Digital Signature

Umar Faruque(1102454) Click to edit Master subtitle style Pankaj kumar(1102427)

Outline
n n n n n n n n n

Introduction Digital Signature What It Provides Types Of Attacks And Forgery Digital-Signature Requirements Signature Generation Algorithm RSA How it works Digital Certificate Questionnaire

3/26/12

Introduction
n

A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or document It assures that the message was created by a known sender, and it was not altered in transit
Pankaj Kumar

3/26/12

Introduction
cntd..
n

D-sign are commonly used for software distribution, financial transactions, and in other cases where it is important to detect forgery or tampering Digital signatures employ a type of asymmetric cryptography like RSA
Pankaj Kumar

3/26/12

Digital Signature
n

Digital signature can be used in all electronic communications

Web, e-mail, e-commerce

It is an electronic stamp or seal that append to the document. Ensure the document being unchanged during transmission
Pankaj Kumar

3/26/12

Digital Signatures can provide

n

Authentication:-Refers to truthfulness of origin, commitments and intention Data Integrity:-Refers to accuracy and consistency of the stored data Non-Repudiation:-It ensures that a party cant deny the authenticity of their signature on document
Pankaj Kumar

3/26/12

Types Of Attack

A->Sender C->Attacker Key-Only Attack: C only knows As public key Known Message Attack: C is given access to a set of messages and their signatures Adaptive Chosen Message Attack: C is allowed to use A as an oracle. This means the A may request signatures of messages that depend on previously obtained message-signature pairs
Pankaj Kumar

3/26/12

Types of Forgery

Total break: C determines As private key Selective forgery: C forges a signature for a particular message chosen by C Existential forgery: C forges a signature for at least one message. C has no control over the message
Pankaj Kumar

3/26/12

Digital Signature Req

n

It must be a bit pattern that depends upon the msg being signed It must contain some unique info to prevent Attack and Forgery It must be easy to recognize and verify It must be practical to retain a copy of digital signature in storage
Pankaj Kumar

3/26/12

Basic mechanism
A key generation algorithm to randomly select a public key pair n Signature Generation Algorithm Input-> Message + private key Output-> A signature for the message n signature Verification algorithm Input-> Signature + public key Output-> Information bit
n
3/26/12 Umar Faruque

RSA
n n n n

By Rivest , Shamir & Adleman of MIT in 1977 Best known & widely used public-key scheme Uses large integers (eg. 1024 bits) Security due to cost of factoring large numbers

3/26/12

Umar Faruque

RSA Setup
n n n

n n

each user generates a public/private key pair by: selecting two large primes at random - p, q computing their system modulus N=p.q note (N)=(p-1)(q-1) selecting at random the encryption key e n where 1<e<(N), gcd(e,(N))=1 solve following equation to find decryption key d e.d=1 mod (N) and 0dN publish their public encryption key: KU={e,N} keep private decryption key: KR={d,p,q}
Umar Faruque

3/26/12

RSA Setup
n

cont..

to encrypt a message M the sender: obtains public key of recipient KU={e,N} computes: C=Me mod N, where 0M<N to decrypt the cipher text C the owner: uses their private key KR={d, p, q} computes: M=Cd mod N note that the message M must be smaller than the modulus N
Umar Faruque

3/26/12

How digital Signature works?

User A Transmit via the Internet

Use As private key to sign the document Verify the signature by As public key stored at the directory
3/26/12 14

User B received the document with signature User attached B

Umar Faruque

Digital Signature Generation and Verification

3/26/12

Certificate overview
n

A digitally signed statement that binds the value of a public key to the identity of the person, device, or service that holds the corresponding private key. One of the main benefits of certificates is that hosts no longer have to maintain a set of passwords for individual
Umar Faruque

3/26/12

Certificates general tab

3/26/12

Umar Faruque

Certificates Details

3/26/12

Umar Faruque

Information In Certificates
n n

The subject's public key value. The subject's identifier information, such as the name and e-mail address. The validity period (the length of time that the certificate is considered valid). Issuer identifier information.

3/26/12

Umar Faruque

Demonstration

3/26/12

Do U Have A Ques ?

3/26/12