Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Slides:



Advertisements
Similar presentations
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Advertisements

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Cryptographic Technologies
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.
Cyber Law & Islamic Ethics
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
Chapter 31 Network Security
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
Secure Electronic Transaction (SET)
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Cryptography, Authentication and Digital Signatures
SECURITY MANAGEMENT Key Management in the case of public-key cryptosystems, we assumed that a sender of a message had the public key of the receiver at.
CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Types of Electronic Infection
Chapter 21 Distributed System Security Copyright © 2008.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 50 Cryptography, Privacy, and Digital Certificates.
Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.
Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.
DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Security & Privacy. Learning Objectives Explain the importance of varying the access allowed to database elements at different times and for different.
Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.
1 Thuy, Le Huu | Pentalog VN Web Services Security.
Digital Signatures and Digital Certificates Monil Adhikari.
Private key
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Fundamentals of Network Security Ravi Mukkamala SCI 101 October 6, 2003.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
TAG Presentation 18th May 2004 Paul Butler
Unit 3 Section 6.4: Internet Security
Computer Communication & Networks
TAG Presentation 18th May 2004 Paul Butler
e-Health Platform End 2 End encryption
IS3230 Access Security Unit 9 PKI and Encryption
NET 311 Information Security
Lecture 4 - Cryptography
Electronic Payment Security Technologies
Presentation transcript:

Digital Signature Xiaoyan Guo/ Xiaohang Luo/104446

CONTENTS w What is a Digital Signature w Digital Signature Features w Digital Signature Concepts w How Digital Signature Works w How to Register

What is a Digital Signature w Digital signature means a type of electronic signature that transforms a message using an asymmetric cryptosystem ( public and private key capability ) w A person having the initial message and the singer’s public key can accurately determine 1) whether the transformation was created using the private key that corresponds to the signer’s public key 2) whether the initial message has been altered since the transformation was made

A Digital Signature is: w Intended by the party using it to have the same force and effect as the use of a manual signature w Unique to the party using it w Capable of verification w Under the sole control of the party using it w Linked to data in such a manner that it is invalidated if the data is changed w In conformity with rules adopted by the Secretary of State (a Certificate Authority) pursuant to this act

What is a Digital Signature

Digital Signature Features w Signer authentication w Message authentication w Non-repudiation w Integrity

Digital Signature Concepts w The first is that each user has a pair of matching virtual keys ( the private key and public key ), which have a unique mathematical relationship w The second concept is that of a digital certificate

Digital Signature Concepts

Public-key Cryptography w Each person’s public key is published while the private key is kept secret w Communications involve only the public keys, and no private key is ever transmitted or shared. w The public keys are associated with their users in a trusted manner

Public-key Cryptography w Anyone can send a confidential message by just using public information, but the message can only be decrypted with a private key w Public-key cryptography can be used not only for privacy (encryption), but also for authentication (digital signatures)

Certificate Authority w The Certificate Authority is an individual organization that acts as a notary to authenticate the identity of users of a public-key encryption w A Certificate Authority is used to: 1) Associate a pair of keys with a person 2) Publishing the public keys in a directory 3) Maintain functions associated with the keys

Digital Certificate w The digital certificate acts like an electronic envelope in which the public key travels w This electronic ID file verifies the connection between the public key and the owner w The digital certificate is issued by a Certificate Authority and signed with that Certificate Authority’s private key, authenticating the public key

Digital Certificate w Typically includes: w Public key and owner’s name w Certificate Authority issuing the key w Serial number w Digital signature of Certificate Authority, signed using the Certificate Authority’s private key w Other optional identifying information

Digital Signature Creation Message Hash Function Message Digest Signature Function Digital Signature Message Signature Private Key

Digital Signature Creation w Sign w A process known as hash function must occur 1) A hash function is a mathematical algorithm which creates a digital representation or fingerprint in the form of a hash result or message digest 2) The hash function generally consists of a standard length that is usually much smaller than the message but nevertheless substantially unique to it

Digital Signature Creation w Sign w The sender’s digital signature software transforms the hash result into a digital signature using the sender’s private key w Seal w The message is encrypted with a fast symmetric key w Then the symmetric key is encrypted with the receiver’s public key w Deliver

Digital Signature Verification Message Hash Function Message Digest Signature Function Message Digest If the message digest are identical, the signature is valid. If they are different, the signature is not valid. Signer’s Public Key

Digital Signature Verification w Accept w Open w The receiver decrypts the symmetric key by using the receiver’s private key w The message is decrypted using the symmetric key w Verify w Accomplished by computing a new hash result of the original message

Digital Signature Verification w Verify w Then, using the sender’s public key and the new hash result, the verifier checks whether: 1) the digital signature was created using the corresponding private key 2) the newly computed hash result matches the original hash result w The software will confirm the digital signature as: 1) verified 2) failed

How to register

w A LRA (Local Registration Authority) uploads information about an authorized user w The LRA verifies the user’s identity and provides them with their user number and password w The user connects to the CA, the key pair is generated automatically in the user’s browser, and the private key is stored to their hard drive

How to register w The use’s public key is automatically sent to the CA, and the CA generates the certificate after verifying the user number and password w The CA passes a copy of the certificate back to the user w The CA automatically posts a copy of the certificate in the directory server to make the public key available to others

Summary w Digital signature is based on asymmetric cryptography w Every user has a unique pair of private and public key certified by a trusted Certification Authority w When the sender signs a transaction, a unique mathematical code is created with their private key and the actual content of the transaction w Digital signature can identify the signer’s identity by its relationship to the digital certificate w Digital signature provides more value than any other electronic signature method

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.