7/29/2019 Processing Digital Signature(Application of Image Processing)
1/7
DIGITAL SIGNATURE--application of image processing
K SANTOSH N NAGA REVANTHCSE III YEAR CSE III YEARNIZAM INSTITUTE OF ENGG & TECH NIZAM INSTITUTE OF ENGG & TECHEmail:[email protected] Email:[email protected] No:9912524238 Contact No: 9949576202
ABSTRACTIn todays computer-centric world, it is
quite difficult to access through any
confidential stuff for either the govt. orany common man without any
hesitation. But can the work be stopped
in the terror of the information beingunderstood by unauthorised and
unintended? Immediate answer we hear
is a big NO. Then, is there any way to
continue our work without having any
disturbances in between? YES, therearises the concept of cryptography,
which is the science of informationsecurity. The four main objectives of
cryptography are security, privacy,
confidential and authenticity. There aremany ways of applying cryptography
and one of the many is Digital
signature which is also known asadvanced electronic signature. The
person who is signing a document can
see his signature is an ordinarysignature whereas his signature isinvisible is digital signature. This is a
basic difference between an ordinary
signature and a digital signature. Thispaper presents you an overview of the
digital signature concept.
1.INTRODUCTION
Cryptography, to most people, is
concerned with keeping communicationsprivate. The underlying principle of
cryptography in any form is the
transformation of data (plaintext) intosome indecipherable form (ciphertext) -
Encryption - and the correspondingtransformation back into understandable
form - decryption. Cryptography is usedto achieve number of processes useful in
the electronic world. Authentication
provides the means of ensuring theidentity of a user; a digital timestamp
bound to information can establish when
it was created; the digital signature itselfcan be used to prove who sent a
document, and prevent the originator
repudiating ownership. Digitalsignatures are often used to implementelectronic signatures, a broader term that
refers to any electronic data that carries
the intent of a signature], but not allelectronic signatures use digital
signatures. In some countries, including
7/29/2019 Processing Digital Signature(Application of Image Processing)
2/7
the United States, and in the European
Union, electronic signatures have legal
significance.
2.DIGITAL SIGNATURE-DEFINITION
A digital signature or digital
signature scheme is a type of asymmetriccryptography used to simulate the
security properties of a signature in
digital, rather than written, form. Digital
signature schemes normally give twoalgorithms, one for signing which
involves the user's secret or private key,
and one for verifying signatures which
involves the user's public key. Theoutput of the signature process is called
the "digital signature."
Digital signatures, like written
signatures, are used to provideauthentication of the associated input,
usually called a "message." Messages
may be anything, from electronic mail to
a contract, or even a message sent in amore complicated cryptographic
protocol. Digital signatures are used to
create public key infrastructure (PKI)schemes in which a user's public key is
tied to a user by a digital identity
certificate issued by a certificateauthority. PKI schemes attempt to
unbreakably bind user information
(name, address, phone number, etc.) to a
public key, so that public keys can beused as a form of identification.
Simple digital signature
3.WHY DIGITAL SIGNATURE?
Below are some common reasons for
applying a digital signature to
communications:
3-1.Authentication
Although messages may often include
information about the entity sending a
message, that information may not be
accurate. Digital signatures can be usedto authenticate the source of messages.
When ownership of a digital signature
secret key is bound to a specific user, a
valid signature shows that the messagewas sent by that user. The importance of
high confidence in sender authenticity isespecially obvious in a financial context.
3-2.Integrity
In many scenarios, the sender and
receiver of a message may have a need
for confidence that the message has notbeen altered during transmission.
Although encryption hides the contents
of a message, it may be possible tochange an encrypted message without
understanding it. However, if a message
is digitally signed, any change in themessage will invalidate the signature.
Furthermore, there is no efficient way to
modify a message and its signature to
produce a new message with a validsignature, because this is still considered
to be computationally infeasible by most
cryptographic hashfunctions.
4.HOW DIGITAL SIGNATURE
WORKS?
Using Bob and Alice, we can illustrate
how standard electronic signatures are
applied and verified.
2
Public keyEncryptionalgorithm
Money
MoneyK-M (m)
7/29/2019 Processing Digital Signature(Application of Image Processing)
3/7
Step 1: Getting a Private and Public Key
In order to electronically sign documents
with standard electronic signatures, Bobneeds to obtain a Private and Public Key
a one-time setup/operation. The
Private Key, as the name implies, is notshared and is used only by the signer to
sign documents. The Public Key is
openly available and used by those thatneed to validate the signers electronic
signature.
Step 2: Signing an Electronic Document
From Bobs perspective, the signingoperation can be as simple as a click of a
button. But several things are happening
with that one click:
1. Initiate the signing process -
Depending on the software used, Bobneeds to initiate the signing process
(e.g. clicking a Sign button on the
softwares toolbar).
2. Create an electronic signature - Aunique digital fingerprint of the
document (sometimes called Message
Digest or Document Hash) is createdusing a mathematical algorithm (such
as SHA-1). Even the slightest
difference between two documentswould create a different digital
fingerprint of the document.
3. Append the signature to the document The hash result and the users
digital certificate (which includes his
Public Key) are combined into anelectronic signature (by using the
users Private Key to encrypt the
document hash). The resulting
signature is unique to both the
document and the user. Finally, theelectronic signature is appended to the
document.
Step 3: Validating the Electronic
SignatureBob sends the signed document to Alice.
Alice uses Bobs public key (which is
included in the signature within theDigital Certificate) to authenticate Bobs
signature and to ensure that no changes
were made to the signed document after
it was signed. Alice:1. Initiates the validation process -
Depending on the software used,Alice needs to initiate the signing
process (e.g. clicking a Validate
Signature menu option button on the
softwares toolbar).
2. Decrypts Bobs signature using his
Public Key and gets the original
document (the document fingerprint).
3. Compares Bobs document
fingerprint with her calculated one Alices software then calculated the
document hash of the receiveddocuments and compared it with the
original document hash (from the
previous step). If they are the same,the signed document has not been
altered.
3
7/29/2019 Processing Digital Signature(Application of Image Processing)
4/7
There is another factor still missing fromthis description. How can Alice knowwhether Bob is indeed the same person
she intends to conduct business with, or
even that it is really Bob? Bob needs tobe certified by a trusted third party that
knows him and can verify that he is
indeed who he claims to be. Thesetrusted third parties are called Certificate
Authorities (CA). They issue certificates
to ensure the authenticity of the signer.
Certificates can be compared topassports issued by countries to their
citizens for world travel. When a traveler
arrives at a foreign country, there is nopractical way to authenticate the
travelers identity. Instead, the
immigration policy is to trust thepassport issuer (in PKI terminology: the
CA) and use the passport to authenticate
its holder in the same way that Alice
uses the CAs certificate for
authenticating Bobs identity.
5.DIGITAL SIGNATURE
ALGORITHM
A digital signature scheme typically
consists of three algorithms:A key generation algorithm G that
randomly produces a "key pair" (PK,
SK) for the signer. PK is the verifying
key, which is to be public, and SK is the
signing key, to be kept private.A signing algorithm S, that on input of a
message m and a signing key SK,
produces a signature .A signature verifying algorithm V, that
on input a message m, a verifying key
PK, and a signature , either accepts orrejects.
Two main properties are required. First,
signatures computed honestly should
always verify. That is, V should accept(m,PK, S(m, SK)) where SK is the
secret key related to PK, for any
message m. Secondly, it should be hard
for any adversary, knowing only PK, tocreate valid signature(s).
Some other digital signature algorithms
Full Domain Hash, RSA-PSS etc., basedon RSA, DSA, ECDSA, Undeniable
signature Rabin signature algorithm
Point cheval-Stern signature algorithm
6. DRAWBACKS OF DIGITAL
SIGNATURE:
6-1. Association of digital signatures
and trusted time stamping.
Digital signature algorithms and
protocols do not inherently provide
certainty about the date and time at
which the underlying document wassigned. The signer might, or might not,
have included a time stamp with the
signature, or the document itself mighthave a date mentioned on it, but a later
reader cannot be certain the signer did
not, for instance, backdate the date ortime of the signature. Such misuse can
be made impracticable by using trusted
time stamping in addition to digital
signatures.
4
7/29/2019 Processing Digital Signature(Application of Image Processing)
5/7
6-2.Non-repudiation
In a cryptographic context, the wordrepudiation refers to any act of
disclaiming responsibility for a message.
A message's recipient may insist thesender attach a signature in order to
make later repudiation more difficult,
since the recipient can show the signed
message to a third party to reinforce aclaim as to its signatories and integrity.
However, loss of control over a user's
private key will mean that all digital
signatures using that key, and soostensibly 'from' that user, are suspect. It
is aggravated by the fact there is notrusted time stamp, so new documents
key cannot be separated from old ones,
further complicating signature keyinvalidation. Certificate Authorities.
Usually maintain a public repository of
public-key so the association user-key is
certified and signatures cannot berepudiated.
7. ADDITIONAL SECURITY
PRECAUTIONS
7-1.Putting the private key on a smart
card
All public key / private key
cryptosystems depend entirely onkeeping the private key secret. A private
key can be stored on a user's computer,
and protected by, for instance, a localpassword, but this has two
disadvantages:
the user can only sign documents on thatparticular computer and
the security of the private key
completely depends on the security of
the computer, which is notoriously
unreliable for many PCs and operating
systems.
A credit card with smart cardcapabilities. The 3 by 5 mm chipembedded in the card is shownenlarged in the insert. Smart cards
attempt to combine portability with thepower to compute moderncryptographic algorithms.
A more secure alternative is to store the
private key on a smart card. If the smartcard is stolen, the thief will still need the
PIN code to generate a digital signature.
This reduces the security of the schemeto that of the PIN system, but is
nevertheless more secure than are many
PCs.
7-2.Using smart card readers with a
separate keyboard
Entering a PIN code to activate the smartcard, commonly requires a numeric
keypad. Some card readers have their
own numeric keypad. This is safer thanusing a card reader integrated into a PC,
and then entering the PIN using that
computer's keyboard. The computermight be running a keystroke logger (by
its owner/operators intention orotherwise -- due to a virus, for instance)
so that the PIN code becomescompromised.
8.THE CURRENT STATE OF USE-
LEGAL & PRACTICAL
5
7/29/2019 Processing Digital Signature(Application of Image Processing)
6/7
Digital signature schemes all have
several prior requirements without which
no such signature can mean anything,whatever the cryptographic theory or
legal provision.
First, quality algorithms. Some public-key algorithms are known to be insecure,
practicable attacks against them having
been discovered.Second, quality implementations. An
implementation of a good algorithm (or
protocol) with mistake(s) will not work.
Third, the private key must remainactually secret; if it becomes known to
any other party, that party can produce
perfect digital signatures of anything
whatsoever.Fourth, distribution of public keys must
be done in such a way that the publickey claimed to belong to, say, Bob
actually belongs to Bob, and vice versa.
This is commonly done using a publickey infrastructure and the public key
user association is attested by the
operator of the PKI (called a certificate
authority). For 'open' PKIs in whichanyone can request such an attestation
(universally embodied in a
cryptographically protected identitycertificate), the possibility of mistaken
attestation is non trivial. Commercial
PKI operators have suffered severalpublicly known problems. Such mistakes
could lead to falsely signed, and thus
wrongly attributed, documents. 'Closed'
PKI systems are more expensive, butless easily subverted in this way.
Fifth, users (and their software) must
carry out the signature protocol properly.
9. CERTIFICATION AUTHORITIES
For public key systems to work, there
need to be trusted mechanisms that
associate a public key with the
individual to which it has been assigned.
This requires the creation of
Certification Authorities that certify
public keys as belonging to certainindividuals. Certification authorities sign
public key certificates with their own
private key, so that key has to be trusted.This leads to the concept of certificate
hierarchies.It is an example of a trusted
third party.Only if all of these conditions
are met will a digital signature actually
be any evidence of who sent the
message, and therefore of their assent toits contents. Legal enactment cannot
change this reality of the existing
engineering possibilities, though some
such have not reflected this actuality.
10. CONCLUSION
So digital signature thus helps
cryptography to prove itself.
Cryptography and digital signature forma useful pair. We have seen that digital
signatures utilising the public key
cryptography system have every
potential to achieve the same level oflegal recognition as handwritten
signatures. However, the main obstacle
at present is in the functional element ofnon-repudiation. Assistance is required
from the law to help it attain the
functional element of non-repudiation.Once non-repudiation has been
achieved, then and only then, can
electronic commerce be expected to be
successfully taken up. Let us use thistechnology for constructive purposes
rather than destructive purposes.
11. REFERENCES
[1] The History of Lotus Notes, accessedApril 27, 2007.
[2] Modern Cryptography: Theory &
Practice", Wenbo Mao, Prentice Hall
Professional.
6
7/29/2019 Processing Digital Signature(Application of Image Processing)
7/7
[3] Yozons digital signature reference.
7