Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cryptology Digital Signatures and Digital Certificates Prof. David Singer Dept. of Mathematics Case Western Reserve University.

Published bySybil Houston Modified over 9 years ago

Similar presentations

Presentation on theme: "Cryptology Digital Signatures and Digital Certificates Prof. David Singer Dept. of Mathematics Case Western Reserve University."— Presentation transcript:

1 Cryptology Digital Signatures and Digital Certificates Prof. David Singer Dept. of Mathematics Case Western Reserve University

2 Cryptographic Services Privacy (encryption) – You can’t see it Integrity (signing) – You can’t change it

3 Digital Signatures The basic scheme is shown here:

4 Digital Signatures 1.Bob signs using his private key. 2.Alice can verify the signature using Bob’s public key. 3. Anyone else can also verify Bob’s signature. 4. Since only Bob has the private key, only he could have signed. (Nonrepudiation)

5 Digital Signatures A more complete description:

6 What is a “message digest”? It is derived from the old idea of a “checksum”, used to insure that a transmission has no errors.

7 Example: UPC 1. Add the digits in the odd- numbered positions together and multiply by three. 2. Add in the digits in the even- numbered positions. 3. Add the checksum digit. If the result ends in 0, all is well.

8 Example: UPC Example: 639382000393 1. (6+9+8+0+0+9)X3=96 2. 96+3+3+2+0+3=107 3. 107+3=110

9 What is a “message digest”? It is derived from the old idea of a “checksum”, used to insure that a transmission has no errors. A message digest is computed from a message by a “hash” function.

10 Secure Hash Function A hash function is a compressed version of the message, using a one-way function. The hash size is independent of the size of the message.

11

12 Why a “secure” hash? 1. Efficiency: only a small amount of data has to be encrypted. 2. Integrity: any change in the document will cause major change in the hash and invalidate the signature. 3. Nonrepudiation: Bob cannot later deny signing.

13 What is a “secure” hash? A one-way function has the property: Given x, it is ‘hard’ to find another x’ with f(x)=f(x’). This property, called (weak)collision-resistance, is vital for security against forgery. In fact, we should need a stronger condition: it is hard to find x and x’ with f(x)=f(x’).

14 A Sneaky Forgery Scheme 1. Construct an agreement. 2. Find 32 places where the agreement can be changed slightly. 3. Construct forgery. 4. Find 32 places where forgery can be changed slightly.

15 A Sneaky Forgery Scheme 5. Find a copy of the message and a copy of the forgery with the same hash value. Note: There are 4,294,967,296 versions of each document. 6. Now trick Bob into signing the version of the message which can be forged!

16 Moral of the Story Before (digitally) signing a document written by someone else, make changes. Make sure the hash function is cryptographically strong. (That means it is strongly collision- resistant.) SHA-1 is an example of such a function.

17 Mallory in the Middle Alice "Hi Bob, it's Alice. Give me your key"--> Mallory Bob Alice Mallory "Hi Bob, it's Alice. Give me your key"--> Bob Alice Mallory <--KB Bob Alice <--KM Mallory Bob Alice "Meet me at Tommy’s!“KM--> Mallory Bob Alice Mallory "Meet me at Sergio’s!“KB --> Bob Alice Bob Mallory

18 Digital Certificates One way to avoid the Mallory-in- the-middle attack is to have a trusted certificate authority (CA). This prevents Mallory from inserting her own public key in place of Bob’s.

19 Certificate Authority (CA) CA verifies identity and credentials of user (in person or by some other non-crypto method) Issues certificate of public key. Transmits key pair to user securely. User can publish certificate.

20 Certificate Authority (CA) Certificate has expiration date. CA needs to be able to revoke certificate before expiration. CA needs to backup keys and have procedure for recovery of lost keys. Note: Certificates are included in browsers (IE, Firefox, etc.).

21 Your browser handles the security job for you!

22 Getting a certificate

23 The complete process

24 Internet X.509 Public Key Infrastructure “When a certificate is issued, it is expected to be in use for its entire validity period. However, various circumstances may cause a certificate to become invalid prior to the expiration of the validity period.

25 Internet X.509 Public Key Infrastructure “Such circumstances include change of name, change of association between subject and CA (e.g., an employee terminates employment with an organization), and compromise or suspected compromise of the corresponding private key. Under such circumstances, the CA needs to revoke the certificate.”

26 Did this ever happen to you?

27 More on Nonrepudiation If Bob signs a document with his secret key, what is to stop him from later changing his public key and denying the signature? Conversely, how can Bob prove that it was not his key that was used?

28 More on Nonrepudiation Certificate Authority needs to keep records, including time stamped certificates and dates of revocations. CA needs to be a trusted party. Can have multiple CA’s. CA must protect its secret key. Issued keys must be sound.

29 OOPS!

30 OOPS!

31

Download ppt "Cryptology Digital Signatures and Digital Certificates Prof. David Singer Dept. of Mathematics Case Western Reserve University."

Similar presentations

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.

Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.
Cryptography and Network Security

Cryptography and Network Security
Public Key Management and X.509 Certificates

Public Key Management and X.509 Certificates
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Cryptographic Technologies

Cryptographic Technologies
1 Digital Signatures CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 12, 2004.

1 Digital Signatures CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 12, 2004.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.

E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
By Jyh-haw Yeh Boise State University ICIKM 2013.

By Jyh-haw Yeh Boise State University ICIKM 2013.
Chapter 31 Network Security

Chapter 31 Network Security
Csci5233 Computer Security1 Bishop: Chapter 10 Key Management: Digital Signature.

Csci5233 Computer Security1 Bishop: Chapter 10 Key Management: Digital Signature.
CS5204 – Fall 2009 1 Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

Similar presentations

Ads by Google