Presentation is loading. Please wait.

Presentation is loading. Please wait.

DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE.

Published byScott Nash Modified over 8 years ago

Similar presentations

Presentation on theme: "DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE."— Presentation transcript:

1 DIGITAL SIGNATURE

2 GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE WITHOUT ANNEXURE ADD NOTES AND EXPLANATIONS NOW UNLESS THE FORM IS COMPLETED YOU CANT FILE NOT POSSIBLE

3 What is a Signature ?

4 What is a Digital Signature A digital signature is the electronic signature (Certificate) duly issued by the Certifying Authority that shows the authenticity of the person signing the same.

5 How to Create ? Digital signatures, a form of electronic signatures, are created and verified using Public Key Cryptography that is based on the concept of a key pair generated by a mathematical algorithm, the public and private keys

6 What is Cryptography ? Cryptography is the science of enabling secure communications There are two types of cryptography: Secret/Symmetric Key Cryptography Public/Asymmetric Key Cryptography

7 What is a key? Physical keys are used for locking and unlocking. In cryptography, the equivalent functions are encryption and decryption. A key in this case is an algorithmic pattern or rule(s) to render the message unreadable.

8 What is secret/symmetric cryptography

9 What is public/asymmetric key cryptography

10 What is Message digest Message Digest is a small piece of data that results encryption. - A small alteration in the original message would cause a big change in the message digest; - Derivation of the original message is not possible from the message digest. It acts as a "fingerprint" of the message.

11 What EXACTLY is a Dig. Sign. ? A digital signature is an encrypted version of a message digest, attached together with a message. A secret key is first generated and used to encrypt the message. Public-key cryptography key is then used to encrypt the secret key. The secret key is attached to the message which was encrypted using the secret key.

12 Three Elements of A DSC Subject Name and Other Certificate Extensions. This is information about the object being certified. Public Key Information. This is the public key of the entity being certified. The certificate acts to bind the public key to the attribute information described above. Certifying Authority (CA) Signature. The CA signs the first two elements and thereby adds credibility to the certificate. People who receive the certificate check the signature and will believe the information if they trust that certifying authority.

13 So Far… We know that DSC is a message encrypted by a Secret Key We know that the Secret Key is encrypted by the Public Key of the Certifying Authority Our present doubts are : 1. Who will Certify the Certificate of the Certifying Authority ? 2. We have not yet discussed about the private key of the Digital Signature

14 Who gives it ? Controller of Certifying Authorities (CCA) www.cca.gov.in Certifying Authority (CA) 1. Tata Consultancy Services (TCS) 2. National Informatics Center (NIC) 3. IDRBT Certifying Authority 4. SafeScrypt CA Services, Sify Communications Ltd. 5. (n) Code Solutions CA 6. MTNL Trust Line 7. *Customs & Central Excise 8. E-MUDHRA

15 The CCA has established the Root Certifying Authority of India (RCAI) to digitally sign the Public Keys of licensed CAs in India. RCAI issues a digitally signed CA Certificate that authenticates the Public Key(s) of the CAs. The CCA has also established the National Repository of Digital Certificates (NRDC) as a directory of all Certificates issued by all the licensed CAs in India.

16 Registration Authorities (RAs) Registration Authorities (RAs) evaluate and approve or reject Certificate Applications in accordance with this Certificate Policy and relevant Certification Practice Statement.

17 Class 1, 2 or 3 ? 1.1. CLASS 1 CERTIFICATES. Class 1 Certificates are issued to Individuals with valid e-mail addresses. Class 1 validation procedures are based on the assurance that the subscriber’s Distinguished Name (DN) is unique and unambiguous within CERTIFYING AUTHORITY Repository and that the e-mail address in the DN is associated with the Public Key in the Certificate. Class 1 Certificates are appropriate for Digital Signatures, encryption, and electronic access control for non-commercial transactions where proof of identity is not required.

18 1.2. CLASS 2 CERTIFICATES. Class 2 Certificates are issued to Individuals, and Devices. Class 2 validation procedures are based on the assurance that subscriber’s Distinguished Name (DN) is unique and unambiguous within CERTIFYING AUTHORITY Repository and that the identity of the Subscriber based on information provided by the Subscriber in the Certificate Application does not conflict with the information in a CERTIFYING AUTHORITY approved and well recognized business or consumer database(s) (Validating Database). Class 2 Individual Certificates are appropriate for Digital Signatures, encryption, and electronic access control in transactions where proof of identity based on information in the Validating Database is sufficient. Class 2 Device Certificates are appropriate for device authentication; message, software, and content integrity; and confidentiality encryption.

19 1.3. CLASS 3 CERTIFICATES. Class 3 Certificates are issued to Individuals, Organizations, Servers, Devices, and Administrators for CAs and RAs. The validation procedures for Class 3 Certificates issued to Individuals are based on the personal (physical) presence of the Subscriber before a CERTIFYING AUTHORITY authorized person that confirms the identity of the Subscriber using a well-recognized form of government issued identification and one other identification credential. The validation procedures for Class 3 Certificates issued to Organizations are based on a confirmation that the Subscriber Organization does in fact exist, that the organization has authorized the Certificate Application, and that the person submitting the Certificate Application on behalf of the Subscriber was authorized to do so. Class 3 Individual Certificates are appropriate for Digital Signatures, encryption, and access control in transactions requiring a high assurance about the Subscriber’s identity. Class 3 Server Certificates are appropriate for server authentication; message, software, and content integrity; and confidentiality encryption.

20 Identifying a Certificate chain

21 Documents Certificate Policy Certification Practice Statements Subscriber Agreement CA relying party agreement

22 Doubt We have not yet discussed about the private key of the Digital Signature the private key of the Digital Signature the validating Database the validating Database

23 HOW TO GET – MACRO VIEW

24 HOW TO GET – PRE - REGISTRATION 1. Accept Subscriber Agreement 2. Pay Fee 3. Generate Physical Copy of Application Form 4. Attach Identity Proof (As selected in the online form), Proof of address and Photo copy of ID card of attesting officer 5. Send physically to RA

25 HOW TO GET – CLAIMING THE DSC Provide personal details not given earlier Generate Key Pairs Download the Certificate Export using a private key

26 DSC CARRIER BROWSER vs. TOKEN Safety Cost Flexibility

27

28 Thank you

Download ppt "DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Installation & User Guide

Installation & User Guide
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
(n)Code Solutions A division of GNFC

(n)Code Solutions A division of GNFC
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.

Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC513-01 Instructor:Professor Anvari Student ID:106845 Name:Xin Wen Date:11/25/00.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.

E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Similar presentations

Ads by Google