INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

Slides:

Advertisements

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Advertisements

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Copyright © 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Web 101 Third Edition by Wendy G. Lehnert & Richard L. Kopec Modified by.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Principles of Information Security, 2nd edition1 Cryptography.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 22.

Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

Cryptographic Technologies

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.

1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.

Chapter 5 Digital Signatures MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.

Cryptology Digital Signatures and Digital Certificates Prof. David Singer Dept. of Mathematics Case Western Reserve University.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Electronic Mail Security

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.

Secure Electronic Transaction (SET)

Security Keys, Signatures, Encryption. Slides by Jyrki Nummenmaa ‘

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Electronic Payments E-payment methods –Credit cards –Electronic funds transfer (EFT) –E-payments Smart cards Digital cash and script Digital checks E-billing.

Securing Electronic Transactions University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.

Cryptography, Authentication and Digital Signatures

E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.

Logo Add Your Company Slogan China Financial Certification Authority Third-party certification authority Team 13 ：吉露露、吴莹莹、潘韦韦（ CFCA ）

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

Types of Electronic Infection

Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 50 Cryptography, Privacy, and Digital Certificates.

Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.

Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.

NDSU Lunchbytes "Are They Really Who They Say They Are?" Digital or Electronic Signature Information Rick Johnson, Theresa Semmens, Lorna Olsen April 24,

Not only business information, but a large amount of personal information too is now digitized and stored in computer connected to the internet. System.

Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

ELECTROINC COMMERCE TOOLS Chapter 6. Outline 6.0 Introduction 6.1 PUBLIC KEY INFRASTRUCTURE (PKI) AND CERTIFICATE AUTHORITIES (CAs) TRUST

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

DIGITAL SIGNATURE.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

Digital Signatures and Digital Certificates Monil Adhikari.

Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

April 20023CSG11 Electronic Commerce Authentication John Wordsworth Department of Computer Science The University of Reading Room.

Digital Signature, Digital Certificate – Securing E-Transactions Dr. Hussein Al-Bahadili.

Fundamentals of Network Security Ravi Mukkamala SCI 101 October 6, 2003.

Unit 3 Section 6.4: Internet Security

Pooja programmer,cse department

Electronic Payment Security Technologies

Presentation transcript:

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures Not simply a typed name or image of a handwritten signature Based on public-key encryption Associated with a digital document

Digital Signature Digital signature can be used in all electronic communications Web, , e-commerce It is an electronic stamp or seal that append to the document. Ensure the document being unchanged during transmission.

Digital Signature Digital Signature:- A special signature for signing electronic correspondence, produced by encrypting the message digest with the sender’s private key. Message Digest:- A block of data or a sample of the message content that represents a private key.

Digital Signature A digital signature’s main function is to verify that a message of a document, in fact, comes from the claimed sender. This is called authentication. When making a digital signature, cryptographic hash function are generally used to construct the message digest. A hash function is a formula that converts a message of a given length into a string of digits (128 or more), called a message digest. Once the message digest is encrypted with the sender’s private key, it becomes a digital signature.

How digital Signature works? User A User B Use A ’ s private key to sign the document Transmit via the Internet User B received the document with signature attached Verify the signature by A ’ s public key stored at the directory

Digital Signature Generation and Verification Message SenderMessage Receiver Message Hash function Digest Encryption Signature Hash function Digest Decryption Expected Digest Private Key Public Key

Digital Signature Reference 8

Key Management Private key are password-protected. If someone want your private key: They need the file contains the key They need the passphrase for that key If you have never written down your passphrase or told anyone Very hard to crack

Digital Certificates Digital Certificate is a data with digital signature from one trusted Certification Authority (CA). This data contains: Who owns this certificate Who signed this certificate The expired date User name & address

Certification Authority (CA) A trusted agent who certifies public keys for general use (Corporation or Bank). User has to decide which CAs can be trusted. The model for key certification based on friends and friends of friends is called “ Web of Trust ”. The public key is passing from friend to friend. Works well in small or high connected worlds.

Public Key Infrastructure (PKI) PKI is a system that uses public-key encryption and digital certificates to achieve secure Internet services. There are 4 major parts in PKI. Certification Authority (CA) A directory Service Services, Banks, Web servers Business Users

PKI Structure Certification Authority Directory services User Services, Banks, Webservers Public/Private Keys

4 key services Authentication – Digital Certificate To identify a user who claim who he/she is, in order to access the resource. Non-repudiation – Digital Signature To make the user becomes unable to deny that he/she has sent the message, signed the document or participated in a transaction. Confidentiality - Encryption To make the transaction secure, no one else is able to read/retrieve the ongoing transaction unless the communicating parties. Integrity - Encryption To ensure the information has not been tampered during transmission.

THANK YOU