Presentation is loading. Please wait.

Presentation is loading. Please wait.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

Published byJuliet Potter Modified over 8 years ago

Similar presentations

Presentation on theme: "INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures."— Presentation transcript:

1

2 INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures Not simply a typed name or image of a handwritten signature Based on public-key encryption Associated with a digital document

3 Digital Signature Digital signature can be used in all electronic communications Web, e-mail, e-commerce It is an electronic stamp or seal that append to the document. Ensure the document being unchanged during transmission.

4 Digital Signature Digital Signature:- A special signature for signing electronic correspondence, produced by encrypting the message digest with the sender’s private key. Message Digest:- A block of data or a sample of the message content that represents a private key.

5 Digital Signature A digital signature’s main function is to verify that a message of a document, in fact, comes from the claimed sender. This is called authentication. When making a digital signature, cryptographic hash function are generally used to construct the message digest. A hash function is a formula that converts a message of a given length into a string of digits (128 or more), called a message digest. Once the message digest is encrypted with the sender’s private key, it becomes a digital signature.

6 How digital Signature works? User A User B Use A ’ s private key to sign the document Transmit via the Internet User B received the document with signature attached Verify the signature by A ’ s public key stored at the directory

7 Digital Signature Generation and Verification Message SenderMessage Receiver Message Hash function Digest Encryption Signature Hash function Digest Decryption Expected Digest Private Key Public Key

8 Digital Signature Reference 8

9 Key Management Private key are password-protected. If someone want your private key: They need the file contains the key They need the passphrase for that key If you have never written down your passphrase or told anyone Very hard to crack

10 Digital Certificates Digital Certificate is a data with digital signature from one trusted Certification Authority (CA). This data contains: Who owns this certificate Who signed this certificate The expired date User name & email address

11 Certification Authority (CA) A trusted agent who certifies public keys for general use (Corporation or Bank). User has to decide which CAs can be trusted. The model for key certification based on friends and friends of friends is called “ Web of Trust ”. The public key is passing from friend to friend. Works well in small or high connected worlds.

12 Public Key Infrastructure (PKI) PKI is a system that uses public-key encryption and digital certificates to achieve secure Internet services. There are 4 major parts in PKI. Certification Authority (CA) A directory Service Services, Banks, Web servers Business Users

13 PKI Structure Certification Authority Directory services User Services, Banks, Webservers Public/Private Keys

14 4 key services Authentication – Digital Certificate To identify a user who claim who he/she is, in order to access the resource. Non-repudiation – Digital Signature To make the user becomes unable to deny that he/she has sent the message, signed the document or participated in a transaction. Confidentiality - Encryption To make the transaction secure, no one else is able to read/retrieve the ongoing transaction unless the communicating parties. Integrity - Encryption To ensure the information has not been tampered during transmission.

15 THANK YOU

Download ppt "INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Copyright © 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Web 101 Third Edition by Wendy G. Lehnert & Richard L. Kopec Modified by.

Copyright © 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Web 101 Third Edition by Wendy G. Lehnert & Richard L. Kopec Modified by.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC513-01 Instructor:Professor Anvari Student ID:106845 Name:Xin Wen Date:11/25/00.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.

E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 22.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 22.
Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,

Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Cryptographic Technologies

Cryptographic Technologies

Similar presentations

Ads by Google