Embed Size (px)
Citation preview
By: Priyanka Mehta
(Assist. Prof. – CS/IT dept)
A signature is a proof to the recipient that the documentcomes from the correct entity. In other words, a signature on adocument, when verified, is a sign of authentication – thedocument is authentic.
When Alice sends a message to Bob, Bob needs to check theauthenticity of the sender and wants to be sure that themessage comes from Alice and not Eve.
Bob can ask Alice to sign the message electronically. In otherwords, an electronic signature can prove the authenticity ofAlice as the sender of the message. This type of signature isreferred as a digital signature.
Inclusion: A conventional document is included inthe document. When we write the check, thesignature is on the check, it is not a separatedocument.
But when we sign a document digitally, we send thesignature as a separate document. Hence, the sendersends two documents: the message and the signature.The recipient receives both the document and verifiesthat the signature belongs to the supposed sender. Ifthis is proven, the message is kept, otherwise it isrejected.
Verification method: For a conventional signature,when the recipient receives a document, shecompares the signature on the document with thesignature on file. If they are same the document isauthentic. The recipient needs to have a copy of thissignature on file for comparison.
For digital signature, the recipient receives themessage and the signature. A copy of the signature isnot stored anywhere. The recipient needs to apply averification technique to the combination of themessage and the signature to verify the authenticity.
Relationship: For a conventional signature, there isnormally a one-to-many relationship between asignature and documents. A person uses the samesignature to sign many documents.
For a digital signature, there is one-to-onerelationship between a signature and a message. Eachmessage has its own signature.
Duplicity: In conventional signature, a copy of thesigned document can be distinguished from theoriginal one on file. In digital signature, there is nosuch distinction unless there is a factor of time (suchas timestamp) on the document.
The sender uses a signing algorithm to sign themessage. The message and the signature are sent tothe receiver. The receiver receives the message andthe signature and applies the verifying algorithm tothe combination. If the result is true, the message isaccepted, otherwise it is rejected.
In a digital signature, the signer uses her private key,applied to a signing algorithm, to sign the document.The verifier, on the other hand, uses the public key ofthe signer, applied to the verifying algorithm, toverify the document. We can add the private andpublic keys to give a more complete concept of digitalsignature.
It is important to note that when a document is signed, anyone, includingBob, can verify it because everyone has access to Alice’s public key. Alicemust not use her public key to sign the document because then anyonecould forge her signature.
We should make a clear distinction between the private and public keys asused in digital signatures and public and private keys as used in acryptosystem for confidentiality.
In the cryptosystem, the private and the public keys of the receiver areused. The sender uses the public key of the receiver to encrypt and thereceiver uses his own private key to decrypt.
In a digital signature, the private and public keys of the sender are used.The sender uses her private key and the receiver uses the sender’s public
key.
The asymmetric-key cryptosystems are very inefficient whendealing with long messages. In a digital signature system, themessages are normally long, but we have to use asymmetric-key schemes. The solution is to sign a digest of the message,which is much shorter than the message. The sender can thensign the message digest and the receiver can verify themessage digest. The effect is the same.
The RSA idea can also be used for signing andverifying a message, and hence called RSA digitalsignature scheme. This scheme changes the roles ofthe private and the public keys.
First, the private keys of the sender, not the receiver,are used.
Second, the sender uses her own private key to signthe document and the receiver uses the sender’spublic key to verify it.
Key generation: Key generation in the RSAdigital signature scheme is exactly the same askey generation in the RSA cryptosystem. Here,Alice chooses two primes p and q andcalculates n = p × q. Alice then calculates φ(n)= (p-1)(q-1). She then chooses e, the publicexponent, and calculates d, the privateexponent such that e × d = 1 mod φ(n). Alicekeeps d, and publicly announces n and e
Signing: Alice creates a signature out of the messageusing her private exponent, S = Md mod n and sendsthe message and signature to Bob.
Verifying: Bob receives M and S. Bob applies Alice’spublic exponent to the signature to create a copy of themessage M’ = Se mod n. Bob compares the value of M’with the value of M. If the two values are congruent,Bob accepts the message. To prove this, we start withthe verification criteria:
M’ ≡ M(mod n) → Se ≡ M(mod n) → Md × e ≡ M(modn)
The last congruent holds because d × e = 1 mod φ(n)
