Presentation is loading. Please wait.

Presentation is loading. Please wait.

AQA Computing A2 © Nelson Thornes 2009 Section 6.4 1 Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.

Published byMolly Payne Modified over 8 years ago

Similar presentations

Presentation on theme: "AQA Computing A2 © Nelson Thornes 2009 Section 6.4 1 Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates."— Presentation transcript:

1 AQA Computing A2 © Nelson Thornes 2009 Section 6.4 1 Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates

2 Section 6.4 AQA Computing A2 © Nelson Thornes 2009 2 Digital Signatures and Certificates To prove that an electronic message is genuine, a sender can digitally sign the message. This means it can be detected if the message has been tampered with and the signature is proof that it has been sent by the correct person. Digital signatures use asymmetric encryption. The process to send a message is as follows:

3 AQA Computing A2 © Nelson Thornes 2009 Section 6.4 A digest (also known as a hash) is produced from the message using a hash function. The digest is a much reduced version of the original message (it is not possible to change a message digest back into the original message from which it was created). 010010100010 110100101010 Digest Message Hash Function

4 AQA Computing A2 © Nelson Thornes 2009 Section 6.4 The digest is then encrypted using the sender’s private key. The sender’s private key must be used instead of the receiver’s public key to prove it has been encrypted by the sender. The encrypted digest result is the digital signature. Encrypt using sender’s private key Digest 010010100010 110100101010 1111001010010 1001010001010 Encrypted Digest (Digital Signature)

5 AQA Computing A2 © Nelson Thornes 2009 Section 6.4 The encrypted digest (digital signature) is then appended to the original message. Message 1111001010010 1001010001010 Digital Signature Appended with

6 AQA Computing A2 © Nelson Thornes 2009 Section 6.4 The message and digital signature are then encrypted using the receiver’s public key. The receiver’s public key must be used here so that only the receiver can decrypt the message with the private key. Message 1111001010010 1001010001010 0010101000110 0001010010011 0101000100101 0101010100111 1101001100000 Encrypted Message Encrypt using receiver’s public key

7 AQA Computing A2 © Nelson Thornes 2009 Section 6.4 The encrypted message is then sent by electronic mail. Send by e-mail 0010101000110 0001010010011 0101000100101 0101010100111 1101001100000 Encrypted Message

8 AQA Computing A2 © Nelson Thornes 2009 Section 6.4 Digital Signatures and Certificates The process to verify that a message is genuine is as follows:

9 AQA Computing A2 © Nelson Thornes 2009 Section 6.4 The message and signature are decrypted using the receiver’s private key. Message 1111001010010 1001010001010 Decrypt using receiver’s private key 1111001010010 1001010001010 1101001001011 1111110100100 Encrypted Message

10 AQA Computing A2 © Nelson Thornes 2009 Section 6.4 The decrypted message is then separated into the original message and digital signature. 1111001010010 1001010001010 Digital Signature Message 1111001010010 1001010001010 Separate Digital Signature

11 AQA Computing A2 © Nelson Thornes 2009 Section 6.4 The digital signature (encrypted digest) is then decrypted using the sender’s public key. This proves it has been sent by the person who owns the private key. 010010100010 110100101010 Decrypted Digest Digital Signature (Encrypted Digest) 1111001010010 1001010001010 Decrypt using sender’s public key

12 AQA Computing A2 © Nelson Thornes 2009 Section 6.4 A new digest is produced from the original message using the same hash function as the original digest. 010010100010 110100101010 New Digest Message Hash Function

13 AQA Computing A2 © Nelson Thornes 2009 Section 6.4 The decrypted digest is then compared to the new digest. If the decrypted digest is the same as the new digest then the message has not been tampered with. 010010100010 110100101010 Decrypted Digest 010010100010 110100101010 New Digest

14 AQA Computing A2 © Nelson Thornes 2009 Section 6.4 Digital Signatures and Certificates Although this process sounds complicated it is all handled by the signing software so the messages can be signed and received using a simple click.

15 AQA Computing A2 © Nelson Thornes 2009 Section 6.4 Digital Signatures and Certificates A digital certificate is issued by a certification authority. It contains your name, a serial number, expiration dates, a copy of the certificate holder's public key A digital signature is created which is a digest of the sender’s public key and other details encrypted with the Private Key of CA. This is called the certificate. Recipient can check with CA’s public Key that the certificate valid. Digital certificates can be kept in registries so that authenticating users can look up other users' public keys.

16 Section 6.4 AQA Computing A2 © Nelson Thornes 2009 16 Generate hash A’s public Key Encrypt using CA’s Private key Decrypt using CA’s Public Key hash CA’s Private Key A’s public Key Certificate Authority Receiver’s Computer Generate hash A’s Certificate CA’s Public Key CA’s public Key Certificate Compare Hashes Receiver Hash Valid A’s Public Key Hash Company A’s public Key A’s Public Key

Download ppt "AQA Computing A2 © Nelson Thornes 2009 Section 6.4 1 Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates."

Similar presentations

What is. Digital Certificate It is an identity.

What is. Digital Certificate It is an identity.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Grid Computing Basics From the perspective of security or An Introduction to Certificates.

Grid Computing Basics From the perspective of security or An Introduction to Certificates.
Public Key Management and X.509 Certificates

Public Key Management and X.509 Certificates
Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.

Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.

Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.

Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
E-mail Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.

Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.

Similar presentations

Ads by Google