Scribd Logo
Importer

Bienvenue sur Scribd !

  • Digital Signature

    Transféré par

    Tulika Vasanti Raven
    20 vues13 pages

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Formats disponibles

    PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document

    Droits d'auteur :

    Attribution Non-Commercial (BY-NC)
    Téléchargez comme PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    20 vues13 pages

    Digital Signature

    Transféré par

    Tulika Vasanti Raven

    Droits d'auteur :

    Attribution Non-Commercial (BY-NC)
    Téléchargez comme PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 13

    Cryptology is a branch of science that deals with two areas:

    1. CRYPTOGRAPHY It is an art of creating the ciphers. 2. CRYPTANALYSIS It is an art of braking the ciphers. (hacking)

    CIPHERTEXT: It is an unintelligible form of original text(plain text) which is obtained after applying an encryption algorithm to the original text. This encryption algorithm is called a CIPHER

    Security requirements
    Confidentiality
    assure that data can be kept secret method: encryption

    Integrity
    assure that received message has not been altered method: digital signature

    Authentication
    about verifying identities method: digital certificate

    Encryption
    Encryption key

    This is Plaintext

    Encryption

    123@8(@0kfl30kfl

    Plaintext

    Ciphertext

    SYMMETRIC CRYPTOGRAPHY: 1. same encryption and decryption key 2. encryption and decryption algorithms are reverse of each other

    Decryption
    Decryption Key

    123@8(@0kfl30kfl

    Decryption

    This is Plaintext

    Ciphertext

    Plaintext

    Public Key Encryption


    public key This is Plaintext Encryption 123@8(@0 kfl30kfl

    ASSYMETRIC CRYTOGRAPHY

    Plaintext

    Ciphertext

    private key

    123@8(@0 kfl30kfl

    Decryption

    This is Plaintext

    Ciphertext

    Plaintext

    DIGITAL SIGNATURE
    A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit. Digital signatures are commonly used for software distribution, financial transactions, and in other cases where it is important to detect forgery and tampering.

    Digital signatures employ a type of asymmetric cryptography. For messages sent through an insecure channel, a properly implemented digital signature gives the receiver reason to believe the message was sent by the claimed sender. Digital signatures are equivalent to traditional handwritten signatures in many respects; properly implemented digital signatures are more difficult to forge than the handwritten type.

    History:
    1. In 1976, Whitfield Diffie and Martin Hellman first described the notion of a digital signature scheme, although they only conjectured that such schemes existed. Soon afterwards, Ronald Rivest, Adi Shamir, and Len Adleman invented the RSA algorithm that could be used for primitive digital signatures (Note that this just serves as a proof-ofconcept, and "plain" RSA signatures are not secure.) The first widely marketed software package to offer digital signature was Lotus Notes, released in 1989, which used the RSA algorithm.

    2.

    3.

    Steps in digital signature generation

    Step 1 : Compute the message digest of the file

    File

    Message Digest

    Step 2 : Encrypt the message digest with senders private key

    Digital Signature

    Step 3 : Send the file and digital signature (signed file)

    File + Digital Signature (signed file)

    Steps in digital signature verification

    Sender

    Signed file File Step 1a : Find the message digest of the file Digital Signature

    Receiver

    Step 1b : Decrypt the digital signature with senders public key Message Digest

    Message Digest Step 2 : Compare the two message digests

    Same Accept

    Different Reject

    USES OF DIGITAL SIGNATURE


    AUTHENTICATION: Digital signatures can be used to authenticate the
    source of messages. When ownership of a digital signature secret key is bound to a specific user, a valid signature shows that the message was sent by that user. The importance of high confidence in sender authenticity is especially obvious in a financial context. For example, suppose a bank's branch office sends instructions to the central office requesting a change in the balance of an account. If the central office is not convinced that such a message is truly sent from an authorized source, acting on such a request could be a grave mistake.

    INTEGRITY: the sender and receiver of a message may have a need for
    confidence that the message has not been altered during transmission. If a message is digitally signed, any change in the message after signature will invalidate the signature.

    NON-REPUDIATION: Communication do occur between two persons,


    thus there are chances that one of them becomes dishonest at a later state i.e. deny of any message sent to receiver. Digital signature prevent such cases.

    Vous aimerez peut-être aussi