 Introduction  History  What is Digital Signature  Why Digital Signature  Basic Requirements  How the Technology Works  Approaches.

Slides:

Advertisements

Similar presentations

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Advertisements

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

Digital Signatures and Hash Functions. Digital Signatures.

PROJECT ON DIGITAL SIGNATURE Submitted by: Submitted to: NAME: Roll no: Reg.no. :

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

© Julia Wilk (FHÖV NRW) 1 Digital Signatures. © Julia Wilk (FHÖV NRW)2 Structure 1. Introduction 2. Basics 3. Elements of digital signatures 4. Realisation.

E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

1. INDEX 2 A signature is a handwritten depiction of someone’s name or nickname that a person writes on documents as proof of identity and intent. Signature.

Cyber Law & Islamic Ethics

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.

Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.

Chapter 3 Mohammad Fozlul Haque Bhuiyan Assistant Professor CITI Jahangirnagar University.

AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.

Secure Electronic Transaction (SET)

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Cryptography, Authentication and Digital Signatures

Risks of data manipulation and theft Gateway Average route travelled by an sent via the Internet from A to B Washington DC A's provider Paris A.

CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1

Digitally Signed Transcripts Department of Computer Science, University of Wisconsin – Eau Claire Student Researcher: Kevin M. Spinar

Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.

DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Digital Signatures, Message Digest and Authentication Week-9.

Welcome to the Introduction of Digital Signature Submitted By: Ankit Saxena.

DIGITAL SIGNATURE.

Security & Privacy. Learning Objectives Explain the importance of varying the access allowed to database elements at different times and for different.

Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.

Content Introduction History What is Digital Signature Why Digital Signature Basic Requirements How the Technology Works Approaches.

Research Title:Analysis of Advanced Cryptography Technologies Hash-based Post-quantum One-time Digital Signature Schemes Dr. Douglas Stebila Kaan Osmanagaoglu.

Guided by : VIPUL GAJJAR Prepared by: JIGAR KAKADIYA.

By, Patel Rushi N. V TH I.T. U.V.P.C.E..  What Are Signatures? Signature For Evidence: A signature authenticates writing by identifying the signer with.

TAG Presentation 18th May 2004 Paul Butler

Web Applications Security Cryptography 1

eSignature Today and in the Future

Unit 3 Section 6.4: Internet Security

Computer Communication & Networks

Information Security message M one-way hash fingerprint f = H(M)

Cryptographic Hash Function

TAG Presentation 18th May 2004 Paul Butler

e-Health Platform End 2 End encryption

B. R. Chandavarkar CSE Dept., NITK Surathkal

S/MIME T ANANDHAN.

Digital Signature.

Information Security message M one-way hash fingerprint f = H(M)

NET 311 Information Security

Digital Signatures and Forms

Pooja programmer,cse department

Information Security message M one-way hash fingerprint f = H(M)

Digital Certificates and X.509

Lecture 4 - Cryptography

The Secure Sockets Layer (SSL) Protocol

Best Digital Signature Service in Noida. Electronic Record 1.Very easy to make copies 2.Very fast distribution 3.Easy archiving and retrieval 4.Copies.

PKI (Public Key Infrastructure)

Electronic Payment Security Technologies

Digital Signatures Network Security.

Presentation transcript:

 Introduction  History  What is Digital Signature  Why Digital Signature  Basic Requirements  How the Technology Works  Approaches

 Purpose of Digital Signature  Algorithm of Digital Signature  Challenges and Opportunities  Application  Drawbacks  Conclusion

 The authenticity of many legal, financial, and other documents is determined by the presence or absence of an authorized handwritten signature.  Various methods have been devised to solve this problem, but the use of ‘digital signature’ is definitely the best solution amongst them.  A digital signature is nothing but an attachment to any piece of electronic information, which represents the content of the document and the identity of the originator of that document uniquely.

 Use of signatures is recorded in the Talmud (fourth century), complete with security procedures to prevent the alteration of documents after they are signed.  The practice of authenticating documents by affixing handwritten signatures began to be used within the Roman Empire in the year AD 439, during the rule of Valentinian III.  It is from this Roman usage of signatures that the practice obtained its significance in Western legal tradition.

 Hash value of a message when encrypted with the private key of a person is his digital signature on that e-Document.  Digital Signature of a person therefore varies from document to document thus ensuring authenticity of each word of that document.  As the public key of the signer is known, anybody can verify the message and the digital signature.

To provide Authenticity, Integrity and Non-repudiation to electronic documents To use the Internet as the safe and secure medium for Banking, e- Commerce and e-Governance with Security of Servers

Although messages may often include information about the entity sending a message, that information may not be accurate. Digital signatures can be used to authenticate the source of messages. When ownership of a digital signature secret key is bound to a specific user, a valid signature shows that the message was sent by that user. The importance of high confidence in sender authenticity is especially obvious in a financial context. For example, suppose a bank's branch office sends instructions to the central office requesting a change in the balance of an account. If the central office is not convinced that such a message is truly sent from an authorized source, acting on such a request could be a grave mistake.

In many scenarios, the sender and receiver of a message may have a need for confidence that the message has not been altered during transmission. Although encryption hides the contents of a message, it may be possible to change an encrypted message without understanding it. (Some encryption algorithms, known as nonmalleable ones, prevent this, but others do not.) However, if a message is digitally signed, any change in the message will invalidate the signature. Furthermore, there is no efficient way to modify a message and its signature to produce a new message with a valid signature, because this is still considered to be computationally infeasible by most cryptographic hash functions.

 Private Key The private key is one which is accessible only to the signer. It is used to generate the digital signature which is then attached to the message.  Public Key The public key is made available to all those who receive the signed messages from the sender. It is used for verification of the received message.

Digital Signature Certificate A subscriber of the private key and public key pair makes the public key available to all those who are intended to receive the signed messages from the subscriber. But in case of any dispute between the two sides, there must be some entity with the receiver which will allow the receiver of the message to prove that the message was indeed sent by the subscriber of the key pair. This can be done with the Digital Signature Certificate.

The use of digital signatures usually involves two processes, one performed by the signer and the other by the receiver of the digital signature:  Digital signature creation uses a hash result derived from and unique to both the signed message and a given private key. For the hash result to be secure, there must be only a negligible possibility that the same digital signature could be created by the combination of any other message or private key.

.  Digital signature verification is the process of checking the digital signature by reference to the original message and a given public key, thereby determining whether the digital signature was created for that same message using the private key that corresponds to the referenced public key.

 Digital Signature Generation

 Digital Signature Verification

 Secure Hash Algorithm

 Institutional overhead: The cost of establishing and utilizing certification authorities, repositories, and other important services, as well as assuring quality in the performance of their functions.  Subscriber and Relying Party Costs: A digital signer will require software, and will probably have to pay a certification authority some price to issue a certificate. Hardware to secure the subscriber's private key may also be advisable.

 Electronic Mail  Data storage  Electronic funds transfer  Software Distribution  eGovernance Applications

 The private key must be kept in a secured manner.  The process of generation and verification of digital signature requires considerable amount of time.  For using the digital signature the user has to obtain private and public key, the receiver has to obtain the digital signature certificate also.