Upload
navneet-prakash
View
48
Download
0
Embed Size (px)
Citation preview
Submitted to:-Prof.Samta Jain
Submitted By:-Navneet PrakashPreeti YadavAakanksha Tomar
●“A Digital Signature is an Electronic Signature .”
To authenticate the identity of the sender of a message
The signer of a document, and
To ensure that the original content of the message or document that has been signed is unchanged
●Only the owner can create the digital signature, hence it can be used to verify who created a message
●Generally don't sign the whole message (doubling the size of information exchanged), but just a digest or hash of the message
●A hash function takes the message, and produces a fixed size (typically 64 to 512 bits) value dependent on the message
●Digital Signature - a data string which associates a message with some originating entity
●When using a digital signature, the data itself is not encrypted, but a hash of the data is encrypted with a private key. A hash (also known as a digest) is a unique, fixed-length mathematical value that is determined by the content of the message
●In 1976,Whitfield Diffie and Martin Hellman first described the Digital Signature.
●In 1984, Shafi Goldwasser, Silvio Micali, and Ronald Rivest became the first to define the security requirements of digital signature schemes.
Caesar Cipher
The shift is linear and equidistributed 3
changes
I agree lcdjuhhKey Cipher
The shift is linear (cyclic) 269
k.n.gupta 62 mewam3rzjba
i+3=l
Space=c [+3]
k+2=m
(dot)=e [+6]
n=w [+9]
I agreeefcc61c1c03db8d8ea8569545c073c814a0ed755My place of birth is at Gwalior.fe1188eecd44ee23e13c4b6655edc8cd5cdb6f25I am 20 years old.0e6d7d56c4520756f59235b6ae981cdb5f9820a0I am an Engineer.ea0ae29b3b2c20fc018aaca45c3746a057b893e7I am a Engineer.01f1d8abd9c2e6130870842055d97d315dff1ea3●These are digital signatures of same person on different
documents●Digital Signatures are numbers●Same Length – 40 digits●They are document content
dependent
●Message
Message+
signature
Hash
SIGN hashWith Sender’s Private key
SignedMessage
Sent thru’ Internet
Message+
Signature
Calculated
Hash
COMPARE
Hash
DecryptSignatureWith Sender’s Public Key
SenderReceiver
ifOK
Signaturesverified
●A digital certificate is an electronic “document”●or computer generated record that officially links
together the subscriber’s identification with the corresponding public key.
●The certificate is digitally signed by the
issuing Certification Authority (CA ) to ensure
the certificate’s authenticity so that anyone in
possession of the CA’s public
key can verify the legitimacy of the certificate
●Certificate authorities (CA’s) will provide a requestor with someone’s public key contained in a certificate. Information in the certificate will identify the public key’s owner, and provide the name of the CA who validated the identity and signed the identity to public key binding. In this way it is possible to see that a certificate serves as a kind of protective “container” for the public key, protecting the integrity of its binding to an owner and authenticating both the binding and identity via the reputation (and trust) of the signing CA.
Private Key – Used for making digital signature
Public Key – Used to verify the digital signature
●If the sender wishes to prove to a recipient that he or she is the source oftheinformation, the sender uses his or her private key to digitally sign a message (adigital signature).
●The receiver of a digitally signed message uses the sender’s public key to verify the signature so that the receiver knows that the person controlling the private key corresponding to the public key sent the information, and that the received information has not been altered since it was signed.
●A key generation algorithm that selects a private key uniformly at random from a set of possible private keys. The algorithm outputs the private key and a corresponding public key.
●A signing algorithm which, given a message and a private key, produces a signature.
●A signature verifying algorithm which given a message, public key and a signature, either accepts or rejects.
●To provide Authenticity, Integrity and Non-repudiation to electronic documents
●To use the Internet as the safe and secure medium for e-Commerce.
●Authentication :-Although messages may often include information about the entity sending a message, that information may not be accurate. Digital signatures can be used to authenticate the source of messages. When ownership of a digital signature secret key is bound to a specific user, a valid signature shows that the message was sent by that user. The importance of high confidence in sender authenticity is especially obvious in a financial
1.Integrity :-In many scenarios, the sender and
receiver of a message may have a need for
confidence that the message has not been
altered during transmission. Although encryption
hides the contents of a message, it may be
possible to change an encrypted message
without understanding it.
●Putting the private key on a smart card●Using smart card readers with a separate
keyboard●Using digital signatures only with trusted
applications
●Saving Of Time●Cost Reduction●Increased Security●Compliance
●Digital signatures are commonly used for
software distribution, financial transactions, and
in other cases where it is important to detect
forgery and tampering.
●Hence We are conclude that to use digital signature we can secure our information by Private and public key.
● A digital signature is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document,
Thanks You