M.Gouthami (05121A0517) maddalagouthami@gmail.com I III. B.

tech (CSE)

K.Gayathri (05121A0515) gayathri_kllr@yahoo.com

ABSTRACT
Digital Signatures: A Digital Signature is an electronic signature that can be used to authenticate the
identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message that has been sent is unchanged. A digital signature is a public key cryptography i.e. it is based on two keys public key and private key. It is used for information security in the transmission of data through internet. In this, both encryption of plain text and decryption of signed message occur as shown in the below figure.

Working of Digital Signatures involves creation and verification of digital signatures. 1. In Creation, first the message digest is calculated by using hash function (MD2, MD5, etc) and from that digital signature is evaluated by using cryptographic algorithm (RSA, DSA, etc). 2. In Verification, first the current and original hash values are calculated and verified by comparing them. A digital signature is generated by an algorithm proposed by DSS called DSA which involves three phasesKey Generation, Signing, and verifying.

Additional Security Precautions:

1. Putting private key on smartcard. 2. Using smart card readers with a separate keyboard. 3. Other smart card designs that provide reliability. 4. Using digital signatures only with trusted systems.

Merits:
1. Reduced risk of dealing with Imposters. 2. Reduced risk of undetected message tampering and forgery. 3. High degree of information security in open systems. 4. Authentication. VI. Demerits: 1. Lack of association of digital signatures with trusted time stamping. 2. A user cant reject signed message without rejecting signature key called non-repudiation.

VII. Conclusion: Digital signatures are called as asymmetric cryptography most widely used for
authenticating data to provide information security.

Digital Signatures
A digital signature or digital signature scheme is a type of public key cryptography used to simulate the security properties of a signature in digital, rather than written form. Digital signature schemes normally give two algorithms, one for signing (decryption) which involves the users secret or private key, and one for verifying (encryption) signatures which involves the users public key. The output of the signature process is called the Digital Signature. Since a digital signature is unique to its message, it is useless if wholly disassociated from its message.

Definition: A digital signature is an electronic signature that can be used to authenticate the identity of
the sender of a message or the signer of a document, and possibly to ensure that the original content of the message that has been sent is unchanged. Digital signatures have the following properties: 1. Digital signatures cannot be forged by someone else. 2. The signature is proof that the signer signed the message. 3. The signature is an integral part of the message and cannot be transferred to another message. 4. The signed message cannot be changed in any way without being detected. 5. The signer cannot deny signing a message after doing so. Digital signature scheme has three algorithms: 1. A key generation algorithm G that randomly produces a key pair (PK, SK) for signer. PK is verifying key, which is to be public, and SK is signing key, to be kept private. 2. A signing algorithm S, that on input message m and a signing key SK, produces a signature . 3. A signature verifying algorithm V that on input a message m, a verifying key PK, and a signature , either accepts or rejects. Two main properties are required. First, signatures computed honestly should always verify. That is, V should accept (m, PK, S (m, SK)) where SK is secret key related to PK, for any message m. Secondly, it should be hard for any adversary, knowing only PK, to create valid signature(s).

Digital signatures are easily transportable, cannot be imitated by someone else, and can be automatically time-stamped. The ability to ensure that the original signed message arrived means that the sender cannot easily repudiate it later. One of the main differences between a digital signature and a written signature is that the user does not see what he signs. The digital signature is an encrypted digest of the file (message, document, driver, program) being signed. The digest is computed from the contents of the file by a one-way hash function such as MD5 or SHA-1 and then encrypted with the private part of a public/private key pair. To prove that the file was not tampered with, the recipient uses the public key to decrypt the signature back into the original digest, recomputes a new digest from the transmitted file and compares the two to see if they match. If they do, the file has not been altered in transit by an attacker.

Working of Digital Signatures: Digital signatures usually involve two processes, one performed by
the signer and the other by the receiver of the digital signature: I. Digital signature creation: It involves two steps which are performed by signer. 1. Calculation of Message Digest: In this step of the process, rather than signing the entire message, a one-way hash is made of the message and then the hash is signed. Hashes condense the message into a range of 100-200 bits. Signing a hash of the message is much faster than signing the whole message. One-way hash functions have the property that no two messages hash to the same value called hash value. A hash-value of the message (often called the message digest) is calculated by applying some cryptographic hashing algorithm (for example, MD2, MD4, MD5, SHA1, or other). The calculated hash-value of a message is a sequence of bits, usually with a fixed length, extracted in some manner from the message.

A hash function is an algorithm which creates a digital representation or fingerprint in the form of a hash value or hash result of a standard length which is usually much smaller than the message but nevertheless substantially unique to it. A completely different digest is obtained when just single bit from input message is changed.

2. Calculation of Digital Signature: In this step of process, hash-value of the message is encrypted with the private key of the person who signs the message and thus an encrypted hash-value, also called digital signature, is obtained. For this purpose, some mathematical cryptographic encrypting algorithms (like RSA, DSA, ECDSA) for calculating digital signatures from given message digest is used. Often, the obtained digital signature is attached to the message in a special format.

II. Digital signature verification: It is the process of checking the digital signature by reference to the original message and a given public key, thereby determining whether the digital signature was created for that same message using the private key that corresponds to the referenced public key. This can be done in three steps. 1. Calculate the current hash value: In the first step, a hash-value of the signed message is calculated. For this calculation, the same hashing algorithm is used as was used during the signing process. The obtained hash-value is called the current hash-value because it is calculated from the current state of the message.

2. Calculate original hash value: In this step, the digital signature is decrypted with the same encryption algorithm that was used during the signing process. The decryption is done by the public key that corresponds to the private key used during the signing of the message. As a result, we obtain the original hash value that was calculated from the original message during the first step of signing process (the original message digests).

3. Compare the current and original hash values: In this step, we compare the current hash value obtained in first and original hash value obtained in second steps. If the two values ate identical, the verification is successful and proves that the message has been signed with the private key that corresponds to the public key used in the verification process. If the two values differ from one another, this means that the digital signature is invalid and the verification is unsuccessful.

Reasons for Invalid Signatures:

There are three possible reasons for getting an invalid digital signature: 1. If the digital signature is adulterated and is decrypted with the public key, the obtained original value will not be the original hash-value of the original message but some other value. 2. If the message was changed after its signing, the current hash-value calculated will differ from the original hash-value because the two different messages correspond to different hash-values. 3. If the public key does not correspond to the private key used for signing, the original hash-value obtained by decrypting the signature with an incorrect key will not be the correct one.

Explanation with example:

Consider a private key holder of name Bob and his co-workers Pat, Doug & Susan. Bob has been given two keys. One of them is called is called a public key and other is called a private key.

Bob's Public key is available to anyone who needs it, but he keeps his Private Key to himself. Keys are used to encrypt information. Encrypting information means "scrambling it up", so that only a person with the appropriate key can make it readable again. Either one of Bobs two keys can encrypt data, or the other key can decrypt that data.

Susan (shown below) can encrypt a message using Bob's Public Key. Any of Bob's co-workers might have access to the message Susan encrypted, but without Bob's Private Key, the data is worthless.

Bob uses his Private Key to decrypt the message. Bob with his private key and the right software can put digital signatures on documents and other data. A digital signature is a "stamp" Bob places on the data which is unique to Bob, and is very difficult to forge. In addition, the signature assures that any changes made to the data that has been signed can not go undetected.

To sign a document, Bob's software will crunch down the data into just a few lines by a process called "hashing". These few lines are called a message digest. (It is not possible to change a message digest back into the original data from which it was created.).

Bob's software then encrypts the message digest with his private key. The result is the digital signature.

Finally, Bobs software appends the digital signature to document. All of the data that was hashed has been signed.

Bob now passes the document on to Pat. First, Pats software decrypts the signature changing it back into a message digest. If this worked, then it proves that Bob signed the document, because only Bob has his private key. Pats s/w then hashes the document data into a message digest. If the message digest is the same as the message digest created when the signature was decrypted, then Pat knows that signed data has not been changed. Plot Complication Doug wishes to deceive Pat. Doug makes sure that Pat receives a signed message and a public key that appears to belong to Bob. Unbeknownst to Pat, Doug deceitfully sent a key pair he created using Bobs name. Short of receiving Bobs public key from him in person, Pat can be sure that Bobs public key is authentic from the Digital Certificate of Bob. Authentication of public key of Bob happens as Susan works at the companys authority center. Susan can create digital certificate for Bob simply by signing Bobs public key as well as some information about Bob.

Now Bobs co-workers can check Bobs trusted certificate to make sure that his public key truly belongs to him. In fact, no one at Bobs company accepts a signature for which there is no certificate generated by Susan. Lets say that Bob signed document to Pat. To verify the signature on document, Pats s/w first uses Susans public key to check the signature on Bobs certificate. Successful de-encryption of certificate proves that Susan created it. After it is de-encrypted, Pats s/w can check if Bob is in good standing with certificate authority and that all of the certificate information concerning Bobs identity has not been altered. If the signature is valid, then we know that Doug didnt try to change the signed content.

All the above steps are handled behind the scenes by Pats user-friendly software. To verify signature, Pat need only click on it.

Digital Signature Algorithm (DSA):

NIST, (U.S.) National Institute of Standards and Technology have proposed an algorithm for digital signature based on ELGamal and Schnorr. As a proposed standard it is known as DSS. DSA is a public key algorithm; the key size is variable from 512 to 1024 bits which is adequate for current computing capabilities as long as you use more than 768 bits. There are three parameters (p, q, g) such that: Choose a prime q with the same number of bits as the output of H (hash function). Choose an L-bit prime p such that p-1 is a multiple of q. Choose g, a number whose multiplicative order modulo is q. This may be done by setting g= h (p
1)/q

mod p for some arbitrary h (1 < h < p-1), and trying again if the result comes out as 1. Most

choices of h will lead to a usable g; commonly h=2 is used.

Key generation:
Choose x by some random method, where 0 < x <q. Calculate y= gx mod p. Public key is (p, q, g, and y). Private Key is x.

Signing:
Generate a random per-message value k where 0 < k < q. Calculate r = (gk mod p) mod q where k is random or pseudo-random integer with 0<k<q. Calculate s = (k-1(H (m) + x*r)) mod q. The signature is (r, s) where r, s are public key components.

Verifying:
Reject the signature if either 0< r <q or 0< s <q is not satisfied. Calculate w = (s)-1 mod q. Calculate u1 = (H (m)w) mod q where m is message to be signed and H(m) is hash of m using SHA-1. Calculate u2 = (rw) mod q. Calculate v = ((gu1*yu2) mod p) mod q. The signature is valid if v = r.

Correctness of Algorithm:
The signature scheme is correct in the sense that the verifier will always accept genuine signatures. First, if g = h (p1)/q mod p it follows that gq hp-1 1 (mod p). Since g>1 and q is prime, g must have order q. The signer computes: s=k-1 (H (m) + xr) mod q. Thus KH (m) s-1+xr s-1 H (m) w+xrw (mod q). Since g has order q we have gk gH (m) w gxrw gH (m) w yrw gu1yu2 (mod p). Finally, the correctness follows from r = (gk mod p) mod q = (gu1yu2 mod p) mod q=v.

Additional Security Precautions:

1. Putting the private key on a smart card: All public key/private key cryptosystems depend on keeping private key secret which can be stored on a users computer but, which is unreliable. So, the alternative for this is to have smart cards. 2. Using smart card readers with a separate keyboard: This is safer than using card reader integrated into a PC having keystroke logger which is insecure. Specialized card readers are less vulnerable though not invulnerable, against tampering,eavesdropping with their s/w or h/w. 3. 4. Other smart card designs: Smart card design is an active field, and there are smart card schemes which are intended to avoid these particular problems, though with little security proofs. Using digital signatures only with trusted applications: Its the application that presents a hash code to be encrypted with the private key, but in the case of a malicious application a hash code of another document might be presented so that the users thinks he is signing the document he sees on the screen but is actually unwillingly signing another.This can be avoided using DS.

Merits:
Imposters, by minimizing the risk of dealing with imposters or persons who attempt to escape responsibility by claiming to have been impersonate. Message integrity, by minimizing the risk of undetected message tampering and forgery, and of false claims that a message was altered after it was sent; Formal legal requirements, by strengthening the view that legal requirements of form, such as writing, signature, and an original document, are satisfied, since digital signatures are functionally on a par with, or superior to paper forms; and Open systems, by retaining a high degree of information security, even for information sent over open, insecure, but inexpensive and widely used channels. Authentication, messages may often include information about the entity sending a message, that information may not be accurate. Digital signatures can be used to authenticate the source of messages.

Demerits:
1. 2. Association of digital signatures and trusted time stamping, by using this change of date and time of document made by others can be avoided. Non-repudiation, loss of control over a user's private key will mean that all digital signatures using that key, and so ostensibly 'from' that user, are suspect. Nonetheless, a user cannot repudiate a signed message without repudiating their signature key.

Conclusion:
A digital signature has a status somewhat like that of a traditional pen and paper signature. Generally, these provisions mean that what is digitally signed legally binds the signer of the document to the terms therein. For that reason, it is often thought best to use separate key pairs for signing and verifying thus calling it asymmetric cryptography. Finally digital signatures provide more Information Security.

References:
1. www.google.com. 2. www.wikipedia.org/wiki/Digital_Signature. 3. www.ufp.com/cryptography.html.