The proof of your digital documents

Slides:



Advertisements
Similar presentations
OpenXAdES & DigiDoc Tarvi Martens Estonia.
Advertisements

Debugging lab 2.
Summary Introduction The protocols developed by ITU-T E-Health protocol Architecture of e-Health X.th1 X.th2 to X.th6 Common Alerting Protocol Conclusion.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
AFACT eCOO WG interim meeting - Conference Call 1st March of 2011 Mahmood Zargar eCOO Experiences and Standards.
Practical Digital Signature Issues. Paving the way and new opportunities. Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.
XML DIGITAL SIGNATURE ASIM REHMAN YURI ALEGRIA. Introduction What is a digital signature Digital signature provides a mechanism for assuring integrity.
XML Encryption Prabath Siriwardena Director, Security Architecture.
Electronic Submission of Medical Documentation (esMD) AoR L2 Harmonization April 24, 2013.
Mountain View 25, 26 Sept 2007 The importance of incorporating XAdES extensions into ongoing XML-Sig work W3C Workshop on Next Steps for XML Signature.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Summary of ETSI/ESI activities Andrea Caccia ETSI/ESI TB member Note: This document expresses only the views of its author.
21 mai 2015 Bridges between Certification Authorities.
Host of the 13 th ECRF Annual Conference - Budapest 2010.
M.Sc. Hrvoje Brzica Boris Herceg, MBA Financial Agency – FINA Ph.D. Hrvoje Stancic, assoc. prof. Faculty of Humanities and Social Sciences Long-term Preservation.
DIGITAL SIGNATURE AND ELECTRONIC DOCUMENTS IN ITALY Prof. Pierluigi Ridolfi AIPA Authority for Information Technology in the Public Administration V. Solferino,
European Signatures versus Global SignaturesRome, 7 April, 2003 EESSI open specifications and interoperability The state of the art in Italy Giovanni Manca.
PIV Data Model Testing Ketan Mehta March 3, 2006.
Can PKI be made simple enough to be used by non-experts? Signature formats and context Antonio Lioy ( polito.it ) Politecnico di Torino Dip. Automatica.
Interprocess Communications
Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.
Edward Tsai – CS 239 – Spring 2003 Strong Security for Active Networks CS 239 – Network Security Edward Tsai Tuesday, May 13, 2003.
Asper School of Business University of Manitoba Systems Analysis & Design Instructor: Bob Travica System interfaces Updated: November 2014.
Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.
Web services security I
Electronic Archive Services in Lithuania Dr. Arūnas Stočkus Vilnius University Faculty of Mathematics and Informatics Lithuania EBNA,
CMS Advanced Electronic Signatures (CAdES) Target Category: Informational Intended to update and replace : RFC 3126 IETF Meeting Paris - August 2005 Denis.
Security Standards under Review for esMD. Transaction Timeline An esMD transaction begins with the creation of some type of electronic content (e.g. X12.
The proof of your digital documents. Copyright Lex Persona – All rights reserved 2 Our approach to paper reduction The current approach –The.
Implementation Of XML DIGITAL SIGNATURES Using Microsoft.NET.
Security and DICOM Lawrence Tarbox, Ph.D. Chair, DICOM Working Group 14 Siemens Corporate Research.
Exchange of digitally signed SPSCertificate messages Overview of prototype of digital signature applied to SPSCertificate message between national systems.
S/MIME and CMS Presentation for CSE712 By Yi Wen Instructor: Dr. Aidong Zhang.
XML Signature Prabath Siriwardena Director, Security Architecture.
Digital Signatures and e-Identity. Getting the best out of DSS / DSS-X services. Andreas Kuehne – DSS-X member.
WS-Security: SOAP Message Security Web-enhanced Information Management (WHIM) Justin R. Wang Professor Kaiser.
 In Karnataka, Digital Signatures are being extensively used in various projects right from delivery of citizen centric services through various projects.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.
Security Standards under Review for esMD. Transaction Timeline An esMD transaction begins with the creation of some type of electronic content (e.g. X12.
X.509 Certificate Support In The .NET Framework
1 CS 502: Computing Methods for Digital Libraries Lecture 19 Interoperability Z39.50.
Secure Systems Research Group - FAU Patterns for Web Services Security Standards Presented by Keiko Hashizume.
Semantic Web Technologies Research Topics and Projects discussion Brief Readings Discussion Research Presentations.
1 Integrating digital signatures with relational database: Issues and organizational implications By Randal Reid, Gurpreet Dhillon. Journal of Database.
Matej Bel University Cascaded signatures Ladislav Huraj Department of Computer Science Faculty of Natural Sciences Matthias Bel University Banska Bystrica.
Interprocess Communications
A A E E D D C C B B # Symmetric Keys = n*(n-1)/2 F F
Modul 4 Struktur Informasi Mata Kuliah Preservasi Informasi Digital.
Kemal Baykal Rasim Ismayilov
Secure Systems Research Group - FAU A Pattern for XML Signature Presented by Keiko Hashizume.
Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.
1 Session 4 Module 6: Digital signatures. Digital Signatures / Session4 / 2 of 18 Module 4, 5 - Review (1)  Java 2 security model provides a consistent.
XML Signature Choi, Yoon-jung. Outline Introduction Introduction Structure Structure Structure - Example Structure - Example Creation Creation.
Distributed Computing, M. L. Liu 1 Interprocess Communications Mei-Ling L. Liu.
OASIS Juan Carlos Cruellas – UPC Stefan Drees - DSS-X co-chair Nick Pope – Thales eSecurity OASIS Digital Signature Services and ETSI standards Juan Carlos.
1 Digital Signatures – A Global Challenge Joachim Lingner Software Engineer Sun Microsystems 1.
Miroslav Pavleski (SETCCE)
Ketan Mehta March 3, 2006 PIV Data Model Testing Ketan Mehta March 3, 2006.
OASIS Digital Signature Services and ETSI standards Juan Carlos Cruellas – UPC Stefan Drees - DSS-X co-chair Nick Pope – Thales.
The ITU-T X.500 series and X.509 in a changing world
ASN.1: Introduction Zdeněk Říha.
Presented By: Prof. D.W.Chadwick Other Author: D.Mundy
ELECTRONIC DOCUMENT: LITHUANIAN EXAMPLE
Implementing a service-oriented architecture using SOAP
Tim Bornholtz Director of Technology Services
Presentation transcript:

The proof of your digital documents ______________________________________________________________________ UN/CEFACT August 29, 2008

What is a digital signature ? How it works Dear Alice, Let’s meet in Venice next weekend. Bob Alice Dear Alice, Let’s meet in Venice next weekend. Bob Bob 4. Imprint Bob y9jl09cw56 x6fR7890cv 1. Imprint Bob x6fR7890cv 3. Decypher Bob 2. Cypher If equality then : Message comes from Bob Message has not been modified Bob ______________________________________________________________________ y9jl09cw56 x6fR7890cv Signature UN/CEFACT August 29, 2008

Digital signature formats : PKCS#7, CMS, XAdES History of digital signature formats Influenced by structured data models ASN.1 (Abstract Syntax Notation 1) Message and communication oriented Compact Binary data support Performance Abstruse XML (eXtensible Markup Language) Applications oriented Verbose Binary data not supported -> required Base64 encoding (x 4/3) High CPU and memory requirements Open – self described ______________________________________________________________________ UN/CEFACT August 29, 2008

Digital signature formats : PKCS#7, CMS, XAdES History of digital signature formats (continued) ASN.1 1990 PKCS#7 1993 Public Key Cryptographic Standard XML 1998 XML Digital Signature XMLDSIG 2000 Cryptographic Message Syntax CMS 2004 XML Advanced Electronic Signature XAdES 2003 CMS Advanced Electronic Signature CAdES 2005 ______________________________________________________________________ t UN/CEFACT August 29, 2008

Different types of signature 3 types of signatures = 3 types of proof Enveloping attached : signature contains signed content (through internal URI) Enveloping detached : signature references signed content (external URI reference) Enveloped: signature is included in the document it signs (internal URI which excluedes itself) ______________________________________________________________________ UN/CEFACT August 29, 2008

Different types of signature Pros and cons of different types of signatures Enveloping attached Contains signature(s), content, timestamps, etc. Ease of verification and use Can sometimes be complex to manipulate if huge Enveloping detached Only contains signature Difficult to verify because access to signed content is required : file system, database, network resources, etc. Allows the signature to be communicated independantly of signed content Enveloped Signature is inside content Only works with XML content or proprietary (PDF, Microsoft) Implementation is tied to data structure Adapted to internal applications, low interoperability ______________________________________________________________________ UN/CEFACT August 29, 2008

Digital signature properties Properties are important to signature contextualization Signed properties Date & time Signature production place Signature policy Etc… Signed properties participate in digital signature computation Unsigned properties Timestamp LCR, OCSP Note : these properties are not signed by the signatory but are nevertheless signed ! Unsigned properties do not participate in digital signature computation and hence do not participate in the document’s integrity. UN/CEFACT August 29, 2008

Different types of signature French banking commission XAdES format as defined in RGI (French e-Administration interoperability framework) BES (SigningCertificate or KeyInfo mandatory) EPES (signature policy mandatory) Enveloping attached signature required Signature policy : Identifyer : 1.2.250.1.115.200.300.1 (OID) http://www.banque-france.fr/igc/signature/ps/ps_1_2_250_1_115_200_300_1.pdf 1 file = 1 signature Canonicalisation algorithm de http://www.w3.org/2001/10/xml-exc-c14n# (because XBRL) Supported certificates, digital evidence agreement, etc. ______________________________________________________________________ UN/CEFACT August 29, 2008

Zoom on XAdES signature policy http://www.w3.org/TR/XAdES/#Syntax_for_XAdES_The_SignaturePolicyIdentifier_element <xad:SignaturePolicyIdentifier> <xad:SignaturePolicyId> <xad:SigPolicyId> <xad:Identifier Qualifier="OIDAsURN">urn:oid:1.2.250.1.115.200.300.1</xad:Identifier> </xad:SigPolicyId> <xad:SigPolicyHash> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod> <ds:DigestValue>q+ahW33Qg36KEeKdQLs94R4zb1c=</ds:DigestValue> </xad:SigPolicyHash> <xad:SigPolicyQualifiers> <xad:SigPolicyQualifier> <xad:SPURI>http://www.banque-france.fr/igc/signature/ps/ps_1_2_250_1_115_200_300_1.pdf</xad:SPURI> </xad:SigPolicyQualifier> </xad:SigPolicyQualifiers> </xad:SignaturePolicyId> </xad:SignaturePolicyIdentifier> UN/CEFACT August 29, 2008

Contact Francois Devoret Lex Persona +33 6 72 74 35 53 fdevoret@lex-persona.com www.lex-persona.com UN/CEFACT August 29, 2008

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.