Presentation is loading. Please wait.

Presentation is loading. Please wait.

Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Published byJulie Blair Modified over 8 years ago

Similar presentations

Presentation on theme: "Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446."— Presentation transcript:

1 Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446

2 CONTENTS w What is a Digital Signature w Digital Signature Features w Digital Signature Concepts w How Digital Signature Works w How to Register

3 What is a Digital Signature w Digital signature means a type of electronic signature that transforms a message using an asymmetric cryptosystem ( public and private key capability ) w A person having the initial message and the singer’s public key can accurately determine 1) whether the transformation was created using the private key that corresponds to the signer’s public key 2) whether the initial message has been altered since the transformation was made

4 A Digital Signature is: w Intended by the party using it to have the same force and effect as the use of a manual signature w Unique to the party using it w Capable of verification w Under the sole control of the party using it w Linked to data in such a manner that it is invalidated if the data is changed w In conformity with rules adopted by the Secretary of State (a Certificate Authority) pursuant to this act

5 What is a Digital Signature

6 Digital Signature Features w Signer authentication w Message authentication w Non-repudiation w Integrity

7 Digital Signature Concepts w The first is that each user has a pair of matching virtual keys ( the private key and public key ), which have a unique mathematical relationship w The second concept is that of a digital certificate

8 Digital Signature Concepts

9 Public-key Cryptography w Each person’s public key is published while the private key is kept secret w Communications involve only the public keys, and no private key is ever transmitted or shared. w The public keys are associated with their users in a trusted manner

10 Public-key Cryptography w Anyone can send a confidential message by just using public information, but the message can only be decrypted with a private key w Public-key cryptography can be used not only for privacy (encryption), but also for authentication (digital signatures)

11 Certificate Authority w The Certificate Authority is an individual organization that acts as a notary to authenticate the identity of users of a public-key encryption w A Certificate Authority is used to: 1) Associate a pair of keys with a person 2) Publishing the public keys in a directory 3) Maintain functions associated with the keys

12 Digital Certificate w The digital certificate acts like an electronic envelope in which the public key travels w This electronic ID file verifies the connection between the public key and the owner w The digital certificate is issued by a Certificate Authority and signed with that Certificate Authority’s private key, authenticating the public key

13 Digital Certificate w Typically includes: w Public key and owner’s name w Certificate Authority issuing the key w Serial number w Digital signature of Certificate Authority, signed using the Certificate Authority’s private key w Other optional identifying information

14 Digital Signature Creation Message Hash Function Message Digest Signature Function Digital Signature Message Signature Private Key

15 Digital Signature Creation w Sign w A process known as hash function must occur 1) A hash function is a mathematical algorithm which creates a digital representation or fingerprint in the form of a hash result or message digest 2) The hash function generally consists of a standard length that is usually much smaller than the message but nevertheless substantially unique to it

16 Digital Signature Creation w Sign w The sender’s digital signature software transforms the hash result into a digital signature using the sender’s private key w Seal w The message is encrypted with a fast symmetric key w Then the symmetric key is encrypted with the receiver’s public key w Deliver

17 Digital Signature Verification Message Hash Function Message Digest Signature Function Message Digest If the message digest are identical, the signature is valid. If they are different, the signature is not valid. Signer’s Public Key

18 Digital Signature Verification w Accept w Open w The receiver decrypts the symmetric key by using the receiver’s private key w The message is decrypted using the symmetric key w Verify w Accomplished by computing a new hash result of the original message

19 Digital Signature Verification w Verify w Then, using the sender’s public key and the new hash result, the verifier checks whether: 1) the digital signature was created using the corresponding private key 2) the newly computed hash result matches the original hash result w The software will confirm the digital signature as: 1) verified 2) failed

20 How to register

21 w A LRA (Local Registration Authority) uploads information about an authorized user w The LRA verifies the user’s identity and provides them with their user number and password w The user connects to the CA, the key pair is generated automatically in the user’s browser, and the private key is stored to their hard drive

22 How to register w The use’s public key is automatically sent to the CA, and the CA generates the certificate after verifying the user number and password w The CA passes a copy of the certificate back to the user w The CA automatically posts a copy of the certificate in the directory server to make the public key available to others

23 Summary w Digital signature is based on asymmetric cryptography w Every user has a unique pair of private and public key certified by a trusted Certification Authority w When the sender signs a transaction, a unique mathematical code is created with their private key and the actual content of the transaction w Digital signature can identify the signer’s identity by its relationship to the digital certificate w Digital signature provides more value than any other electronic signature method

Download ppt "Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446."

Similar presentations

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.

Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC513-01 Instructor:Professor Anvari Student ID:106845 Name:Xin Wen Date:11/25/00.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Cryptographic Technologies

Cryptographic Technologies
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
TrustPort Public Key Infrastructure. WWW.TRUSTPORT.COM Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.

E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.

Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.
Cyber Law & Islamic Ethics

Cyber Law & Islamic Ethics
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

Similar presentations

Ads by Google