Upload
radhika
View
212
Download
0
Tags:
Embed Size (px)
DESCRIPTION
computer application
Citation preview
Introduction to the world of Digital Signatures!Rohit Bhat 1PI08EC092 VI Sem ECE
EncryptionDigital signature overviewDigital Signature CreationHashingHow Encryption and Digital Signatures WorkDigital Signature VerificationsDifferent Digital Signature SchemesLegal aspectsAdvantages and DisadvantagesContents
Encryption Encryption is the conversion of data into a form, called a CIPHER Text.The use of encryption/decryption is as old as the art of communication. Encryption/decryption is especially important in wireless communications. Encryption/decryption is a good idea when carrying out any kind of sensitive transaction.Ex: A credit-card purchase online, or the discussion of a company secret between different departments in the organization.
Dept. of ECE
Private key encryption Private key means that each computer has a secret key (code) that it can use to encrypt a packet of information before it is sent over the network to the other computer.
Public Key encryption Public key encryption uses a combination of a private key and a public key.
The key is based on a hash value. This is a value that is computed from a base input number using a hashing algorithm. Types of Encryption
Encryption depends on modifying or scrambling messages. So a key is necessary to understand the message.If the original message is GOD IS GREAT then the encrypted version depends on the key as follows: (key = 1) HPE JT HSFBU (key = 2) IQF KU ITGCV (key = 3) JRG LV JSHDW Simple Encryption Example
What is a digital signature? Adigital signatureordigital signature schemeis a mathematical scheme for demonstrating the authenticity of a digital message or document. A digital signature can be used with any kind of message, whether it is encrypted or not, simply so that the receiver can be sure of the sender's identity and that the message arrived intact. Digital Signatures
Creation of Digital SignaturesA digital signature scheme typically consists of three algorithms:HASHING algorithm.Signature Generation AlgorithmAsignature verifyingalgorithm that, given a message, public key and a signature, either accepts or rejects the message's claim to authenticity.
HashingHashing is the transformation of a string ofcharacters into a usually shorter fixed-length value or key that represents the original string.As a simple example of the using of hashing in databases, a group of people could be arranged in a database like this: Abernathy Sara, Epperdingle Roscoe, Moore Wilfred, Smith David (and many more sorted into alphabetical order)After Hashing, each of them will be replaced by a 4 digit number (in this case)7864=> Abernathy Sara 9802=> Epperdingle Roscoe 1990=> Moore Wilfred 8822=> Smith David (and so forth).
Hashing AlgorithmThe formula for hashing depends on two inputs:the sequence of characters representing the electronic data to be signeda secret number referred to as a signature's private key associated with the signing party and which only that party has access toSome simple Hash FunctionsThe division-remainder methodFoldingRadix transformationDigit rearrangement
Encryption scrambles or modifies a message or document so it cannot be read and understood, except by the intended recipient.A key is necessary to reverse the scrambling or modification, to make the message readable.
Methods of Encryption based on Privacy are as follows: a message may be digitally signed, but not encrypted a message may be encrypted first, then digitally signed a message may be digitally signed first, then encrypted Methods of Encryption based on Privacy
Public-private digital key pair Certificate Authority. The public key certificate creates proof of the identity of the signer by using the services of a certificate authority. A certificate authority uses a variety of processes to associate the particular public key with an individual. The combination of public key and proof of identity result in a public key certificate - also called a signer's certificate. Prerequisites to create a digital signature
It is the process of checking the digital signature by the reference to the original message and a given public key. Verifying also relies on a formula. Here, the formula depends on three inputs: The sequence of characters representing the supposedly originally signed electronic data The public key of the signing party The value representing the supposedly authentic digital signature.The output of the formula is a simple answer: YES or NO.
Digital Signature Verification
Digital Signature SchemesThe following are the widely used Schemes for Digital SignaturesRSA SchemeElGamal SchemeSchnorr Scheme Digital Signature Standard (DSS)
Schnorr Digital Signature SchemeIn Schnorr Scheme security is based on the intractability of certaindiscrete logarithmproblems.It is considered the simplest digital signature scheme to be provably secure in arandom oraclemodel.The Algorithm goes this way:Choosing parametersAll users of the signature scheme agree on agroupGwith generatorgof prime orderqin which thediscrete logproblem is hard. Typically aSchnorr groupis used.All users agree on acryptographic hash functionH.Key generationSigningVerifying
Digital Signature Standard (DSS)The DSA is used by a signatory to generate a digital signature on data and by a verifier to verify the authenticity of the signature.Each signatory has a public and private key.For both signature generation and verification, the data which is referred to as a message, M, is reduced by means of the Secure Hash Algorithm (SHA)The DSA makes use of the following parameters:p = a prime modulus, where 2L-1< p < 2Lfor 512 = < L = 1 (g has order q mod p)k = a randomly or pseudorandomly generated integer with 0 < k < qThe integers p, q, and g can be public and can be common to a group of users. A user's private and public keys are x and y, respectively.
Digital Signature Standard (DSS)The signature of a message M is the pair of numbers r and s computed according to the equations below:r = (gkmod p) mod q ands = (k-1(SHA(M) + xr)) mod q.In the above, k-1is the multiplicative inverse of k, mod q; i.e. (k-1k) mod q = 1 and 0< k-1< q.The verification process goes as below:Let M', r' and s' be the received versions of M, r, and s, respectively, and let y be the public key of the signatory. The verifier first checks to see that 0 < r' < q and 0 < s' < q; if either condition is violated the signature shall be rejected.If these two conditions are satisfied, the verifier computes w = (s')-1mod q; u1 = ((SHA(M')w) mod q; u2 = ((r')w) mod q; v = (((g)ul(y)u2) mod p) mod q.If v = r', then the signature is verified else if v != r then the received message could have been modified and hence not authentic
The digital signature is that which makes a document a legal one. It is a representation of assuring that the document meats all legal and is authentic in its framework. The actual digital signature provides the following: Evidence Ceremony Approval Efficiency Legal Aspects of Digital Signatures
Advantages Authentication, identification of the person that signs.
Advantages of Digital Signatures Integrity of data, every change will be detected.
Non repudiation, because the author cannot be denied of his work (he created and sent).
Imposter preventionElimination of possibility of committing fraud by an imposter
The disadvantages of using digital signatures involve the primary avenue for any business: money. Though the use of Digital Signatures is very powerful way to secure and authenticate a message or document, its advantages are hampered by lost or theft of keys and the use of vulnerable storage facilities.A number of Digital Signature standard exist which are incompatible with each other and there is a strong need of a standard through which these different methods (keys) can interact. Disadvantages
QUERIEs?