instructions for Submissions thorugh G- Classroom.pptx
Instructions for Submissions thorugh G- Classroom.pptxInstructions for Submissions thorugh G- Classroom.pptx
Instructions for Submissions thorugh G- Classroom.pptx
Jheel Barad
 
678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf
CarlosHernanMontoyab2
 
Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345
beazzy04
 
The Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdfThe Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdf
kaushalkr1407
 

Recently uploaded (20)

Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
 
The French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free downloadThe French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free download
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
 
Polish students' mobility in the Czech Republic
Polish students' mobility in the Czech RepublicPolish students' mobility in the Czech Republic
Polish students' mobility in the Czech Republic
 
Palestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptxPalestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptx
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
 
Honest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptxHonest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptx
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
 
The geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideasThe geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideas
 
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
 
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfWelcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
 
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
 
Instructions for Submissions thorugh G- Classroom.pptx
Instructions for Submissions thorugh G- Classroom.pptxInstructions for Submissions thorugh G- Classroom.pptx
Instructions for Submissions thorugh G- Classroom.pptx
 
678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf
 
Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345
 
The Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdfThe Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdf
 

Digital signaturepattern 10 30

  • 1. Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume
  • 2. Secure Systems Research Group - FAU Introduction • A digital signature is a type of public key cryptography. • PKC uses a key pair, a private and a public key, for encryption and decryption operations. • When a message is encrypted using a key, it only can be decoded with the other key (matching key).
  • 3. Secure Systems Research Group - FAU Pattern for Digital Signature with hashing • Intent Digital Signature allows a principal to prove that a message was originated from it. It also provides message integrity by indicating whether a message was altered during transmission.
  • 4. Secure Systems Research Group - FAU Context • Participants of electronic transactions that need to exchange documents or messages through insecure networks. • We assume that a principal possesses a key pair: a private key that is secretly kept by the principal and a public key that is in an accessible repository. The generation of these key pairs and the distribution of public keys are out of scope of this pattern.
  • 5. Secure Systems Research Group - FAU Problem • In many applications we need to verify the origin of a message (message authentication). How do we verify that a message came from a particular principal? Messages that travel through insecure channels can be captured and intentionally modified by attackers.
  • 6. Secure Systems Research Group - FAU Problem • The solution for this problem is affected by the following forces: – For legal or business reasons we need to be able to verify who sent a particular message. Otherwise, the sender may deny having sent it. – Messages may be altered during transmission, so we need to verify that the data is in its original form when it reaches its destination. – The length of the signed message should not be significantly larger than the original message; otherwise we would waste time and bandwidth.
  • 7. Secure Systems Research Group - FAU Solution • Apply properties of public key cryptographic algorithms to messages in order to create a signature that will be unique for each message. The message first is compressed (hashed) to a smaller size (digest), and then it is encrypted using the sender’s private key. When the signed message arrives at its target, the receiver verifies the signature using the sender’s public key and uses the hashed digest to verify that the message has not been altered.
  • 8. Secure Systems Research Group - FAU • Structure Solution
  • 9. Secure Systems Research Group - FAU Solution • Dynamics Sequence Diagram for Use Case: Sign a message
  • 10. Secure Systems Research Group - FAU Solution • Dynamics Sequence Diagram for Use Case: Verify a signature Signed Message Message Signature
  • 11. Secure Systems Research Group - FAU Consequences • This pattern presents the following advantages: – A key pair is bound to a principal whose private key is used to sign the message. If the signature is validated using its public key, then we know that the sender created and sent the message. We assume that he keeps his private key secure, and it has not been compromised. – Also, when a signature is validated using a principal’s public key, the sender cannot deny that he created and sent the message. If a message is signed using another private key that does not belong to the sender, the validity of the signature fails. – Any change in the original message will produce another digest value that will be different from the value obtained after decrypting the signature using the sender’s public key. – A message is compressed to a fixed length string using the digest algorithm before it is signed. As a result, the process of signing is faster, and the signature is shorter in length.
  • 12. Secure Systems Research Group - FAU Consequences • The pattern also has some (possible) liabilities: – This pattern assumes that the owner of the public key is who he says he is. In other words, both participants trust in the identity of each other. Thus, certificates issued by some certification authority are needed. – Both the sender and the receiver have to previously agree what cryptographic algorithm they support.
  • 13. Secure Systems Research Group - FAU Implementation • Use Strategy Pattern [Gam94] to select different hashing and signature algorithm. The most widely used hashing algorithms are MD5 and SHA1. The two popular digital signature algorithms are RSA and Digital Signature Algorithm (DSA). • Digital signatures can be implemented in different applications such as in email communication, distribution of documents over the Internet, or web services. For example, one can sign email’s contents or any other document’s content such as PDF. In both cases, the signature is appended to the email or document. When digital signatures are applied in web services, they are also embedded within XML messages. However, these signatures are treated as XML elements, and they have additional features such as signing parts of a message or external resources which can be XML or any other data type.
  • 14. Secure Systems Research Group - FAU Known Uses • Digital Signatures have been widely used in different products. – Adobe Reader and Acrobat [Ado05] have an extended security feature that allows users to digitally sing PDF documents. – CoSign [Arx] digitally signs different types of documents, files, forms, and other electronic transactions. – GNuPG [Gnu] digitally signs e-mail messages. – Java Cryptographic Architecture [Sun] includes APIs for digital signature. – Microsoft .Net [Mic07] includes APIs for asymmetric cryptography such as digital signature. – XML Signature [W3C08] is one of the foundation web services security standards that defines the structure and process of digital signatures in XML messages.
  • 15. Secure Systems Research Group - FAU Related Patterns • Encryption/Decryption using public key cryptography [Bra98] • Generation and Distribution of public keys [Leh02] • Certificates [Mor06] contain information about its owner such as public key, name, validity period, and so forth. Certificates are issued by Certificate Authority that confirms that the public key contained in the certificate belongs to the owner of the certificate. • Strategy Pattern [Gam94] defines how to separate the implementation of related algorithms from the selection of one of them.
  • 16. Secure Systems Research Group - FAU • Comments