ReachLocal Services India, profile picture
Uploaded byReachLocal Services India
PPTX, PDF6,183 views

Digital signatures

Digital signatures are a mathematical scheme providing authenticity, integrity, and non-repudiation for electronic documents by using unique key pairs. A person's private key is used to create the signature, while the public key is available for verification by anyone. These signatures enhance trust in e-commerce and governance by ensuring the security of communications over the internet.

Embed presentation

Downloaded 285 times
Digital Signatures Distributed Computing -Bharat Patil -M. Sc. C.S. Part II -64
• A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or document. • Hash value of a message when encrypted with the private key of a person is his digital signature on that e-Document – Digital Signature of a person therefore varies from document to document thus ensuring authenticity of each word of that document. – As the public key of the signer is known, anybody can verify the message and the digital signature] What is Digital Signature?
Digital Signatures Each individual generates his own key pair [Public key known to everyone & Private key only to the owner] Private Key – Used for making digital signature Public Key – Used to verify the digital signature
Electronic Record 1. Very easy to make copies 2. Very fast distribution 3. Easy archiving and retrieval 4. Copies are as good as original 5. Easily modifiable Because of 4 & 5 together, these lack authenticity
Why Digital Signatures? •To provide Authenticity, Integrity and Non-repudiation to electronic documents. •To use the Internet as the safe and secure medium for e-Commerce and e- Governance.
Digital Signature Used to achieve three aspects of Security other than Privacy :  Authentication  Non-Repudiation Integrity When we send a document electronically, we can sign it in two ways: Signing an Entire Document  Signing a Digest
Encryption  Process of Transforming information to make it unreadable from an outsider.  Keys can be of two types: • Private key : Known only to user • Public Key : Known to all. Information Unreadable form Key Document Ciphertext
Encryption Caesar Cipher The shift is linear and equidistributed 3changes I agree lcdjuhh Key Cipher The shift is linear (cyclic) 269 k.n.gupta 62 mewam3rzjba i+3=l Space=c [+3] k+2=m (dot)=e [+6] n=w [+9] Char 1 2 3 4 5 6 7 8 9 a b c d e f g h i j b c d e f g h i j k c d e f g h i j k l d e f g h i j k l m e f g h i j k l m n f g h i j k l m n o g h i j k l m n o p h i j k l m n o p q i j k l m n o p q r j k l m n o p q r s k l m n o p q r s t l m n o p q r s t u m n o p q r s t u v n o p q r s t u v w o p q r s t u v w x p q r s t u v w x y q r s t u v w x y z r s t u v w x y z 0 s t u v w x y z 0 1 t u v w x y z 0 1 2 u v w x y z 0 1 2 3 v w x y z 0 1 2 3 4 w x y z 0 1 2 3 4 5 x y z 0 1 2 3 4 5 6 y z 0 1 2 3 4 5 6 7 z 0 1 2 3 4 5 6 7 8 0 1 2 3 4 5 6 7 8 9 1 2 3 4 5 6 7 8 9 . 2 3 4 5 6 7 8 9 . 3 4 5 6 7 8 9 . a 4 5 6 7 8 9 . a b 5 6 7 8 9 . a b c 6 7 8 9 . a b c d 7 8 9 . a b c d e 8 9 . a b c d e f 9 . a b c d e f g . (Dot) a b c d e f g h Space a b c d e f g h i
ENCRYPTION Message 2 The Internet knows no geographical boundaries. It has redefined time and space. Advances in computer and telecommunication technologies have led to the explosive growth of the Internet. This in turn is affecting the methods of communication, work, study, education, interaction, leisure, health, governance, trade and commerce. Encrypted Message 2 a520eecb61a770f947ca856cd675463f1c95a9a2b8 d4e6a71f80830c87f5715f5f59334978dd7e97da07 07b48a1138d77ced56feba2b467c398683c7dbeb8 6b854f120606a7ae1ed934f5703672adab0d7be66 dccde1a763c736cb9001d0731d541106f50bb7e54 240c40ba780b7a553bea570b99c9ab3df13d75f8cc fdddeaaf3a749fd1411 Message 1 Central to the growth of e-commerce and e- governance is the issue of trust in electronic environment. Encrypted Message 1 9a46894335be49f0b9cab28d755aaa9cd98571b 275bbb0adb405e6931e856ca3e5e569edd13528 5482 DECRYPTION Encrypted Message 1 9a46894335be49f0b9cab28d755aaa9cd98571b275b bb0adb405e6931e856ca3e5e569edd135285482 Message 1 Central to the growth of e-commerce and e-governance is the issue of trust in electronic environment. Encrypted Message 2 a520eecb61a770f947ca856cd675463f1c95a9a2b8d4e6a 71f80830c87f5715f5f59334978dd7e97da0707b48a1138 d77ced56feba2b467c398683c7dbeb86b854f120606a7ae 1ed934f5703672adab0d7be66dccde1a763c736cb9001d 0731d541106f50bb7e54240c40ba780b7a553bea570b9 9c9ab3df13d75f8ccfdddeaaf3a749fd1411 Message 2 The Internet knows no geographical boundaries. It has redefined time and space. Advances in computer and telecommunication technologies have led to the explosive growth of the Internet. This in turn is affecting the methods of communication, work, study, education, interaction, leisure, health, governance, trade and commerce. Same Key SYMMETRIC Different Keys [Keys of a pair – Public and Private] ASYMMETRIC [PKI]
• Digital Signatures are numbers • Same Length – 40 digits • They are document content dependent I agree efcc61c1c03db8d8ea8569545c073c814a0ed755 My place of birth is at Gwalior. fe1188eecd44ee23e13c4b6655edc8cd5cdb6f25 I am 62 years old. 0e6d7d56c4520756f59235b6ae981cdb5f9820a0 I am an Engineer. ea0ae29b3b2c20fc018aaca45c3746a057b893e7 I am a Engineer. 01f1d8abd9c2e6130870842055d97d315dff1ea3 • These are digital signatures of same person on different documents Digital Signatures
Concepts • A 1024 bits number is a very big number much bigger than the total number of electrons in whole world. • Trillions of Trillions of pairs of numbers exist in this range with each pair having following property – A message encrypted with one element of the pair can be decrypted ONLY by the other element of the same pair • Two numbers of a pair are called keys, the Public Key & the Private Key. User himself generates his own key pair on his computer • Any message irrespective of its length can be compressed or abridged uniquely into a smaller length message called the Digest or the Hash. • Smallest change in the message will change the Hash value
Signed Messages Message + Signature Hash Decrypt Signature With Sender’s Public Key SIGN hash With Sender’s Private key Message + signature COMPARE Calculated HashMessage Sender Receiver Hash Sent thru’ Internet if OK Signatures verified
Paper signatures v/s Digital Signatures Parameter Paper Electronic Authenticity May be forged Can not be copied Integrity Signature independent of the document Signature depends on the contents of the document Non- repudiation a. Handwriting expert needed b. Error prone a. Any computer user b. Error free V/s
Demonstration… • Key Generation: – Random Numbers – RSA Key Pair [Private/Public Key] • Digital Signature – Encrypting Digest using Private Key [Signatures] – Attaching the Signatures to the message. • Verification of Signatures: – Run the test for Authentication, Integrity and Non repudiation. • Digital Signature Certificate: – ITU X.509 v3
Private key protection  The Private key generated is to be protected and kept secret. The responsibility of the secrecy of the key lies with the owner.  The key is secured using ◦ PIN Protected soft token ◦ Smart Cards ◦ Hardware Tokens
PIN protected soft tokens  The Private key is encrypted and kept on the Hard Disk in a file, this file is password protected.  This forms the lowest level of security in protecting the key, as ◦ The key is highly reachable. ◦ PIN can be easily known or cracked.  Soft tokens are also not preferred because ◦ The key becomes static and machine dependent. ◦ The key is in known file format.
Smart Cards • The Private key is generated in the crypto module residing in the smart card. • The key is kept in the memory of the smart card. • The key is highly secured as it doesn’t leave the card, the message digest is sent inside the card for signing, and the signatures leave the card. • The card gives mobility to the key and signing can be done on any system. (Having smart card reader)
Hardware Tokens  They are similar to smart cards in functionality as ◦ Key is generated inside the token. ◦ Key is highly secured as it doesn’t leave the token. ◦ Highly portable. ◦ Machine Independent.  iKEY is one of the most commonly used token as it doesn’t need a special reader and can be connected to the system using USB port.
Smart Card iKey Hardware Tokens Biometrics – adds another level of security to these tokens
Digital signatures

More Related Content

PDF
Public key Infrastructure (PKI)
byVenkatesh Jambulingam
 
PPT
Digital Signature
byMohamed Talaat
 
PPTX
Digital signature
byFilipp Kolobov
 
PPTX
public key infrastructure
byvimal kumar
 
PPT
Introduction to Digital signatures
byRohit Bhat
 
PDF
Digital signatures
byIshwar Dayal
 
PPTX
Digital signature
byCHESStest{perfect Kadhu}
 
PPT
Digital Signature
bynayakslideshare
 
Public key Infrastructure (PKI)
byVenkatesh Jambulingam
 
Digital Signature
byMohamed Talaat
 
Digital signature
byFilipp Kolobov
 
public key infrastructure
byvimal kumar
 
Introduction to Digital signatures
byRohit Bhat
 
Digital signatures
byIshwar Dayal
 
Digital signature
byCHESStest{perfect Kadhu}
 
Digital Signature
bynayakslideshare
 

What's hot

PPT
Digital Signature
bysaurav5884
 
PPTX
SSL And TLS
byGhanshyam Patel
 
PPTX
Digital certificates
bySimmi Kamra
 
PPTX
Digital signature(Cryptography)
bySoham Kansodaria
 
PPTX
Digital certificates and information security
byDevam Shah
 
PPTX
Digital signature
byYash Karanke
 
PPTX
Digital signature
byPraseela R
 
PPTX
Digital Signature ppt
byOECLIB Odisha Electronics Control Library
 
PDF
Electronic mail security
byDr.Florence Dayana
 
PPT
Presentation on digital signatures & digital certificates
byVivaka Nand
 
PPTX
Hash Function
bySiddharth Srivastava
 
PPTX
Radius server,PAP and CHAP Protocols
byDhananjay Aloorkar
 
PDF
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
byKathirvel Ayyaswamy
 
PPTX
Digital Signature.pptx
byMd. AManullah Galib
 
PPT
Authentication Protocols
byTrinity Dwarka
 
PPTX
Digital certificates
byBuddhika Karunanayaka
 
PPTX
Hash function
bySalman Memon
 
PPTX
Secure Socket Layer (SSL)
bySamip jain
 
PPT
Symmetric & Asymmetric Cryptography
bychauhankapil
 
PPT
Fundamentals of cryptography
byHossain Md Shakhawat
 
Digital Signature
bysaurav5884
 
SSL And TLS
byGhanshyam Patel
 
Digital certificates
bySimmi Kamra
 
Digital signature(Cryptography)
bySoham Kansodaria
 
Digital certificates and information security
byDevam Shah
 
Digital signature
byYash Karanke
 
Digital signature
byPraseela R
 
Digital Signature ppt
byOECLIB Odisha Electronics Control Library
 
Electronic mail security
byDr.Florence Dayana
 
Presentation on digital signatures & digital certificates
byVivaka Nand
 
Hash Function
bySiddharth Srivastava
 
Radius server,PAP and CHAP Protocols
byDhananjay Aloorkar
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
byKathirvel Ayyaswamy
 
Digital Signature.pptx
byMd. AManullah Galib
 
Authentication Protocols
byTrinity Dwarka
 
Digital certificates
byBuddhika Karunanayaka
 
Hash function
bySalman Memon
 
Secure Socket Layer (SSL)
bySamip jain
 
Symmetric & Asymmetric Cryptography
bychauhankapil
 
Fundamentals of cryptography
byHossain Md Shakhawat
 

Viewers also liked

PPT
Digital signature
byAJAL A J
 
PDF
Process flow for registering digital signature certificate
byPSPCL
 
PPT
Digital signature introduction
byAsim Neupane
 
PPTX
Shares and its types
byVishnu NK
 
PPTX
Seminar ppt on digital signature
byjolly9293
 
PPTX
Cyber law
byArnab Roy Chowdhury
 
PPTX
Cybercrime.ppt
byAeman Khan
 
PPTX
Cyber-crime PPT
byAnshuman Tripathi
 
PPTX
Cyber crime ppt
byMOE515253
 
PPT
Introduction to Cyber Law
byn|u - The Open Security Community
 
PPT
Cybercrime presentation
byRajat Jain
 
Digital signature
byAJAL A J
 
Process flow for registering digital signature certificate
byPSPCL
 
Digital signature introduction
byAsim Neupane
 
Shares and its types
byVishnu NK
 
Seminar ppt on digital signature
byjolly9293
 
Cyber law
byArnab Roy Chowdhury
 
Cybercrime.ppt
byAeman Khan
 
Cyber-crime PPT
byAnshuman Tripathi
 
Cyber crime ppt
byMOE515253
 
Introduction to Cyber Law
byn|u - The Open Security Community
 
Cybercrime presentation
byRajat Jain
 

Similar to Digital signatures

PPT
DigitalSignaturePresentationPresentation
byMathewC6
 
PPT
ccapresentation.ppt
byMehediHasanShaon1
 
PPT
ccapresentation DSAhhhjjjjjdjdjdjdjd.ppt
bybrajeshbrailway
 
PPT
Digital signature online - What is digital signature
byKishankant Yadav
 
PPT
What is a Digital Signature? | How Digital Signature work?
byMSA Technosoft
 
PPT
Digital signatures
byApurv Gourav
 
POT
Digital signature
byDigvijay Singh Karakoti
 
PPTX
Security
bySaqib Shehzad
 
DOCX
Computer System Security (UNIT IV) For AKTU Lucknow
byBrijesh Vishwakarma
 
PPTX
Network security
byABHISHEK KUMAR
 
PPTX
Digital signature
byNavneet Prakash
 
PPTX
Introduction to Cryptography and digital signatures
byanupama12369
 
PPT
1329 n 9460
bykicknit123
 
PPT
Crypt
byMir Majid
 
PPTX
Hashes_and_Digital_Signatures_Slides.pptx
byhomecooking511
 
PPT
Digital Signiture
byVikesh Bawane
 
PPT
Digital signature
byAJAL A J
 
PPTX
IEDA 3302 e-commerce_secure-communications.pptx
byssuser6d0da2
 
PDF
encryption and decryption
bySri Manakula Vinayagar Engineering College
 
PPT
Security everywhere digital signature and digital fingerprint v1 (personal)
byPaul Yang
 
DigitalSignaturePresentationPresentation
byMathewC6
 
ccapresentation.ppt
byMehediHasanShaon1
 
ccapresentation DSAhhhjjjjjdjdjdjdjd.ppt
bybrajeshbrailway
 
Digital signature online - What is digital signature
byKishankant Yadav
 
What is a Digital Signature? | How Digital Signature work?
byMSA Technosoft
 
Digital signatures
byApurv Gourav
 
Digital signature
byDigvijay Singh Karakoti
 
Security
bySaqib Shehzad
 
Computer System Security (UNIT IV) For AKTU Lucknow
byBrijesh Vishwakarma
 
Network security
byABHISHEK KUMAR
 
Digital signature
byNavneet Prakash
 
Introduction to Cryptography and digital signatures
byanupama12369
 
1329 n 9460
bykicknit123
 
Crypt
byMir Majid
 
Hashes_and_Digital_Signatures_Slides.pptx
byhomecooking511
 
Digital Signiture
byVikesh Bawane
 
Digital signature
byAJAL A J
 
IEDA 3302 e-commerce_secure-communications.pptx
byssuser6d0da2
 
encryption and decryption
bySri Manakula Vinayagar Engineering College
 
Security everywhere digital signature and digital fingerprint v1 (personal)
byPaul Yang
 

More from ReachLocal Services India

PPTX
Excel ppt
byReachLocal Services India
 
PPTX
Virtual reality
byReachLocal Services India
 
PPTX
System security
byReachLocal Services India
 
PPTX
Artificial intelligence
byReachLocal Services India
 
PPTX
Distributed database
byReachLocal Services India
 
PPT
Loop invariant computation
byReachLocal Services India
 
PPTX
Distributed dbms
byReachLocal Services India
 
PPT
Sexual harresment on women
byReachLocal Services India
 
PPTX
Digital signal processing
byReachLocal Services India
 
PPTX
Mobile network layer (mobile comm.)
byReachLocal Services India
 
PPTX
Regular expression (compiler)
byReachLocal Services India
 
PPT
Temporal data mining
byReachLocal Services India
 
Excel ppt
byReachLocal Services India
 
Virtual reality
byReachLocal Services India
 
System security
byReachLocal Services India
 
Artificial intelligence
byReachLocal Services India
 
Distributed database
byReachLocal Services India
 
Loop invariant computation
byReachLocal Services India
 
Distributed dbms
byReachLocal Services India
 
Sexual harresment on women
byReachLocal Services India
 
Digital signal processing
byReachLocal Services India
 
Mobile network layer (mobile comm.)
byReachLocal Services India
 
Regular expression (compiler)
byReachLocal Services India
 
Temporal data mining
byReachLocal Services India
 

Recently uploaded

PPTX
Plato's Insight model teaching and learning.pptx
byNikhitaDS
 
PPTX
A Memory of Two Mondays by Arthur Miller
byDhatriParmar
 
PPTX
Overview of How to set priority in Odoo 19 Todo
byCeline George
 
PDF
Judgement Regarding Land Acquisition Act not Applicable to Encroachers.pdf
byssuser9d8e4e
 
PDF
Holm Community Heritage at St Nicholas Kirk - 2025 AGM Minutes (30.04.2025)
byAntoine Pietri
 
PDF
How "Raiders of the Lost Ark" and "Ordinary People" Employ Non-Verbal Acting
by6x5csns4pn
 
PPTX
Return For Exchange in Odoo 18 Inventory
byCeline George
 
PDF
Orlando by Virginia Woolf: The Granite and The Rainbow
byAdityarajsinh Gohil
 
PPTX
How to Set Recurring Tasks in Odoo Projects
byCeline George
 
PPTX
WEEK 2 (2).pptx TLE COOKERY 10 QUARTER 4
byResynFayeCortez2
 
PPTX
Renal Physiology- Juxtaglomerular Apparatus.pptx
byDisha Soriya
 
PPTX
How to Change Shipping Label Size in Odoo 18 Inventory
byCeline George
 
PPTX
How to Create_Generate Engineering Change Orders ECOs in Odoo 18
byCeline George
 
PPTX
S.Y. B. Pharm Medicinal Chemistry I Unit-I
byMs. Ashatai Patil
 
PDF
Nursing care plan for Vomiting /B.Sc nsg
byDr. Sudhadevi Sadanandan
 
PPTX
Greengnorance Toolkit Module1 Climate Change
byKarl Donert
 
PPTX
How to Track & Manage My Time Section in Odoo 18 Time Off
byCeline George
 
PPTX
Types of counselling Directive, Non Directive, Eclectic Counselling
byPriya Sush
 
PPTX
Greengnorance Toolkit Module 6 Water Resources
byKarl Donert
 
PPTX
Renal Physiology- Functional anatomy of Kidney.pptx
byDisha Soriya
 
Plato's Insight model teaching and learning.pptx
byNikhitaDS
 
A Memory of Two Mondays by Arthur Miller
byDhatriParmar
 
Overview of How to set priority in Odoo 19 Todo
byCeline George
 
Judgement Regarding Land Acquisition Act not Applicable to Encroachers.pdf
byssuser9d8e4e
 
Holm Community Heritage at St Nicholas Kirk - 2025 AGM Minutes (30.04.2025)
byAntoine Pietri
 
How "Raiders of the Lost Ark" and "Ordinary People" Employ Non-Verbal Acting
by6x5csns4pn
 
Return For Exchange in Odoo 18 Inventory
byCeline George
 
Orlando by Virginia Woolf: The Granite and The Rainbow
byAdityarajsinh Gohil
 
How to Set Recurring Tasks in Odoo Projects
byCeline George
 
WEEK 2 (2).pptx TLE COOKERY 10 QUARTER 4
byResynFayeCortez2
 
Renal Physiology- Juxtaglomerular Apparatus.pptx
byDisha Soriya
 
How to Change Shipping Label Size in Odoo 18 Inventory
byCeline George
 
How to Create_Generate Engineering Change Orders ECOs in Odoo 18
byCeline George
 
S.Y. B. Pharm Medicinal Chemistry I Unit-I
byMs. Ashatai Patil
 
Nursing care plan for Vomiting /B.Sc nsg
byDr. Sudhadevi Sadanandan
 
Greengnorance Toolkit Module1 Climate Change
byKarl Donert
 
How to Track & Manage My Time Section in Odoo 18 Time Off
byCeline George
 
Types of counselling Directive, Non Directive, Eclectic Counselling
byPriya Sush
 
Greengnorance Toolkit Module 6 Water Resources
byKarl Donert
 
Renal Physiology- Functional anatomy of Kidney.pptx
byDisha Soriya
 

Digital signatures

  • 1.
  • 2.
    • A digitalsignature is a mathematical scheme for demonstrating the authenticity of a digital message or document. • Hash value of a message when encrypted with the private key of a person is his digital signature on that e-Document – Digital Signature of a person therefore varies from document to document thus ensuring authenticity of each word of that document. – As the public key of the signer is known, anybody can verify the message and the digital signature] What is Digital Signature?
  • 3.
    Digital Signatures Each individualgenerates his own key pair [Public key known to everyone & Private key only to the owner] Private Key – Used for making digital signature Public Key – Used to verify the digital signature
  • 4.
    Electronic Record 1. Veryeasy to make copies 2. Very fast distribution 3. Easy archiving and retrieval 4. Copies are as good as original 5. Easily modifiable Because of 4 & 5 together, these lack authenticity
  • 5.
    Why Digital Signatures? •Toprovide Authenticity, Integrity and Non-repudiation to electronic documents. •To use the Internet as the safe and secure medium for e-Commerce and e- Governance.
  • 6.
    Digital Signature Used toachieve three aspects of Security other than Privacy :  Authentication  Non-Repudiation Integrity When we send a document electronically, we can sign it in two ways: Signing an Entire Document  Signing a Digest
  • 7.
    Encryption  Process ofTransforming information to make it unreadable from an outsider.  Keys can be of two types: • Private key : Known only to user • Public Key : Known to all. Information Unreadable form Key Document Ciphertext
  • 8.
    Encryption Caesar Cipher The shiftis linear and equidistributed 3changes I agree lcdjuhh Key Cipher The shift is linear (cyclic) 269 k.n.gupta 62 mewam3rzjba i+3=l Space=c [+3] k+2=m (dot)=e [+6] n=w [+9] Char 1 2 3 4 5 6 7 8 9 a b c d e f g h i j b c d e f g h i j k c d e f g h i j k l d e f g h i j k l m e f g h i j k l m n f g h i j k l m n o g h i j k l m n o p h i j k l m n o p q i j k l m n o p q r j k l m n o p q r s k l m n o p q r s t l m n o p q r s t u m n o p q r s t u v n o p q r s t u v w o p q r s t u v w x p q r s t u v w x y q r s t u v w x y z r s t u v w x y z 0 s t u v w x y z 0 1 t u v w x y z 0 1 2 u v w x y z 0 1 2 3 v w x y z 0 1 2 3 4 w x y z 0 1 2 3 4 5 x y z 0 1 2 3 4 5 6 y z 0 1 2 3 4 5 6 7 z 0 1 2 3 4 5 6 7 8 0 1 2 3 4 5 6 7 8 9 1 2 3 4 5 6 7 8 9 . 2 3 4 5 6 7 8 9 . 3 4 5 6 7 8 9 . a 4 5 6 7 8 9 . a b 5 6 7 8 9 . a b c 6 7 8 9 . a b c d 7 8 9 . a b c d e 8 9 . a b c d e f 9 . a b c d e f g . (Dot) a b c d e f g h Space a b c d e f g h i
  • 9.
    ENCRYPTION Message 2 The Internetknows no geographical boundaries. It has redefined time and space. Advances in computer and telecommunication technologies have led to the explosive growth of the Internet. This in turn is affecting the methods of communication, work, study, education, interaction, leisure, health, governance, trade and commerce. Encrypted Message 2 a520eecb61a770f947ca856cd675463f1c95a9a2b8 d4e6a71f80830c87f5715f5f59334978dd7e97da07 07b48a1138d77ced56feba2b467c398683c7dbeb8 6b854f120606a7ae1ed934f5703672adab0d7be66 dccde1a763c736cb9001d0731d541106f50bb7e54 240c40ba780b7a553bea570b99c9ab3df13d75f8cc fdddeaaf3a749fd1411 Message 1 Central to the growth of e-commerce and e- governance is the issue of trust in electronic environment. Encrypted Message 1 9a46894335be49f0b9cab28d755aaa9cd98571b 275bbb0adb405e6931e856ca3e5e569edd13528 5482 DECRYPTION Encrypted Message 1 9a46894335be49f0b9cab28d755aaa9cd98571b275b bb0adb405e6931e856ca3e5e569edd135285482 Message 1 Central to the growth of e-commerce and e-governance is the issue of trust in electronic environment. Encrypted Message 2 a520eecb61a770f947ca856cd675463f1c95a9a2b8d4e6a 71f80830c87f5715f5f59334978dd7e97da0707b48a1138 d77ced56feba2b467c398683c7dbeb86b854f120606a7ae 1ed934f5703672adab0d7be66dccde1a763c736cb9001d 0731d541106f50bb7e54240c40ba780b7a553bea570b9 9c9ab3df13d75f8ccfdddeaaf3a749fd1411 Message 2 The Internet knows no geographical boundaries. It has redefined time and space. Advances in computer and telecommunication technologies have led to the explosive growth of the Internet. This in turn is affecting the methods of communication, work, study, education, interaction, leisure, health, governance, trade and commerce. Same Key SYMMETRIC Different Keys [Keys of a pair – Public and Private] ASYMMETRIC [PKI]
  • 11.
    • Digital Signaturesare numbers • Same Length – 40 digits • They are document content dependent I agree efcc61c1c03db8d8ea8569545c073c814a0ed755 My place of birth is at Gwalior. fe1188eecd44ee23e13c4b6655edc8cd5cdb6f25 I am 62 years old. 0e6d7d56c4520756f59235b6ae981cdb5f9820a0 I am an Engineer. ea0ae29b3b2c20fc018aaca45c3746a057b893e7 I am a Engineer. 01f1d8abd9c2e6130870842055d97d315dff1ea3 • These are digital signatures of same person on different documents Digital Signatures
  • 12.
    Concepts • A 1024bits number is a very big number much bigger than the total number of electrons in whole world. • Trillions of Trillions of pairs of numbers exist in this range with each pair having following property – A message encrypted with one element of the pair can be decrypted ONLY by the other element of the same pair • Two numbers of a pair are called keys, the Public Key & the Private Key. User himself generates his own key pair on his computer • Any message irrespective of its length can be compressed or abridged uniquely into a smaller length message called the Digest or the Hash. • Smallest change in the message will change the Hash value
  • 13.
    Signed Messages Message + Signature Hash Decrypt Signature With Sender’s PublicKey SIGN hash With Sender’s Private key Message + signature COMPARE Calculated HashMessage Sender Receiver Hash Sent thru’ Internet if OK Signatures verified
  • 14.
    Paper signatures v/sDigital Signatures Parameter Paper Electronic Authenticity May be forged Can not be copied Integrity Signature independent of the document Signature depends on the contents of the document Non- repudiation a. Handwriting expert needed b. Error prone a. Any computer user b. Error free V/s
  • 15.
    Demonstration… • Key Generation: –Random Numbers – RSA Key Pair [Private/Public Key] • Digital Signature – Encrypting Digest using Private Key [Signatures] – Attaching the Signatures to the message. • Verification of Signatures: – Run the test for Authentication, Integrity and Non repudiation. • Digital Signature Certificate: – ITU X.509 v3
  • 16.
    Private key protection The Private key generated is to be protected and kept secret. The responsibility of the secrecy of the key lies with the owner.  The key is secured using ◦ PIN Protected soft token ◦ Smart Cards ◦ Hardware Tokens
  • 17.
    PIN protected softtokens  The Private key is encrypted and kept on the Hard Disk in a file, this file is password protected.  This forms the lowest level of security in protecting the key, as ◦ The key is highly reachable. ◦ PIN can be easily known or cracked.  Soft tokens are also not preferred because ◦ The key becomes static and machine dependent. ◦ The key is in known file format.
  • 18.
    Smart Cards • ThePrivate key is generated in the crypto module residing in the smart card. • The key is kept in the memory of the smart card. • The key is highly secured as it doesn’t leave the card, the message digest is sent inside the card for signing, and the signatures leave the card. • The card gives mobility to the key and signing can be done on any system. (Having smart card reader)
  • 19.
    Hardware Tokens  Theyare similar to smart cards in functionality as ◦ Key is generated inside the token. ◦ Key is highly secured as it doesn’t leave the token. ◦ Highly portable. ◦ Machine Independent.  iKEY is one of the most commonly used token as it doesn’t need a special reader and can be connected to the system using USB port.
  • 20.
    Smart Card iKey Hardware Tokens Biometrics– adds another level of security to these tokens