Processing Digital Signature(Application of Image Processing)

7/29/2019 Processing Digital Signature(Application of Image Processing)

1/7

DIGITAL SIGNATURE--application of image processing

K SANTOSH N NAGA REVANTHCSE III YEAR CSE III YEARNIZAM INSTITUTE OF ENGG & TECH NIZAM INSTITUTE OF ENGG & TECHEmail:[email protected] Email:[email protected] No:9912524238 Contact No: 9949576202

ABSTRACTIn todays computer-centric world, it is

quite difficult to access through any

confidential stuff for either the govt. orany common man without any

hesitation. But can the work be stopped

in the terror of the information beingunderstood by unauthorised and

unintended? Immediate answer we hear

is a big NO. Then, is there any way to

continue our work without having any

disturbances in between? YES, therearises the concept of cryptography,

which is the science of informationsecurity. The four main objectives of

cryptography are security, privacy,

confidential and authenticity. There aremany ways of applying cryptography

and one of the many is Digital

signature which is also known asadvanced electronic signature. The

person who is signing a document can

see his signature is an ordinarysignature whereas his signature isinvisible is digital signature. This is a

basic difference between an ordinary

signature and a digital signature. Thispaper presents you an overview of the

digital signature concept.

1.INTRODUCTION

Cryptography, to most people, is

concerned with keeping communicationsprivate. The underlying principle of

cryptography in any form is the

transformation of data (plaintext) intosome indecipherable form (ciphertext) -

Encryption - and the correspondingtransformation back into understandable

form - decryption. Cryptography is usedto achieve number of processes useful in

the electronic world. Authentication

provides the means of ensuring theidentity of a user; a digital timestamp

bound to information can establish when

it was created; the digital signature itselfcan be used to prove who sent a

document, and prevent the originator

repudiating ownership. Digitalsignatures are often used to implementelectronic signatures, a broader term that

refers to any electronic data that carries

the intent of a signature], but not allelectronic signatures use digital

signatures. In some countries, including


2/7

the United States, and in the European

Union, electronic signatures have legal

significance.

2.DIGITAL SIGNATURE-DEFINITION

A digital signature or digital

signature scheme is a type of asymmetriccryptography used to simulate the

security properties of a signature in

digital, rather than written, form. Digital

signature schemes normally give twoalgorithms, one for signing which

involves the user's secret or private key,

and one for verifying signatures which

involves the user's public key. Theoutput of the signature process is called

the "digital signature."

Digital signatures, like written

signatures, are used to provideauthentication of the associated input,

usually called a "message." Messages

may be anything, from electronic mail to

a contract, or even a message sent in amore complicated cryptographic

protocol. Digital signatures are used to

create public key infrastructure (PKI)schemes in which a user's public key is

tied to a user by a digital identity

certificate issued by a certificateauthority. PKI schemes attempt to

unbreakably bind user information

(name, address, phone number, etc.) to a

public key, so that public keys can beused as a form of identification.

Simple digital signature

3.WHY DIGITAL SIGNATURE?

Below are some common reasons for

applying a digital signature to

communications:

3-1.Authentication

Although messages may often include

information about the entity sending a

message, that information may not be

accurate. Digital signatures can be usedto authenticate the source of messages.

When ownership of a digital signature

secret key is bound to a specific user, a

valid signature shows that the messagewas sent by that user. The importance of

high confidence in sender authenticity isespecially obvious in a financial context.

3-2.Integrity

In many scenarios, the sender and

receiver of a message may have a need

for confidence that the message has notbeen altered during transmission.

Although encryption hides the contents

of a message, it may be possible tochange an encrypted message without

understanding it. However, if a message

is digitally signed, any change in themessage will invalidate the signature.

Furthermore, there is no efficient way to

modify a message and its signature to

produce a new message with a validsignature, because this is still considered

to be computationally infeasible by most

cryptographic hashfunctions.

4.HOW DIGITAL SIGNATURE

WORKS?

Using Bob and Alice, we can illustrate

how standard electronic signatures are

applied and verified.

2

Public keyEncryptionalgorithm

Money

MoneyK-M (m)


3/7

Step 1: Getting a Private and Public Key

In order to electronically sign documents

with standard electronic signatures, Bobneeds to obtain a Private and Public Key

a one-time setup/operation. The

Private Key, as the name implies, is notshared and is used only by the signer to

sign documents. The Public Key is

openly available and used by those thatneed to validate the signers electronic

signature.

Step 2: Signing an Electronic Document

From Bobs perspective, the signingoperation can be as simple as a click of a

button. But several things are happening

with that one click:

1. Initiate the signing process -

Depending on the software used, Bobneeds to initiate the signing process

(e.g. clicking a Sign button on the

softwares toolbar).

2. Create an electronic signature - Aunique digital fingerprint of the

document (sometimes called Message

Digest or Document Hash) is createdusing a mathematical algorithm (such

as SHA-1). Even the slightest

difference between two documentswould create a different digital

fingerprint of the document.

3. Append the signature to the document The hash result and the users

digital certificate (which includes his

Public Key) are combined into anelectronic signature (by using the

users Private Key to encrypt the

document hash). The resulting

signature is unique to both the

document and the user. Finally, theelectronic signature is appended to the

document.

Step 3: Validating the Electronic

SignatureBob sends the signed document to Alice.

Alice uses Bobs public key (which is

included in the signature within theDigital Certificate) to authenticate Bobs

signature and to ensure that no changes

were made to the signed document after

it was signed. Alice:1. Initiates the validation process -

Depending on the software used,Alice needs to initiate the signing

process (e.g. clicking a Validate

Signature menu option button on the

softwares toolbar).

2. Decrypts Bobs signature using his

Public Key and gets the original

document (the document fingerprint).

3. Compares Bobs document

fingerprint with her calculated one Alices software then calculated the

document hash of the receiveddocuments and compared it with the

original document hash (from the

previous step). If they are the same,the signed document has not been

altered.

3


4/7

There is another factor still missing fromthis description. How can Alice knowwhether Bob is indeed the same person

she intends to conduct business with, or

even that it is really Bob? Bob needs tobe certified by a trusted third party that

knows him and can verify that he is

indeed who he claims to be. Thesetrusted third parties are called Certificate

Authorities (CA). They issue certificates

to ensure the authenticity of the signer.

Certificates can be compared topassports issued by countries to their

citizens for world travel. When a traveler

arrives at a foreign country, there is nopractical way to authenticate the

travelers identity. Instead, the

immigration policy is to trust thepassport issuer (in PKI terminology: the

CA) and use the passport to authenticate

its holder in the same way that Alice

uses the CAs certificate for

authenticating Bobs identity.

5.DIGITAL SIGNATURE

ALGORITHM

A digital signature scheme typically

consists of three algorithms:A key generation algorithm G that

randomly produces a "key pair" (PK,

SK) for the signer. PK is the verifying

key, which is to be public, and SK is the

signing key, to be kept private.A signing algorithm S, that on input of a

message m and a signing key SK,

produces a signature .A signature verifying algorithm V, that

on input a message m, a verifying key

PK, and a signature , either accepts orrejects.

Two main properties are required. First,

signatures computed honestly should

always verify. That is, V should accept(m,PK, S(m, SK)) where SK is the

secret key related to PK, for any

message m. Secondly, it should be hard

for any adversary, knowing only PK, tocreate valid signature(s).

Some other digital signature algorithms

Full Domain Hash, RSA-PSS etc., basedon RSA, DSA, ECDSA, Undeniable

signature Rabin signature algorithm

Point cheval-Stern signature algorithm

6. DRAWBACKS OF DIGITAL

SIGNATURE:

6-1. Association of digital signatures

and trusted time stamping.

Digital signature algorithms and

protocols do not inherently provide

certainty about the date and time at

which the underlying document wassigned. The signer might, or might not,

have included a time stamp with the

signature, or the document itself mighthave a date mentioned on it, but a later

reader cannot be certain the signer did

not, for instance, backdate the date ortime of the signature. Such misuse can

be made impracticable by using trusted

time stamping in addition to digital

signatures.

4


5/7

6-2.Non-repudiation

In a cryptographic context, the wordrepudiation refers to any act of

disclaiming responsibility for a message.

A message's recipient may insist thesender attach a signature in order to

make later repudiation more difficult,

since the recipient can show the signed

message to a third party to reinforce aclaim as to its signatories and integrity.

However, loss of control over a user's

private key will mean that all digital

signatures using that key, and soostensibly 'from' that user, are suspect. It

is aggravated by the fact there is notrusted time stamp, so new documents

key cannot be separated from old ones,

further complicating signature keyinvalidation. Certificate Authorities.

Usually maintain a public repository of

public-key so the association user-key is

certified and signatures cannot berepudiated.

7. ADDITIONAL SECURITY

PRECAUTIONS

7-1.Putting the private key on a smart

card

All public key / private key

cryptosystems depend entirely onkeeping the private key secret. A private

key can be stored on a user's computer,

and protected by, for instance, a localpassword, but this has two

disadvantages:

the user can only sign documents on thatparticular computer and

the security of the private key

completely depends on the security of

the computer, which is notoriously

unreliable for many PCs and operating

systems.

A credit card with smart cardcapabilities. The 3 by 5 mm chipembedded in the card is shownenlarged in the insert. Smart cards

attempt to combine portability with thepower to compute moderncryptographic algorithms.

A more secure alternative is to store the

private key on a smart card. If the smartcard is stolen, the thief will still need the

PIN code to generate a digital signature.

This reduces the security of the schemeto that of the PIN system, but is

nevertheless more secure than are many

PCs.

7-2.Using smart card readers with a

separate keyboard

Entering a PIN code to activate the smartcard, commonly requires a numeric

keypad. Some card readers have their

own numeric keypad. This is safer thanusing a card reader integrated into a PC,

and then entering the PIN using that

computer's keyboard. The computermight be running a keystroke logger (by

its owner/operators intention orotherwise -- due to a virus, for instance)

so that the PIN code becomescompromised.

8.THE CURRENT STATE OF USE-

LEGAL & PRACTICAL

5


6/7

Digital signature schemes all have

several prior requirements without which

no such signature can mean anything,whatever the cryptographic theory or

legal provision.

First, quality algorithms. Some public-key algorithms are known to be insecure,

practicable attacks against them having

been discovered.Second, quality implementations. An

implementation of a good algorithm (or

protocol) with mistake(s) will not work.

Third, the private key must remainactually secret; if it becomes known to

any other party, that party can produce

perfect digital signatures of anything

whatsoever.Fourth, distribution of public keys must

be done in such a way that the publickey claimed to belong to, say, Bob

actually belongs to Bob, and vice versa.

This is commonly done using a publickey infrastructure and the public key

user association is attested by the

operator of the PKI (called a certificate

authority). For 'open' PKIs in whichanyone can request such an attestation

(universally embodied in a

cryptographically protected identitycertificate), the possibility of mistaken

attestation is non trivial. Commercial

PKI operators have suffered severalpublicly known problems. Such mistakes

could lead to falsely signed, and thus

wrongly attributed, documents. 'Closed'

PKI systems are more expensive, butless easily subverted in this way.

Fifth, users (and their software) must

carry out the signature protocol properly.

9. CERTIFICATION AUTHORITIES

For public key systems to work, there

need to be trusted mechanisms that

associate a public key with the

individual to which it has been assigned.

This requires the creation of

Certification Authorities that certify

public keys as belonging to certainindividuals. Certification authorities sign

public key certificates with their own

private key, so that key has to be trusted.This leads to the concept of certificate

hierarchies.It is an example of a trusted

third party.Only if all of these conditions

are met will a digital signature actually

be any evidence of who sent the

message, and therefore of their assent toits contents. Legal enactment cannot

change this reality of the existing

engineering possibilities, though some

such have not reflected this actuality.

10. CONCLUSION

So digital signature thus helps

cryptography to prove itself.

Cryptography and digital signature forma useful pair. We have seen that digital

signatures utilising the public key

cryptography system have every

potential to achieve the same level oflegal recognition as handwritten

signatures. However, the main obstacle

at present is in the functional element ofnon-repudiation. Assistance is required

from the law to help it attain the

functional element of non-repudiation.Once non-repudiation has been

achieved, then and only then, can

electronic commerce be expected to be

successfully taken up. Let us use thistechnology for constructive purposes

rather than destructive purposes.

11. REFERENCES

[1] The History of Lotus Notes, accessedApril 27, 2007.

[2] Modern Cryptography: Theory &

Practice", Wenbo Mao, Prentice Hall

Professional.

6


7/7

[3] Yozons digital signature reference.

7

Documents

Processing Digital Signature(Application of Image Processing)