Processing Digital Signature(Application of Image Processing)

Embed Size (px)

Citation preview

  • 7/29/2019 Processing Digital Signature(Application of Image Processing)

    1/7

    DIGITAL SIGNATURE--application of image processing

    K SANTOSH N NAGA REVANTHCSE III YEAR CSE III YEARNIZAM INSTITUTE OF ENGG & TECH NIZAM INSTITUTE OF ENGG & TECHEmail:[email protected] Email:[email protected] No:9912524238 Contact No: 9949576202

    ABSTRACTIn todays computer-centric world, it is

    quite difficult to access through any

    confidential stuff for either the govt. orany common man without any

    hesitation. But can the work be stopped

    in the terror of the information beingunderstood by unauthorised and

    unintended? Immediate answer we hear

    is a big NO. Then, is there any way to

    continue our work without having any

    disturbances in between? YES, therearises the concept of cryptography,

    which is the science of informationsecurity. The four main objectives of

    cryptography are security, privacy,

    confidential and authenticity. There aremany ways of applying cryptography

    and one of the many is Digital

    signature which is also known asadvanced electronic signature. The

    person who is signing a document can

    see his signature is an ordinarysignature whereas his signature isinvisible is digital signature. This is a

    basic difference between an ordinary

    signature and a digital signature. Thispaper presents you an overview of the

    digital signature concept.

    1.INTRODUCTION

    Cryptography, to most people, is

    concerned with keeping communicationsprivate. The underlying principle of

    cryptography in any form is the

    transformation of data (plaintext) intosome indecipherable form (ciphertext) -

    Encryption - and the correspondingtransformation back into understandable

    form - decryption. Cryptography is usedto achieve number of processes useful in

    the electronic world. Authentication

    provides the means of ensuring theidentity of a user; a digital timestamp

    bound to information can establish when

    it was created; the digital signature itselfcan be used to prove who sent a

    document, and prevent the originator

    repudiating ownership. Digitalsignatures are often used to implementelectronic signatures, a broader term that

    refers to any electronic data that carries

    the intent of a signature], but not allelectronic signatures use digital

    signatures. In some countries, including

  • 7/29/2019 Processing Digital Signature(Application of Image Processing)

    2/7

    the United States, and in the European

    Union, electronic signatures have legal

    significance.

    2.DIGITAL SIGNATURE-DEFINITION

    A digital signature or digital

    signature scheme is a type of asymmetriccryptography used to simulate the

    security properties of a signature in

    digital, rather than written, form. Digital

    signature schemes normally give twoalgorithms, one for signing which

    involves the user's secret or private key,

    and one for verifying signatures which

    involves the user's public key. Theoutput of the signature process is called

    the "digital signature."

    Digital signatures, like written

    signatures, are used to provideauthentication of the associated input,

    usually called a "message." Messages

    may be anything, from electronic mail to

    a contract, or even a message sent in amore complicated cryptographic

    protocol. Digital signatures are used to

    create public key infrastructure (PKI)schemes in which a user's public key is

    tied to a user by a digital identity

    certificate issued by a certificateauthority. PKI schemes attempt to

    unbreakably bind user information

    (name, address, phone number, etc.) to a

    public key, so that public keys can beused as a form of identification.

    Simple digital signature

    3.WHY DIGITAL SIGNATURE?

    Below are some common reasons for

    applying a digital signature to

    communications:

    3-1.Authentication

    Although messages may often include

    information about the entity sending a

    message, that information may not be

    accurate. Digital signatures can be usedto authenticate the source of messages.

    When ownership of a digital signature

    secret key is bound to a specific user, a

    valid signature shows that the messagewas sent by that user. The importance of

    high confidence in sender authenticity isespecially obvious in a financial context.

    3-2.Integrity

    In many scenarios, the sender and

    receiver of a message may have a need

    for confidence that the message has notbeen altered during transmission.

    Although encryption hides the contents

    of a message, it may be possible tochange an encrypted message without

    understanding it. However, if a message

    is digitally signed, any change in themessage will invalidate the signature.

    Furthermore, there is no efficient way to

    modify a message and its signature to

    produce a new message with a validsignature, because this is still considered

    to be computationally infeasible by most

    cryptographic hashfunctions.

    4.HOW DIGITAL SIGNATURE

    WORKS?

    Using Bob and Alice, we can illustrate

    how standard electronic signatures are

    applied and verified.

    2

    Public keyEncryptionalgorithm

    Money

    MoneyK-M (m)

  • 7/29/2019 Processing Digital Signature(Application of Image Processing)

    3/7

    Step 1: Getting a Private and Public Key

    In order to electronically sign documents

    with standard electronic signatures, Bobneeds to obtain a Private and Public Key

    a one-time setup/operation. The

    Private Key, as the name implies, is notshared and is used only by the signer to

    sign documents. The Public Key is

    openly available and used by those thatneed to validate the signers electronic

    signature.

    Step 2: Signing an Electronic Document

    From Bobs perspective, the signingoperation can be as simple as a click of a

    button. But several things are happening

    with that one click:

    1. Initiate the signing process -

    Depending on the software used, Bobneeds to initiate the signing process

    (e.g. clicking a Sign button on the

    softwares toolbar).

    2. Create an electronic signature - Aunique digital fingerprint of the

    document (sometimes called Message

    Digest or Document Hash) is createdusing a mathematical algorithm (such

    as SHA-1). Even the slightest

    difference between two documentswould create a different digital

    fingerprint of the document.

    3. Append the signature to the document The hash result and the users

    digital certificate (which includes his

    Public Key) are combined into anelectronic signature (by using the

    users Private Key to encrypt the

    document hash). The resulting

    signature is unique to both the

    document and the user. Finally, theelectronic signature is appended to the

    document.

    Step 3: Validating the Electronic

    SignatureBob sends the signed document to Alice.

    Alice uses Bobs public key (which is

    included in the signature within theDigital Certificate) to authenticate Bobs

    signature and to ensure that no changes

    were made to the signed document after

    it was signed. Alice:1. Initiates the validation process -

    Depending on the software used,Alice needs to initiate the signing

    process (e.g. clicking a Validate

    Signature menu option button on the

    softwares toolbar).

    2. Decrypts Bobs signature using his

    Public Key and gets the original

    document (the document fingerprint).

    3. Compares Bobs document

    fingerprint with her calculated one Alices software then calculated the

    document hash of the receiveddocuments and compared it with the

    original document hash (from the

    previous step). If they are the same,the signed document has not been

    altered.

    3

  • 7/29/2019 Processing Digital Signature(Application of Image Processing)

    4/7

    There is another factor still missing fromthis description. How can Alice knowwhether Bob is indeed the same person

    she intends to conduct business with, or

    even that it is really Bob? Bob needs tobe certified by a trusted third party that

    knows him and can verify that he is

    indeed who he claims to be. Thesetrusted third parties are called Certificate

    Authorities (CA). They issue certificates

    to ensure the authenticity of the signer.

    Certificates can be compared topassports issued by countries to their

    citizens for world travel. When a traveler

    arrives at a foreign country, there is nopractical way to authenticate the

    travelers identity. Instead, the

    immigration policy is to trust thepassport issuer (in PKI terminology: the

    CA) and use the passport to authenticate

    its holder in the same way that Alice

    uses the CAs certificate for

    authenticating Bobs identity.

    5.DIGITAL SIGNATURE

    ALGORITHM

    A digital signature scheme typically

    consists of three algorithms:A key generation algorithm G that

    randomly produces a "key pair" (PK,

    SK) for the signer. PK is the verifying

    key, which is to be public, and SK is the

    signing key, to be kept private.A signing algorithm S, that on input of a

    message m and a signing key SK,

    produces a signature .A signature verifying algorithm V, that

    on input a message m, a verifying key

    PK, and a signature , either accepts orrejects.

    Two main properties are required. First,

    signatures computed honestly should

    always verify. That is, V should accept(m,PK, S(m, SK)) where SK is the

    secret key related to PK, for any

    message m. Secondly, it should be hard

    for any adversary, knowing only PK, tocreate valid signature(s).

    Some other digital signature algorithms

    Full Domain Hash, RSA-PSS etc., basedon RSA, DSA, ECDSA, Undeniable

    signature Rabin signature algorithm

    Point cheval-Stern signature algorithm

    6. DRAWBACKS OF DIGITAL

    SIGNATURE:

    6-1. Association of digital signatures

    and trusted time stamping.

    Digital signature algorithms and

    protocols do not inherently provide

    certainty about the date and time at

    which the underlying document wassigned. The signer might, or might not,

    have included a time stamp with the

    signature, or the document itself mighthave a date mentioned on it, but a later

    reader cannot be certain the signer did

    not, for instance, backdate the date ortime of the signature. Such misuse can

    be made impracticable by using trusted

    time stamping in addition to digital

    signatures.

    4

  • 7/29/2019 Processing Digital Signature(Application of Image Processing)

    5/7

    6-2.Non-repudiation

    In a cryptographic context, the wordrepudiation refers to any act of

    disclaiming responsibility for a message.

    A message's recipient may insist thesender attach a signature in order to

    make later repudiation more difficult,

    since the recipient can show the signed

    message to a third party to reinforce aclaim as to its signatories and integrity.

    However, loss of control over a user's

    private key will mean that all digital

    signatures using that key, and soostensibly 'from' that user, are suspect. It

    is aggravated by the fact there is notrusted time stamp, so new documents

    key cannot be separated from old ones,

    further complicating signature keyinvalidation. Certificate Authorities.

    Usually maintain a public repository of

    public-key so the association user-key is

    certified and signatures cannot berepudiated.

    7. ADDITIONAL SECURITY

    PRECAUTIONS

    7-1.Putting the private key on a smart

    card

    All public key / private key

    cryptosystems depend entirely onkeeping the private key secret. A private

    key can be stored on a user's computer,

    and protected by, for instance, a localpassword, but this has two

    disadvantages:

    the user can only sign documents on thatparticular computer and

    the security of the private key

    completely depends on the security of

    the computer, which is notoriously

    unreliable for many PCs and operating

    systems.

    A credit card with smart cardcapabilities. The 3 by 5 mm chipembedded in the card is shownenlarged in the insert. Smart cards

    attempt to combine portability with thepower to compute moderncryptographic algorithms.

    A more secure alternative is to store the

    private key on a smart card. If the smartcard is stolen, the thief will still need the

    PIN code to generate a digital signature.

    This reduces the security of the schemeto that of the PIN system, but is

    nevertheless more secure than are many

    PCs.

    7-2.Using smart card readers with a

    separate keyboard

    Entering a PIN code to activate the smartcard, commonly requires a numeric

    keypad. Some card readers have their

    own numeric keypad. This is safer thanusing a card reader integrated into a PC,

    and then entering the PIN using that

    computer's keyboard. The computermight be running a keystroke logger (by

    its owner/operators intention orotherwise -- due to a virus, for instance)

    so that the PIN code becomescompromised.

    8.THE CURRENT STATE OF USE-

    LEGAL & PRACTICAL

    5

  • 7/29/2019 Processing Digital Signature(Application of Image Processing)

    6/7

    Digital signature schemes all have

    several prior requirements without which

    no such signature can mean anything,whatever the cryptographic theory or

    legal provision.

    First, quality algorithms. Some public-key algorithms are known to be insecure,

    practicable attacks against them having

    been discovered.Second, quality implementations. An

    implementation of a good algorithm (or

    protocol) with mistake(s) will not work.

    Third, the private key must remainactually secret; if it becomes known to

    any other party, that party can produce

    perfect digital signatures of anything

    whatsoever.Fourth, distribution of public keys must

    be done in such a way that the publickey claimed to belong to, say, Bob

    actually belongs to Bob, and vice versa.

    This is commonly done using a publickey infrastructure and the public key

    user association is attested by the

    operator of the PKI (called a certificate

    authority). For 'open' PKIs in whichanyone can request such an attestation

    (universally embodied in a

    cryptographically protected identitycertificate), the possibility of mistaken

    attestation is non trivial. Commercial

    PKI operators have suffered severalpublicly known problems. Such mistakes

    could lead to falsely signed, and thus

    wrongly attributed, documents. 'Closed'

    PKI systems are more expensive, butless easily subverted in this way.

    Fifth, users (and their software) must

    carry out the signature protocol properly.

    9. CERTIFICATION AUTHORITIES

    For public key systems to work, there

    need to be trusted mechanisms that

    associate a public key with the

    individual to which it has been assigned.

    This requires the creation of

    Certification Authorities that certify

    public keys as belonging to certainindividuals. Certification authorities sign

    public key certificates with their own

    private key, so that key has to be trusted.This leads to the concept of certificate

    hierarchies.It is an example of a trusted

    third party.Only if all of these conditions

    are met will a digital signature actually

    be any evidence of who sent the

    message, and therefore of their assent toits contents. Legal enactment cannot

    change this reality of the existing

    engineering possibilities, though some

    such have not reflected this actuality.

    10. CONCLUSION

    So digital signature thus helps

    cryptography to prove itself.

    Cryptography and digital signature forma useful pair. We have seen that digital

    signatures utilising the public key

    cryptography system have every

    potential to achieve the same level oflegal recognition as handwritten

    signatures. However, the main obstacle

    at present is in the functional element ofnon-repudiation. Assistance is required

    from the law to help it attain the

    functional element of non-repudiation.Once non-repudiation has been

    achieved, then and only then, can

    electronic commerce be expected to be

    successfully taken up. Let us use thistechnology for constructive purposes

    rather than destructive purposes.

    11. REFERENCES

    [1] The History of Lotus Notes, accessedApril 27, 2007.

    [2] Modern Cryptography: Theory &

    Practice", Wenbo Mao, Prentice Hall

    Professional.

    6

  • 7/29/2019 Processing Digital Signature(Application of Image Processing)

    7/7

    [3] Yozons digital signature reference.

    7