E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.

Slides:

Advertisements

Similar presentations

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Advertisements

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

Digital Signatures and Hash Functions. Digital Signatures.

PROJECT ON DIGITAL SIGNATURE Submitted by: Submitted to: NAME: Roll no: Reg.no. :

Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.

Cryptographic Security CS5204 – Operating Systems1.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

Cryptographic Technologies

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.

1. INDEX 2 A signature is a handwritten depiction of someone’s name or nickname that a person writes on documents as proof of identity and intent. Signature.

Cyber Law & Islamic Ethics

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.

Digital Signatures. Electronic Record 1.Very easy to make copies 2.Very fast distribution 3.Easy archiving and retrieval 4.Copies are as good as original.

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.

Bob can sign a message using a digital signature generation algorithm

1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.

CS555Topic 211 Cryptography CS 555 Topic 21: Digital Schemes (1)

AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.

1 Chapter 11: Message Authentication and Hash Functions Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,

Information Security Fundamentals Major Information Security Problems and Solutions Department of Computer Science Southern Illinois University Edwardsville.

Cryptography, Authentication and Digital Signatures

CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1

Internet Security. Four Issues of Internet Security Authenticity: Is the sender of a message who they claim to be? Privacy: Are the contents of a message.

Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.

NDSU Lunchbytes "Are They Really Who They Say They Are?" Digital or Electronic Signature Information Rick Johnson, Theresa Semmens, Lorna Olsen April 24,

11.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 11 Message Integrity and Message Authentication.

11-Basic Cryptography Dr. John P. Abraham Professor UTPA.

Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

Lecture 16: Security CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Digital Signatures, Message Digest and Authentication Week-9.

Copyright 1999 S.D. Personick. All Rights Reserved. Telecommunications Networking II Lecture 41b Cryptography and Its Applications.

Welcome to the Introduction of Digital Signature Submitted By: Ankit Saxena.

Cryptography: Digital Signatures Message Digests Authentication

DIGITAL SIGNATURE.

1 CMPT 471 Networking II Authentication and Encryption © Janice Regan,

Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Network Security Celia Li Computer Science and Engineering York University.

Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.

Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.

Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.

Content Introduction History What is Digital Signature Why Digital Signature Basic Requirements How the Technology Works Approaches.

Research Title:Analysis of Advanced Cryptography Technologies Hash-based Post-quantum One-time Digital Signature Schemes Dr. Douglas Stebila Kaan Osmanagaoglu.

By Jonathan Gruber DIGITAL SIGNATURES. OUTLINE Definition How it works Common uses History Ink vs. Digital.

Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.

Guided by : VIPUL GAJJAR Prepared by: JIGAR KAKADIYA.

 Introduction  History  What is Digital Signature  Why Digital Signature  Basic Requirements  How the Technology Works  Approaches.

Basics of Cryptography

Cryptographic Hash Function

Digital Signatures A digital signature is a protocol that produces the same effect as a real signature: It is a mark that only the sender can make but.

Digital Signature.

Computer Security Security Concepts September 20, 2018

Pooja programmer,cse department

Lecture 4 - Cryptography

Digital Signatures…!.

Best Digital Signature Service in Noida. Electronic Record 1.Very easy to make copies 2.Very fast distribution 3.Easy archiving and retrieval 4.Copies.

Presentation transcript:

E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva

is a type of asymmetric cryptography used to simulate the security properties of a signature in digital, rather than written, form. Digital signature schemes normally give two algorithms, one for signing which involves the user's secret or private key, and one for verifying signatures which involves the user's public key. The output of the signature process is called the "digital signature.“ is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged. Digital signatures are easily transportable, cannot be imitated by someone else, and can be automatically time-stamped. The ability to ensure that the original signed message arrived means that the sender cannot easily repudiate it later. What is a digital signature?

How it works The use of digital signatures usually involves two processes, one performed by the signer and the other by the receiver of the digital signature: Digital signature creation uses a hash result derived from and unique to both the signed message and a given private key. For the hash result to be secure, there must be only a negligible possibility that the same digital signature could be created by the combination of any other message or private key. Digital signature verification is the process of checking the digital signature by reference to the original message and a given public key, thereby determining whether the digital signature was created for that same message using the private key that corresponds to the referenced public key.

Example Assume you were going to send the draft of a contract to your lawyer in another town. You want to give your lawyer the assurance that it was unchanged from what you sent and that it is really from you. 1.You copy-and-paste the contract (it's a short one!) into an note. 2.Using special software, you obtain a message hash (mathematical summary) of the contract. 3.You then use a private key that you have previously obtained from a public-private key authority to encrypt the hash. 4.The encrypted hash becomes your digital signature of the message. (Note that it will be different each time you send a message.) At the other end, your lawyer receives the message. 1.To make sure it's intact and from you, your lawyer makes a hash of the received message. 2.Your lawyer then uses your public key to decrypt the message hash or summary. 3.If the hashes match, the received message is valid.

Benefits of digital signatures These are common reasons for applying a digital signature to communications: Authentication Although messages may often include information about the entity sending a message, that information may not be accurate. Digital signatures can be used to authenticate the source of messages. When ownership of a digital signature secret key is bound to a specific user, a valid signature shows that the message was sent by that user. The importance of high confidence in sender authenticity is especially obvious in a financial context. For example, suppose a bank's branch office sends instructions to the central office requesting a change in the balance of an account. If the central office is not convinced that such a message is truly sent from an authorized source, acting on such a request could be a grave mistake. Integrity In many scenarios, the sender and receiver of a message may have a need for confidence that the message has not been altered during transmission. Although encryption hides the contents of a message, it may be possible to change an encrypted message without understanding it. (Some encryption algorithms, known as nonmalleable ones, prevent this, but others do not.) However, if a message is digitally signed, any change in the message will invalidate the signature. Furthermore, there is no efficient way to modify a message and its signature to produce a new message with a valid signature, because this is still considered to be computationally infeasible by most cryptographic hash functions.

Drawbacks of digital signatures Despite their usefulness, digital signatures do not alone solve all the problems we might wish them to. Non-repudiation In a cryptographic context, the word repudiation refers to the act of disclaiming responsibility for a message. A message's recipient may insist the sender attach a signature in order to make later repudiation more difficult, since the recipient can show the signed message to a third party (eg, a court) to reinforce a claim as to its signatories and integrity. However, loss of control over a user's private key will mean that all digital signatures using that key, and so ostensibly 'from' that user, are suspect. Nonetheless, a user cannot repudiate a signed message without repudiating their signature key.

Main Questions? 1.In the digital signature who use the private key and who use the public key? Private key: sender Public key: receiver 2. What are the benefits of digital signatures? Authentication and Integrity