logging in or signing up dig sig2 aSGuest110575 Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 16 Category: Science & Tech.. License: All Rights Reserved Like it (0) Dislike it (0) Added: August 18, 2011 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Slide 1: Digital SignaturesElectronic Record: Electronic Record Very easy to make copies Very fast distribution Easy archiving and retrieval Copies are as good as original Easily modifiable Environmental Friendly Because of 4 & 5 together, these lack authenticitySlide 3: Why Digital Signatures? To provide Authenticity, Integrity and Non-repudiation to electronic documents To use the Internet as the safe and secure medium for e-Commerce and e-GovernanceSlide 4: ENCRYPTION Message 2 The Internet knows no geographical boundaries. It has redefined time and space. Advances in computer and telecommunication technologies have led to the explosive growth of the Internet. This in turn is affecting the methods of communication, work, study, education, interaction, leisure, health, governance, trade and commerce. Encrypted Message 2 a520eecb61a770f947ca856cd675463f1c95a9a2b8d4e6a71f80830c87f5715f5f59334978dd7e97da0707b48a1138d77ced56feba2b467c398683c7dbeb86b854f120606a7ae1ed934f5703672adab0d7be66dccde1a763c736cb9001d0731d541106f50bb7e54240c40ba780b7a553bea570b99c9ab3df13d75f8ccfdddeaaf3a749fd1411 Message 1 Central to the growth of e-commerce and e-governance is the issue of trust in electronic environment. Encrypted Message 1 9a46894335be49f0b9cab28d755aaa9cd98571b275bbb0adb405e6931e856ca3e5e569edd135285482 DECRYPTION Encrypted Message 1 9a46894335be49f0b9cab28d755aaa9cd98571b275bbb0adb405e6931e856ca3e5e569edd135285482 Message 1 Central to the growth of e-commerce and e-governance is the issue of trust in electronic environment. Encrypted Message 2 a520eecb61a770f947ca856cd675463f1c95a9a2b8d4e6a71f80830c87f5715f5f59334978dd7e97da0707b48a1138d77ced56feba2b467c398683c7dbeb86b854f120606a7ae1ed934f5703672adab0d7be66dccde1a763c736cb9001d0731d541106f50bb7e54240c40ba780b7a553bea570b99c9ab3df13d75f8ccfdddeaaf3a749fd1411 Message 2 The Internet knows no geographical boundaries. It has redefined time and space. Advances in computer and telecommunication technologies have led to the explosive growth of the Internet. This in turn is affecting the methods of communication, work, study, education, interaction, leisure, health, governance, trade and commerce. Same Key SYMMETRIC Different Keys [Keys of a pair – Public and Private] ASYMMETRIC [PKI]Digital Signatures: Digital Signatures Digital Signatures are numbers They are document content dependent I agree efcc61c1c03db8d8ea8569545c073c814a0ed755 My place of birth is at Gwalior. fe1188eecd44ee23e13c4b6655edc8cd5cdb6f25 I am 62 years old. 0e6d7d56c4520756f59235b6ae981cdb5f9820a0 I am an Engineer. ea0ae29b3b2c20fc018aaca45c3746a057b893e7 I am a Engineer. 01f1d8abd9c2e6130870842055d97d315dff1ea3 These are digital signatures of same person on different documentsSlide 7: Concepts A 1024 bits number is a very big number much bigger than the total number of electrons in whole world. Trillions of Trillions of pairs of numbers exist in this range with each pair having following property A message encrypted with one element of the pair can be decrypted ONLY by the other element of the same pair Two numbers of a pair are called keys, the Public Key & the Private Key. User himself generates his own key pair on his computer Any message irrespective of its length can be compressed or abridged uniquely into a smaller length message called the Digest or the Hash. Smallest change in the message will change the Hash valueSlide 8: What is Digital Signature? Hash value of a message when encrypted with the private key of a person is his digital signature on that e-Document Digital Signature of a person therefore varies from document to document thus ensuring authenticity of each word of that document. As the public key of the signer is known, anybody can verify the message and the digital signatureSlide 9: Digital Signatures Each individual generates his own key pair [Public key known to everyone & Private key only to the owner ] Private Key – Used for making digital signature Public Key – Used to verify the digital signatureSlide 10: Signed Messages Message + Signature Hash Decrypt Signature With Sender’s Public Key SIGN hash With Sender’s Private key Message + signature COMPARE Calculated Hash Message Sender Receiver Hash Signed Message Sent thru’ Internet if OK Signatures verifiedSlide 11: Paper signatures v/s Digital Signatures Parameter Paper Electronic Authenticity May be forged Can not be copied Integrity Signature independent of the document Signature depends on the contents of the document Non-repudiation Handwriting expert needed Error prone Any computer user Error free V/sSlide 12: Key Generation Random Numbers RSA Key Pair [Private/Public Key] Digital Signature Generate Message Digest [SHA1] Encrypting Digest using Private Key [Signatures] Attaching the Signatures to the message. Verification of Signatures Run the test for Authentication, Integrity and Non repudiation. Digital Signature Certificate ITU X.509 v3Slide 13: Smart Card iKey Hardware TokensPublic Key Infrastructure (PKI): Public Key Infrastructure (PKI) Some Trusted Agency is required which certifies the association of an individual with the key pair. Certifying Authority (CA) This association is done by issuing a certificate to the user by the CA Public key certificate (PKC) All public key certificates are digitally signed by the CACertifying Authority: Certifying Authority Must be widely known and trusted Must have well defined Identification process before issuing the certificate Provides online access to all the certificates issued Provides online access to the list of certificates revoked Displays online the license issued by the Controller Displays online approved Certification Practice Statement (CPS) Must adhere to IT Act/Rules/Regulations and Guidelines Must be widely known and trusted Must have well defined Identification process before issuing the certificate Provides online access to all the certificates issued Provides online access to the list of certificates revoked Displays online the license issued by the Controller Displays online approved Certification Practice Statement (CPS) Must adhere to IT Act/Rules/Regulations and GuidelinesSlide 16: IDRBT Certificate Paper ElectronicPublic-Key Certification: Public-Key Certification Signed by using CA’s private key User Name & other credentials User’s Public key User Certificate Certificate Database Publish Certificate Request User Name User’s Public Key CA’s Name Validity Digital Signature of CA Certificate Class User’s Email Address Serial No. Key pair Generation Private Public Web site of CA User 1 certificate User 2 certificate . Public License issued by CCAGovernment Online: Government Online Issuing forms and licences Filing tax returns online Online Government orders/treasury orders Registration Online file movement system Public information records E-voting Railway reservations & ticketing E-education Online money ordersTypes of Digital Signature: Types of Digital Signature 1. Arbitrated Signatures Mediation by third party, the arbitrator signing verifying resolving disputes 2. True/Direct Signatures Direct communication between sender and receiver Third party involved only in case of disputeArbitrated Signatures: Arbitrated Signatures Require trusted arbitrator Arbitrator is involved in Signing process Settlement of all disputes No one else can settle disputes Potential bottleneckExample of Arbitrated Signature Scheme (1): Example of Arbitrated Signature Scheme ( 1 ) Requirement: A wants to send B message B wants assurance of contents, that A was originator and that A cannot deny either fact. Assumption: A and B agree to trust an arbitrator (ARB) and to accept ARB’s decision as binding.Example of Arbitrated Signature Scheme (2): Example of Arbitrated Signature Scheme ( 2 ) Cryptographic Assumption Will use symmetric Algorithm eg DES Will use MACs A has established a DES key KA shared with ARB B has established a DES key KB shared with ARBExample of Arbitrated Signature Scheme (3): Example of Arbitrated Signature Scheme ( 3 ) A wants to send ‘signed’ message M to B Simplified protocol Note: B has no way of checking MAC KA is correct. May be necessary to include identities in messages. A ARB : M 1 =M || MAC KA ARB uses KA to check MAC KA ARB B : M 2 = M 1 || MAC KB B uses KB to check MAC KBTrue Signature: True Signature True Signature Requirement Only one person can sign but anyone can verify the signature Public Key Requirement Anyone can encrypt a message but only one person can decrypt the cryptogram.True Signature: True Signature It is ‘natural’ to try to adopt public key systems to produce signature schemes by using the secret key in the signing processDigital Signatures: Digital Signatures Common Terminology identifies the terms Digital Signature and True SignatureThank You: Thank You You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
dig sig2 aSGuest110575 Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 16 Category: Science & Tech.. License: All Rights Reserved Like it (0) Dislike it (0) Added: August 18, 2011 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Slide 1: Digital SignaturesElectronic Record: Electronic Record Very easy to make copies Very fast distribution Easy archiving and retrieval Copies are as good as original Easily modifiable Environmental Friendly Because of 4 & 5 together, these lack authenticitySlide 3: Why Digital Signatures? To provide Authenticity, Integrity and Non-repudiation to electronic documents To use the Internet as the safe and secure medium for e-Commerce and e-GovernanceSlide 4: ENCRYPTION Message 2 The Internet knows no geographical boundaries. It has redefined time and space. Advances in computer and telecommunication technologies have led to the explosive growth of the Internet. This in turn is affecting the methods of communication, work, study, education, interaction, leisure, health, governance, trade and commerce. Encrypted Message 2 a520eecb61a770f947ca856cd675463f1c95a9a2b8d4e6a71f80830c87f5715f5f59334978dd7e97da0707b48a1138d77ced56feba2b467c398683c7dbeb86b854f120606a7ae1ed934f5703672adab0d7be66dccde1a763c736cb9001d0731d541106f50bb7e54240c40ba780b7a553bea570b99c9ab3df13d75f8ccfdddeaaf3a749fd1411 Message 1 Central to the growth of e-commerce and e-governance is the issue of trust in electronic environment. Encrypted Message 1 9a46894335be49f0b9cab28d755aaa9cd98571b275bbb0adb405e6931e856ca3e5e569edd135285482 DECRYPTION Encrypted Message 1 9a46894335be49f0b9cab28d755aaa9cd98571b275bbb0adb405e6931e856ca3e5e569edd135285482 Message 1 Central to the growth of e-commerce and e-governance is the issue of trust in electronic environment. Encrypted Message 2 a520eecb61a770f947ca856cd675463f1c95a9a2b8d4e6a71f80830c87f5715f5f59334978dd7e97da0707b48a1138d77ced56feba2b467c398683c7dbeb86b854f120606a7ae1ed934f5703672adab0d7be66dccde1a763c736cb9001d0731d541106f50bb7e54240c40ba780b7a553bea570b99c9ab3df13d75f8ccfdddeaaf3a749fd1411 Message 2 The Internet knows no geographical boundaries. It has redefined time and space. Advances in computer and telecommunication technologies have led to the explosive growth of the Internet. This in turn is affecting the methods of communication, work, study, education, interaction, leisure, health, governance, trade and commerce. Same Key SYMMETRIC Different Keys [Keys of a pair – Public and Private] ASYMMETRIC [PKI]Digital Signatures: Digital Signatures Digital Signatures are numbers They are document content dependent I agree efcc61c1c03db8d8ea8569545c073c814a0ed755 My place of birth is at Gwalior. fe1188eecd44ee23e13c4b6655edc8cd5cdb6f25 I am 62 years old. 0e6d7d56c4520756f59235b6ae981cdb5f9820a0 I am an Engineer. ea0ae29b3b2c20fc018aaca45c3746a057b893e7 I am a Engineer. 01f1d8abd9c2e6130870842055d97d315dff1ea3 These are digital signatures of same person on different documentsSlide 7: Concepts A 1024 bits number is a very big number much bigger than the total number of electrons in whole world. Trillions of Trillions of pairs of numbers exist in this range with each pair having following property A message encrypted with one element of the pair can be decrypted ONLY by the other element of the same pair Two numbers of a pair are called keys, the Public Key & the Private Key. User himself generates his own key pair on his computer Any message irrespective of its length can be compressed or abridged uniquely into a smaller length message called the Digest or the Hash. Smallest change in the message will change the Hash valueSlide 8: What is Digital Signature? Hash value of a message when encrypted with the private key of a person is his digital signature on that e-Document Digital Signature of a person therefore varies from document to document thus ensuring authenticity of each word of that document. As the public key of the signer is known, anybody can verify the message and the digital signatureSlide 9: Digital Signatures Each individual generates his own key pair [Public key known to everyone & Private key only to the owner ] Private Key – Used for making digital signature Public Key – Used to verify the digital signatureSlide 10: Signed Messages Message + Signature Hash Decrypt Signature With Sender’s Public Key SIGN hash With Sender’s Private key Message + signature COMPARE Calculated Hash Message Sender Receiver Hash Signed Message Sent thru’ Internet if OK Signatures verifiedSlide 11: Paper signatures v/s Digital Signatures Parameter Paper Electronic Authenticity May be forged Can not be copied Integrity Signature independent of the document Signature depends on the contents of the document Non-repudiation Handwriting expert needed Error prone Any computer user Error free V/sSlide 12: Key Generation Random Numbers RSA Key Pair [Private/Public Key] Digital Signature Generate Message Digest [SHA1] Encrypting Digest using Private Key [Signatures] Attaching the Signatures to the message. Verification of Signatures Run the test for Authentication, Integrity and Non repudiation. Digital Signature Certificate ITU X.509 v3Slide 13: Smart Card iKey Hardware TokensPublic Key Infrastructure (PKI): Public Key Infrastructure (PKI) Some Trusted Agency is required which certifies the association of an individual with the key pair. Certifying Authority (CA) This association is done by issuing a certificate to the user by the CA Public key certificate (PKC) All public key certificates are digitally signed by the CACertifying Authority: Certifying Authority Must be widely known and trusted Must have well defined Identification process before issuing the certificate Provides online access to all the certificates issued Provides online access to the list of certificates revoked Displays online the license issued by the Controller Displays online approved Certification Practice Statement (CPS) Must adhere to IT Act/Rules/Regulations and Guidelines Must be widely known and trusted Must have well defined Identification process before issuing the certificate Provides online access to all the certificates issued Provides online access to the list of certificates revoked Displays online the license issued by the Controller Displays online approved Certification Practice Statement (CPS) Must adhere to IT Act/Rules/Regulations and GuidelinesSlide 16: IDRBT Certificate Paper ElectronicPublic-Key Certification: Public-Key Certification Signed by using CA’s private key User Name & other credentials User’s Public key User Certificate Certificate Database Publish Certificate Request User Name User’s Public Key CA’s Name Validity Digital Signature of CA Certificate Class User’s Email Address Serial No. Key pair Generation Private Public Web site of CA User 1 certificate User 2 certificate . Public License issued by CCAGovernment Online: Government Online Issuing forms and licences Filing tax returns online Online Government orders/treasury orders Registration Online file movement system Public information records E-voting Railway reservations & ticketing E-education Online money ordersTypes of Digital Signature: Types of Digital Signature 1. Arbitrated Signatures Mediation by third party, the arbitrator signing verifying resolving disputes 2. True/Direct Signatures Direct communication between sender and receiver Third party involved only in case of disputeArbitrated Signatures: Arbitrated Signatures Require trusted arbitrator Arbitrator is involved in Signing process Settlement of all disputes No one else can settle disputes Potential bottleneckExample of Arbitrated Signature Scheme (1): Example of Arbitrated Signature Scheme ( 1 ) Requirement: A wants to send B message B wants assurance of contents, that A was originator and that A cannot deny either fact. Assumption: A and B agree to trust an arbitrator (ARB) and to accept ARB’s decision as binding.Example of Arbitrated Signature Scheme (2): Example of Arbitrated Signature Scheme ( 2 ) Cryptographic Assumption Will use symmetric Algorithm eg DES Will use MACs A has established a DES key KA shared with ARB B has established a DES key KB shared with ARBExample of Arbitrated Signature Scheme (3): Example of Arbitrated Signature Scheme ( 3 ) A wants to send ‘signed’ message M to B Simplified protocol Note: B has no way of checking MAC KA is correct. May be necessary to include identities in messages. A ARB : M 1 =M || MAC KA ARB uses KA to check MAC KA ARB B : M 2 = M 1 || MAC KB B uses KB to check MAC KBTrue Signature: True Signature True Signature Requirement Only one person can sign but anyone can verify the signature Public Key Requirement Anyone can encrypt a message but only one person can decrypt the cryptogram.True Signature: True Signature It is ‘natural’ to try to adopt public key systems to produce signature schemes by using the secret key in the signing processDigital Signatures: Digital Signatures Common Terminology identifies the terms Digital Signature and True SignatureThank You: Thank You