XKI Atomic Signatures John H. Messing, Esq. Law-on-Line, Inc. © JHM 2007 This presentation is informational only and not intended as a contribution to.

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

Public Key Infrastructure and Applications
LEGALLY ENFORCEABLE ELECTRONIC SIGNATURES: Old Myths and New Realities &/OR New Myths and Old Realities.
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Public Key Infrastructure Alex Bardas. What is Cryptography ? Cryptography is a mathematical method of protecting information –Cryptography is part of,
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
Cryptography and Network Security
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Cryptographic Security Presented by: Josh Baker October 9 th, CS5204 – Operating Systems.
PROJECT ON DIGITAL SIGNATURE Submitted by: Submitted to: NAME: Roll no: Reg.no. :
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Cryptography and Network Security Chapter 17
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.
Brooks Evans – CISSP-ISSEP, Security+ IT Security Officer Arkansas Department of Human Services.
Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Chapter 8 Web Security.
Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School
Web services security I
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
DNSSEC Cryptography Review Track 2 Workshop July 3, 2010 American Samoa Hervey Allen.
Chapter 10: Authentication Guide to Computer Network Security.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
Cryptography, Authentication and Digital Signatures
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Web Security : Secure Socket Layer Secure Electronic Transaction.
Digital Signatures A Brief Overview by Tim Sigmon April, 2001.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
Introduction to Implementing XML web services authentication John Messing Law-on-Line, Inc. Prepared for Maricopa County ICJIS May 17, 2006.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Lifecycle Metadata for Digital Objects October 18, 2004 Transfer / Authenticity Metadata.
Privacy versus Authentication Confidentiality (Privacy) –Interceptors cannot read messages Authentication: proving the sender’s identity –The Problem of.
Digital Signatures, Message Digest and Authentication Week-9.
DIGITAL SIGNATURE.
Digital Signatures and Digital Certificates Monil Adhikari.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
ENGR 101 Compression and Encryption. Todays Lecture  Encryption  Symmetric Ciphers  Public Key Cryptography  Hashing.
Information Systems Design and Development Security Precautions Computing Science.
Guided by : VIPUL GAJJAR Prepared by: JIGAR KAKADIYA.
TAG Presentation 18th May 2004 Paul Butler
Web Applications Security Cryptography 1
SSL Certificates for Secure Websites
TAG Presentation 18th May 2004 Paul Butler
Authentication.
Technical Approach Chris Louden Enspier
Cryptography and Network Security
Presentation transcript:

XKI Atomic Signatures John H. Messing, Esq. Law-on-Line, Inc. © JHM 2007 This presentation is informational only and not intended as a contribution to a MISMO standard or as legal advice

Conclusions (Morning Session) No technology legal prohibitions Selection left to trading parties Relying party has greatest stake Several to choose from –Appearance –Security –Core application consequences

CORE APPLICATION (Morning Session) ZILLOW.COM Form co. /S JOHN DOE / A. B. C.

RELYING PARTY APPRAISAL 1. DATA SOURCES Technology Considerations (Morning Session) Ease of use Risk elimination Cost Savings Scalability Complexity of proof Obsolescence risks

LoL Cryptographic Electronic Signatures Central server computer Multiple user types –Human –Entity –Automatic processes Authorized signer is authenticated Server applies cryptographic signature Cryptographic signature of the server is electronic signature of the user

XKI Architecture Authenticate Sign Single or Multi- factored ID Federated Identity (SAML 2) XKI Signature Engine Asymmetric Encryption Atomic Signatures Digital Certificate (Smart Card optional) Biometric Voice Iris scan Face Finger

Supported signatures Acrobat digital signatures Servers digital certificate Atomic signatures (symmetric keys)

Digital Signatures explained – Message digests for data are like photos for people – a convenient reliable short-hand way of referring to them – Encryption keys are like envelopes – Encrypting a message digest is like putting a photo into a sealed envelope – Digital signatures are encrypted message digests, or alternatively stated, like photos that are protected inside envelopes that must first be opened to access the photos – Tamper evident seals operate by taking a brand new photo of data at the time of verification, opening the envelope, and seeing if the old and new photos match. If they do, nothing has changed. – If the envelope opens successfully we also know the identity of the key that sealed the envelope originally. – The sealed envelopes can be integrated with the data or detached from it.

Why message digests are encrypted For security: encryption thwarts attacks by scrambling message digests. Attackers cannot predict outcome of attack. Proves ID through key possession –Signer used a specific key to encrypt the message digest –Receiving party uses a mate to decrypt –Owner of key pair may be IDd by a Certificate Authority –Keys actually work to encrypt and decrypt first message digest which matches second one captured upon receipt Reduces the processing drain from private-public key operations Can be enveloping, enveloped or detached – workflow concerns Atomic signatures (symmetric keys) –Known only to the server(s) –Trusted authority –Signature artifacts as metadata

Recent security threats to message digests Chinese researchers (2005-6) –MD5 broken (pre-imaging attacks) –SHA-1 flaws documented official federal standard in all browsers and operating systems basis for all PKI, including SSL/TLS U.S. National Institute of Standards and Technology (NIST) - Quoted: Walk do not run to nearest exit -- announcing new effort Symmetrically encrypting message digests removes these threats –Atomic Signatures

Anticipated security threat to digital signatures - QC Quantum computers Computers use atoms instead of silicon chips –Auto generate parallel processing power –Very powerful Break factored prime numbers with ease –Such numbers are basis of asymmetric key pairs just referenced –Crack any digital signature regardless of key length –Whenever created Atomic Signatures are not based on such numbers – symmetric keys unaffected Production models of QC exist today: commercially available ca Virtual Hurricane Katrina for asymmetric cryptography

Advantages of XKI Signatures Without PKI, no –Foreseeable technology obsolescence Easy to use –Arizona Court of Appeals – since 2001 Lawyers e-filings submitted Judicial decisions e-distributed Not one reported complaint from a user –Store and transport signature metadata as strings Facilitate multi-signatures for core applications with detached signatures Improve scalability and performance

RELYING PARTY APPRAISAL 1. DATA SOURCES Sig A ZILLOW.COM A. Secure audit trail –Origin –Unchanged –Protected –IDd Core application –Detached signature –Atomic Signature Transportable string Validate if needed

RELYING PARTY APPRAISAL 1. DATA SOURCES Sig B Form Co. B. Similar secure audit trail Like Sig A Debatable use Impact of Sig A

RELYING PARTY APPRAISAL 1. DATA SOURCES Sig C /s john doe / C. Appraisers electronic signature Manifests intent Tamper evident Wraps other sigs Authenticated ID Time stamp Self validates Server-signed

Patented technology US No. 6,745,327 –PKI digital certificate –Biometrics used for secure authentication –Secure server signature method US No. 7,039,805 –Asymmetric vs. symmetric server signing keys –Signature metadata More patents pending Technology licenses or ASP model –Volume related charges –Set up, subscription, transaction models –Equity participation in select cases as appropriate –Contact me as shown on next slide for details

End John Messing Law-on-Line, Inc E. Broadway Blvd., Suite 1600 Tucson, AZ (520) (office) (520) (fax) (520) (mobile)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.