DIGITAL SIGNATURESBy Umair Sadiq

WHAT IS A DIGITAL SIGNATURE? A signature to validate any electronic data.

Its not modified It belongs to signatory Signatory cannot repudiate

PICTORIAL OVERVIEW

VARIOUS ALGORITHMS RSA DSA (US Federal Govt Standard) Elliptic Curve DSA ElGamal (based on computing discrete

logarithm), Pointcheval-Stern (a variant of ElGamal) Note: Unlocking the key requires solution to a

mathematically hard problem like factoring the product of large primes or computing discrete logarithms

A SIMPLIFIED SCENARIO

nmsgcode e mod

msg

nmsg

ncodede

d

)(mod

mod

Encryption, (e,n)

Decryption, (d,n) msg

)(ned

POTENTIAL THREATS AND SOLUTIONS Man-in-the-middle-attack

a person intercepts and modifies messages in both direction and uses its own generated set of keys

digital certificates are used to authenticate keys

Timing attacks with the knowledge of hardware and decipher

time becomes possible to deduce the key it is rectified by combining decryption with a

random computation

CONCLUSION Where digital signature provide a safe way to

authenticate electronic piece of information, it is important to use an algorithm that has been put to rigorous testing and has proven its validity over a period of time.

REFERENCES http://csrc.nist.gov/publications/fips/fips186-

2/fips186-2-change1.pdf http://www.abanet.org/scitech/ec/isc/dsg-

tutorial.html http://gdp.globus.org/gt4-tutorial/

multiplehtml/ch09s03.html