Welcome to theWelcome to theIntroduction ofIntroduction of

Digital SignatureDigital Signature

Submitted By:Submitted By:

Ankit Saxena Ankit Saxena B.Tech. IV year B.Tech. IV year

0612310010 0612310010

ContentsContents 1 Definition 2 History 3 How a message be send using D.S3 How a message be send using D.S.. 44 Benefits of digital signatures 55 Drawbacks of digital signatures 66 Paper signature Vs Digital signaturePaper signature Vs Digital signature 7 Conclusion7 Conclusion

DefinitionDefinition

A A digital signaturedigital signature or or digital signature digital signature schemescheme is a type of asymmetric cryptography is a type of asymmetric cryptography used to simulate the security properties of a used to simulate the security properties of a signature in digital, rather than written, form. signature in digital, rather than written, form. Digital signature schemes normally give two Digital signature schemes normally give two algorithms, one for signing which involves the algorithms, one for signing which involves the user's secret or private key, and one for user's secret or private key, and one for verifying signatures which involves the user's verifying signatures which involves the user's public key. The output of the signature process public key. The output of the signature process is called the "digital signature." is called the "digital signature."

What’s Digital Signing?What’s Digital Signing? There are many ways to sign a digital document, but we will only present the standard Digital Signing protocol. Digital signing is used to provide trust that the content has come from the claimed source and has not been altered. There are many ways to sign a digital document, but we will only present the standard Digital Signing protocol .Digital signing is used to provide trust that the content has come from the claimed source and has not been altered.

Why Digital Signatures? To provide Authenticity, Integrity and Non-repudiation to electronic documents To use the Internet as the safe and secure medium for e-Commerce and e-Governance

HistoryHistory

In the famous paper "New Directions in In the famous paper "New Directions in Cryptography", Whitfield Diffie and Martin Hellman Cryptography", Whitfield Diffie and Martin Hellman first described the notion of a digital signature first described the notion of a digital signature scheme, although they only conjectured that such scheme, although they only conjectured that such schemes existed.Soon afterwards, Ronald Rivest, Adi schemes existed.Soon afterwards, Ronald Rivest, Adi Shamir, and Len Adleman invented the RSA Shamir, and Len Adleman invented the RSA algorithm that could be used for primitive digital algorithm that could be used for primitive digital signatures). The first widely marketed software signatures). The first widely marketed software package to offer digital signature was Lotus Notes package to offer digital signature was Lotus Notes 1.0, released in 1989, which used the RSA algorithm. 1.0, released in 1989, which used the RSA algorithm.

How a message be send How a message be send usingusing

Digital SignatureDigital Signature

WORKINGWORKINGDigital Signature Standard (DSS)Digital Signature Standard (DSS)

Signed Messages

Message+

Signature

Message+

Signature

HashHash

DecryptSignatureWith Sender’s Public Key

DecryptSignatureWith Sender’s Public Key

SIGN hashWith Sender’s Private key

SIGN hashWith Sender’s Private key

Message+

signature

Message+

signature

COMPARECOMPARE

Calculated Hash

Calculated HashMessageMessage

Sender Receiver

HashHash

Signed Message

Sent thru’ Internet

if

OKSignatures

verified

Digital Signature Technologies Digital Signature Technologies

PKI (Public Key Infrastructure)Digital CertificatesRSAElGamalMD5PGPS/MIME

Public Key Infrastructure Public Key Infrastructure (PKI)(PKI)

Some Trusted Agency is required which Some Trusted Agency is required which certifies the association of an individual certifies the association of an individual with the key pair.with the key pair.

Certifying Authority (CA)Certifying Authority (CA)This association is done by issuing a This association is done by issuing a

certificate to the user by the CAcertificate to the user by the CAPublic key certificate (PKC)Public key certificate (PKC)

All public key certificates are digitally All public key certificates are digitally signed by the CAsigned by the CA

Digital Signature Technologies Digital Signature Technologies

PKI (Public Key Infrastructure)Digital CertificatesRSAElGamalMD5PGPS/MIME

Digital Certificates & Certification Digital Certificates & Certification AuthorityAuthority

Signed by using

CA’sprivate

key

Signed by using

CA’sprivate

key

UserName &

other credentials

UserName &

other credentials

User’s Public

key

User’s Public

key

User Certificate

Certificate Database

Publish

CertificateRequest

User Name

User’s Public Key

CA’s Name

Validity

Digital Signature of CA

Certificate Class

User’s EmailAddress

Serial No.

Key pair Generation

Private PublicWeb site of CA

User 1 certificate

User 2 certificate.

Public

License issued by CCA

Digital Signature TechnologiesDigital Signature Technologies

PKI (Public Key Infrastructure)Digital CertificatesRSADSAElGamalSHAMD5PGPS/MIME

RSARSA

A public key crypto system invented byA public key crypto system invented by

RIVEST,SHAMIR and ADLEMAN (hence RIVEST,SHAMIR and ADLEMAN (hence R.S.A. initial) in 1977. R.S.A. initial) in 1977.

• Patented by RSA security but expired in 2000.• It relies on the complexity of factoring very large

prime nos.

Digital signature TechnologiesDigital signature Technologies•PKI (Public Key Infrastructure)

•Digital Certificates•RSA•DSA•ElGamal•SHA•MD5•PGP•S/MIME

Digital signature TechnologiesDigital signature Technologies •PKI (Public Key Infrastructure)

•Digital Certificates•RSA•DSA•ElGamal•SHA•MD5•PGP•S/MIME

ElgamalElgamal

It is a public key cryptosystemIt is a public key cryptosystem ..

It is not used to encrypt message.It is not used to encrypt message. It was invented by Taher Elgamal.It was invented by Taher Elgamal. It was not patentedIt was not patented ..

Digital signature TechnologiesDigital signature Technologies •PKI (Public Key Infrastructure)

•Digital Certificates•RSA•DSA•ElGamal

•MD5•PGP•S/MIME

MD5MD5

MD5 is another hashing algorithm MD5 is another hashing algorithm created by RIVEST of MIT and one created by RIVEST of MIT and one of creators of the algorithm. It of creators of the algorithm. It produces a 128 bit message digest, and produces a 128 bit message digest, and while quite popular.while quite popular.

Digital signature TechnologiesDigital signature Technologies •PKI (Public Key Infrastructure)

•Digital Certificates•RSA•ElGamal•MD5•PGP

•S/MIME

PGPPGP

Pretty Good Privacy(PGP) is one of Pretty Good Privacy(PGP) is one of the most widely used encryption for the most widely used encryption for email . It was created by Phil email . It was created by Phil Zimmermann in 1991 and is defined Zimmermann in 1991 and is defined by the open PGP Working Group of by the open PGP Working Group of the IETF standard RFC 2440. PGP is the IETF standard RFC 2440. PGP is excellent softwareexcellent software..

Digital signature TechnologiesDigital signature Technologies •PKI (Public Key Infrastructure)

•Digital Certificates•RSA•ElGamal•MD5

•PGP

•S/MIME

S/MIMES/MIME

S/MIME is based on PKI so it suffers the S/MIME is based on PKI so it suffers the same problems and high costs. Like PGP, same problems and high costs. Like PGP, it also just digitally signs the message and it also just digitally signs the message and doesn’t create legally enforceable doesn’t create legally enforceable electronics signature. electronics signature.

Benefits of digital signaturesBenefits of digital signatures

Authentication :Authentication :

Digital signatures can be used to Digital signatures can be used to authenticate the source of messages. authenticate the source of messages. When ownership of a digital signature When ownership of a digital signature secret key is bound to a specific user, a secret key is bound to a specific user, a valid signature shows that the message valid signature shows that the message was sent by that user. The importance of was sent by that user. The importance of high confidence in sender authenticity is high confidence in sender authenticity is especially obvious in a financial context. especially obvious in a financial context.

Integrity:Integrity: In many scenarios, the sender and receiver of a In many scenarios, the sender and receiver of a

message may have a need for confidence that message may have a need for confidence that the message has not been altered during the message has not been altered during transmission. Although encryption hides the transmission. Although encryption hides the contents of a message, Furthermore, there is contents of a message, Furthermore, there is no efficient way to modify a message and its no efficient way to modify a message and its signature to produce a new message with a signature to produce a new message with a valid signature, because this is still considered valid signature, because this is still considered to be computationally infeasible by most to be computationally infeasible by most cryptographic hash functions cryptographic hash functions

Drawbacks of digital signaturesDrawbacks of digital signatures Association of digital signatures and trusted Association of digital signatures and trusted

time stamping:time stamping: Digital signature algorithms and protocols do not Digital signature algorithms and protocols do not

inherently provide certainty about the date and time at inherently provide certainty about the date and time at which the underlying document was signed. The which the underlying document was signed. The signer might, or might not, have included a time signer might, or might not, have included a time stamp with the signature, or the document itself might stamp with the signature, or the document itself might have a date mentioned on it, but a later reader cannot have a date mentioned on it, but a later reader cannot be certain the signer did not, for instance, backdate be certain the signer did not, for instance, backdate the date or time of the signature. Such misuse can be the date or time of the signature. Such misuse can be made impracticable by using trusted time stamping in made impracticable by using trusted time stamping in addition to digital signatures. addition to digital signatures.

Non-repudiation:Non-repudiation:

In a cryptographic context, the word In a cryptographic context, the word repudiation refers to any act of repudiation refers to any act of disclaiming responsibility for a message. disclaiming responsibility for a message. A message's recipient may insist the A message's recipient may insist the sender attach a signature in order to make sender attach a signature in order to make later repudiation more difficult, since the later repudiation more difficult, since the recipient can show the signed message to recipient can show the signed message to a third party (eg, a court) to reinforce a a third party (eg, a court) to reinforce a claim as to its signatories and integrity. claim as to its signatories and integrity.

Paper signatures v/s Digital Signatures

ParameterParameter PaperPaper ElectronicElectronic

AuthenticityAuthenticity May be forgedMay be forged Can not be copiedCan not be copied

IntegrityIntegrity Signature Signature independent of the independent of the documentdocument

Signature depends Signature depends on the contents of on the contents of the documentthe document

Non-Non-repudiationrepudiation

a.a. Handwriting Handwriting expert neededexpert needed

b.b. Error proneError prone

a.a. Any computer Any computer useruser

b.b. Error freeError free

V/s

ConclusionConclusion

I want to conclude that digital I want to conclude that digital signature is very important for for signature is very important for for the Encryption techniques in the Encryption techniques in cryptography , that provides message cryptography , that provides message authenticity and message Integrity.authenticity and message Integrity.

Thank YouThank You