Scribd
Upload
307 views12 pages

7 - Digital Signature

Digital signatures provide authentication of a message sender, integrity of message contents, and non-repudiation by verifying the sender, date and time of signature, and authenticating message contents. Digital signatures must depend on the message signed, use unique sender information to prevent forgery and denial, be easy to produce and verify, and be computationally infeasible to forge. Direct digital signatures involve only the sender and receiver, while arbitrated digital signatures involve a third party arbiter to validate signatures. Digital certificates provide certification that a person is authorized to use a public key algorithm issued by a certification authority, a trusted third party that issues public key algorithms to users.

Uploaded by

Mangala Semage
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
307 views12 pages

7 - Digital Signature

Digital signatures provide authentication of a message sender, integrity of message contents, and non-repudiation by verifying the sender, date and time of signature, and authenticating message contents. Digital signatures must depend on the message signed, use unique sender information to prevent forgery and denial, be easy to produce and verify, and be computationally infeasible to forge. Direct digital signatures involve only the sender and receiver, while arbitrated digital signatures involve a third party arbiter to validate signatures. Digital certificates provide certification that a person is authorized to use a public key algorithm issued by a certification authority, a trusted third party that issues public key algorithms to users.

Uploaded by

Mangala Semage
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 12

Digital Signature

Week - 7
Acknowledgement
Prepared by Nishanthi Herath – ATI, Kandy
Based on Cryptography and Network Security, 4th
Edition by William Stallings referring the
lecture slides by
Lawrie Brown
Intended Learning Outcomes
• At the end of this lesson, you shall be able to
– Define Digital Signature (DS), Digital Certificate
(DC), Certification Authority (CA)
– Explain the need of DS,DC and CA,Benefits of
DS,DC and CA
– Identify real world situations where these
concepts are applicable
– Design and implement simple software that
supports these concepts
Digital Signature
• have looked at message authentication
– but does not address issues of lack of trust
• digital signatures provide the ability to:
– verify author, date & time of signature
– authenticate message contents
– be verified by third parties to resolve disputes
• hence include authentication function with
additional capabilities
Digital Signature Properties
• must depend on the message signed
• must use information unique to sender
– to prevent both forgery and denial
• must be relatively easy to produce
• must be relatively easy to recognize & verify
• be computationally infeasible to forge
– with new message for existing digital signature
– with fraudulent digital signature for given message
• be practical save digital signature in storage
Direct Digital Signatures
• involve only sender & receiver
• assumed receiver has sender’s public-key
• digital signature made by sender signing
entire message or hash with private-key
• can encrypt using receivers public-key
• important that sign first then encrypt message
& signature
• security depends on sender’s private-key
Arbitrated Digital Signatures
• involves use of arbiter A
– validates any signed message
– then dated and sent to recipient
• requires suitable level of trust in arbiter
• can be implemented with either private or
public-key algorithms
• arbiter may or may not see message
Authentication Protocols
• used to convince parties of each others
identity and to exchange session keys
• may be one-way or mutual
• key issues are
– confidentiality – to protect session keys
– timeliness – to prevent replay attacks
• published protocols are often found to have
flaws and need to be modified
Replay Attacks
• where a valid signed message is copied and later
resent
– simple replay
– repetition that can be logged
– repetition that cannot be detected
– backward replay without modification
• countermeasures include
– use of sequence numbers (generally impractical)
– timestamps (needs synchronized clocks)
– challenge/response (using unique nonce)
Using Symmetric Encryption
• as discussed previously can use a two-level
hierarchy of keys
• usually with a trusted Key Distribution Center
(KDC)
– each party shares own master key with KDC
– KDC generates session keys used for connections
between parties
– master keys used to distribute these to them

Digital Certificate
An electronic Document which provides the
certification that a person is authorised to use
the Public Key algorithm given to him by a
trusted third party
• Provided to all users of a systems when they
are given the Public Key for the corresponding
system
• The user is bound to produce his Digital
Certificate at any time on request by the
employer or a customer
Certification Authority
• A trusted third party organisation who is
involved in issuing Public Key Algorithms to
users
• They are responsible for the security provided
by the Digital Signature generated using Public
and private keys
• VeriSign is a Certification Authority

You might also like