Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Published byJoan Allison Modified over 8 years ago

Similar presentations

Presentation on theme: "Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature."— Presentation transcript:

1 Lecture 11 Overview

2 Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature Authentic: A signature is produced only by the signer deliberately signing the document

3 Digital Signature Properties Non-Alterable: A signed document cannot be altered without invalidating the signature Non-Reusable: A signature from one document cannot be moved to another document Signatures can be validated by other users – the signer cannot reasonably claim that he/she did not sign a document bearing his/her signature CS 450/650 Lecture 11: Digital Signatures 3

4 Digital Signature Using RSA The RSA public-key cryptosystem can be used to create a digital signature for a message m – Asymmetric Cryptographic techniques are well suited for creating digital signatures The signer must have an RSA public/private key pair – c = M e mod n – M = c d mod n CS 450/650 Lecture 11: Digital Signatures 4

5 Signature Generation (Signer) Message SignaturePrivate Key Redundancy Function Formatted Message Encrypt CS 450/650 Lecture 11: Digital Signatures 5

6 Signature Verification Message Signature Public Key Verify Formatted Message Decrypt CS 450/650 Lecture 11: Digital Signatures 6

7 Redundancy Function The choice of a poor redundancy function can make RSA vulnerable to forgery A good redundancy function should make forging signatures much harder CS 450/650 Lecture 11: Digital Signatures 7

8 Example generate signature S – d = 53 – e = 413 – n = 629 – m = 7 – Assume that R(X) = XX S = R(m) e mod n – S = 77 53 mod 629 = 25 CS 450/650 Lecture 11: Digital Signatures 8

9 Example verify signature with message recovery – Public key (e) = 413 – n = 629 – S = 25 R(m) = S e mod n – R(m) = 25 413 mod 629 = 77 The verifier then checks that R(m) is of the form XX for some message X – m = R -1 (m) = 7 CS 450/650 Lecture 11: Digital Signatures 9

10 Forging signature (revisited) Choose a random number between 0 and n-1 for S – S = 323 Use the signer’s public key to decrypt S – R(m) = 323 413 mod 629 = 85 However, 85 is not a legal value for R(m) – so S = 323 is not a valid signature CS 450/650 Lecture 11: Digital Signatures 10

11 Privacy Signature provides only authenticity. How can we provide privacy in addition? CS 450/650 Lecture 11: Digital Signatures 11

12 Getting a Message Digest from a document Hash Message Digest CS 450/650 Lecture 11: Digital Signatures 12

13 Generating Signature Message Digest Signature Encrypt using private key CS 450/650 Lecture 11: Digital Signatures 13

14 Appending Signature to document Append Signature CS 450/650 Lecture 11: Digital Signatures 14

15 Verifying Signature Hash Decrypt using public key Message Digest Message Digest CS 450/650 Lecture 11: Digital Signatures 15

16 Lecture 12 Key Exchange CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Lawrie Brown (Cryptography and Network Security)

17 Key Management public-key encryption helps address key distribution problems have two aspects of this: – distribution of public keys – use of public-key encryption to distribute secret keys CS 450/650 Lecture 12: Key Exchange 17

18 Distribution of Public Keys can be considered as using one of: – public announcement – publicly available directory – public-key authority – public-key certificates CS 450/650 Lecture 12: Key Exchange 18

19 Public Announcement users distribute public keys to recipients or broadcast to community at large – append PGP keys to email messages or post to news groups or email list major weakness is forgery – anyone can create a key claiming to be someone else and broadcast it – until forgery is discovered attacker can masquerade as claimed user CS 450/650 Lecture 12: Key Exchange 19

20 Publicly Available Directory can obtain greater security by registering keys with a public directory directory must be trusted with properties: – contains {name, public-key} entries – participants register securely with directory – participants can replace key at any time – directory is periodically published – directory can be accessed electronically still vulnerable to tampering or forgery CS 450/650 Lecture 12: Key Exchange 20

21 Public-Key Authority improve security by tightening control over distribution of keys from directory has properties of directory requires users to know public key for the directory users interact with directory to obtain any desired public key securely requires real-time access to directory when keys are needed CS 450/650 Lecture 12: Key Exchange 21

22 Public-Key Authority CS 450/650 Lecture 12: Key Exchange 22

23 Public-Key Certificates certificates allow key exchange without real- time access to public-key authority a certificate binds identity to public key – usually with other info such as period of validity, rights of use all contents signed by a trusted Public-Key or Certificate Authority (CA) can be verified by anyone who knows the public-key authority’s public-key CS 450/650 Lecture 12: Key Exchange 23

24 Public-Key Certificates CS 450/650 Lecture 12: Key Exchange 24

25 Distribution of Secret Keys use previous methods to obtain public-key can use for secrecy or authentication public-key algorithms are slow usually prefer to use private-key encryption to protect message contents hence need a session key have several alternatives for negotiating a suitable session CS 450/650 Lecture 12: Key Exchange 25

26 Simple Secret Key Distribution proposed by Merkle in 1979 – A generates a new temporary public key pair – A sends B the public key and the identity – B generates a session key K sends it to A encrypted using the supplied public key – A decrypts the session key and both use Man in the middle attack – an opponent can intercept and impersonate both halves of protocol CS 450/650 Lecture 12: Key Exchange 26

27 Public-Key Distribution of Secret Keys if have securely exchanged public-keys: CS 450/650 Lecture 12: Key Exchange 27

28 Hybrid Key Distribution (IBM) retain use of private-key with a Key Distribution Center shares secret master key with each user distributes session key using master key public-key used to distribute master keys – especially useful with widely distributed users rationale – performance – backward compatibility

Download ppt "Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature."

Similar presentations

Key Management Nick Feamster CS 6262 Spring 2009.

Key Management Nick Feamster CS 6262 Spring 2009.
Cryptography and Network Security Chapter 14

Cryptography and Network Security Chapter 14
Unit 1: Protection and Security for Grid Computing.

Unit 1: Protection and Security for Grid Computing.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Fall 2008CS 334: Computer Security1 Crypto Conclusion Message Authentication Codes Key Management.

Fall 2008CS 334: Computer Security1 Crypto Conclusion Message Authentication Codes Key Management.
1 Chapter 13 – Digital Signatures & Authentication Protocols Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,

1 Chapter 13 – Digital Signatures & Authentication Protocols Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,
Lecture 12 Overview.

Lecture 12 Overview.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution of public keys –use of public-key.

Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution of public keys –use of public-key.
Cryptography and Network Security Chapter 10 Fourth Edition by William Stallings.

Cryptography and Network Security Chapter 10 Fourth Edition by William Stallings.
Chapter3 Public-Key Cryptography and Message Authentication.

Chapter3 Public-Key Cryptography and Message Authentication.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.

Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.

E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Computer Science Public Key Management Lecture 5.

Computer Science Public Key Management Lecture 5.
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/
CS5204 – Fall 2009 1 Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Chapter 5 Digital Signatures MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.

Chapter 5 Digital Signatures MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester 2008-2009 ITGD 2202 University of Palestine.

Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.

Similar presentations

Ads by Google