6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC513-01 Instructor:Professor Anvari Student ID:106845 Name:Xin Wen Date:11/25/00.

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

Public Key Infrastructure and Applications
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Digital Signatures and Hash Functions. Digital Signatures.
PROJECT ON DIGITAL SIGNATURE Submitted by: Submitted to: NAME: Roll no: Reg.no. :
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Cryptographic Technologies
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
© Julia Wilk (FHÖV NRW) 1 Digital Signatures. © Julia Wilk (FHÖV NRW)2 Structure 1. Introduction 2. Basics 3. Elements of digital signatures 4. Realisation.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.
1. INDEX 2 A signature is a handwritten depiction of someone’s name or nickname that a person writes on documents as proof of identity and intent. Signature.
Cyber Law & Islamic Ethics
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.
Digital Signature Technologies & Applications Ed Jensen Fall 2013.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
Secure Electronic Transaction (SET)
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Cryptography, Authentication and Digital Signatures
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Risks of data manipulation and theft Gateway Average route travelled by an sent via the Internet from A to B Washington DC A's provider Paris A.
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.
NDSU Lunchbytes "Are They Really Who They Say They Are?" Digital or Electronic Signature Information Rick Johnson, Theresa Semmens, Lorna Olsen April 24,
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.
DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE.
ELECTROINC COMMERCE TOOLS Chapter 6. Outline 6.0 Introduction 6.1 PUBLIC KEY INFRASTRUCTURE (PKI) AND CERTIFICATE AUTHORITIES (CAs) TRUST
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Lifecycle Metadata for Digital Objects October 18, 2004 Transfer / Authenticity Metadata.
What is Digital Signature Building confidentiality and trust into networked transactions. Kishankant Yadav
Digital Signatures, Message Digest and Authentication Week-9.
Welcome to the Introduction of Digital Signature Submitted By: Ankit Saxena.
DIGITAL SIGNATURE.
Using Public Key Cryptography Key management and public key infrastructures.
Content Introduction History What is Digital Signature Why Digital Signature Basic Requirements How the Technology Works Approaches.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Guided by : VIPUL GAJJAR Prepared by: JIGAR KAKADIYA.
 Introduction  History  What is Digital Signature  Why Digital Signature  Basic Requirements  How the Technology Works  Approaches.
TAG Presentation 18th May 2004 Paul Butler
TAG Presentation 18th May 2004 Paul Butler
Digital Signature.
IS3230 Access Security Unit 9 PKI and Encryption
Pooja programmer,cse department
PKI (Public Key Infrastructure)
Instructor Materials Chapter 5: Ensuring Integrity
Presentation transcript:

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00

6/1/20152 Content Introduction Digital Signature and information security Public key cryptography Digital Signature components & processes Public key infrastructure(PKI) & its Flow

6/1/20153 Introduction Paperless office Cultural tradition Tangible paper Handwritten signature Sealed envelopes etc. Lack of legal admit Lack of infrastructure to support it Technology

6/1/20154 The Internet and electronic commerce Internet Lack of sufficient information security Lack of framework to enable electronic commerce Public key cryptography technology Legal recognition of digital signatures The elimination of paper becomes true

6/1/20155 Fundamental requirement Sender authenticity Message integrity Non-repudiation Signature formalities

6/1/20156 Satisfying the requirements in electronic commerce The purpose is to Protect the message Not the medium No way to make a secure environment The availability and affordability of the public network Secure the message Base on public key cryptography Utah Digital Signature Act is the first one

6/1/20157 Digital Signatures & information security A digital signature is not a digitized image of a handwritten signature like the UPS signature Signature is digitized Image is transferred to electronic document Once captured, can be easily copy and paste A digital signature is An actual transformation of an electronic message using public key cryptography Tied to the signed document and signer, not reproducible Legal admitted Contract can be done over internet

6/1/20158 The basic principles All data entered into a computer is read as a binary number. For example: “Jack and Jill went up the hill The computer read it as:” ” etc Perform mathematical functions on the number Messages be transformed to alternate representations unique to the original one

6/1/20159 Public key cryptography Employs an algorithm using two different but mathematically related “keys” One (primary key) for creating a digital signature or transforming data into a seemingly unintelligible form Another key (public key) for verifying a digital signature or returning the message to its original form

6/1/ Public key cryptography Also termed as asymmetric key cryptography Involves an asymmetric key pair Public key: freely disseminated; no need of confidential Private key: must keep secret Characteristics of the key pairs Mathematical related, but impossible to calculated each other Each key perform the inverse function of the other, one key does only that the other can undo

6/1/ Digital Signature components Digital signatures are based on asymmetric, public key cryptography The digital signing and verification processes involve a hash algorithm and a signature algorithm(extremely complex math equation)

6/1/ Digital Signature components 100 Original Message *2 Hash Algorithm = 200 MessageDigest(fingerprint) *2 Signature Algorithm = 400 Digital Signature (*2 is primary key) a digital signature has nothing to do with the signer’s name or handwritten signature An actual transformation of the message itself, and that is “secret” only known by the signer Tied to both the signer and the message being signed.

6/1/ Creating a digital signature Message Hash Function Message Digest Signature Function Digital Signature Message Signature Private Key

6/1/ Verifying a digital signature Message Hash Function Message Digest Signature Function Message Digest If the message digest are identical, the signature will verify, If they are different in any way, the signature will not verify. Signer’s Public Key

6/1/ Public key infrastructure Using digital signature software Generate a key pair Release his public key to the on-line world Use any identity he choose Certification authority (CA) A trusted third party Guarantee individuals’ identities, Guarantee their relationship to their public keys (Bind their identities to the key pairs)

6/1/ Public key infrastructure Digital certificates contains: Name of the subscriber The subscriber’s public key The digital signature of the issuing CA The issuing CA’s public key Other pertinent information about the subscriber Subscriber’s organization (e.g. his authority to conduct certain transactions.etc) These certificates are stored in a on-line, publicly accessible repository

6/1/ PKI Process Flow Certification Authority Repository SubscriberRelying Party

6/1/ PKI Process Flow Step1. Subscriber applies to Certification Authority for Digital Certificate Step2. CA verifies identity of subscriber and issues Digital Certificate Step3. CA publishes Certificate to Repository Step4. Subscriber digitally signs electronic message with Private key to ensure Sender Authenticity, Message Integrity and Non-repudiation and sends to Relying Party Step5. Relying Party receives message, verifies Digital Signature with Subscriber’s Public Key, and goes to Repository to check status and validity of Subscriber’s Certificate Step6. Repository returns results of status check on Subscriber’ Certificate to Relying Party

6/1/ Digital signature applications Any processes that requires strong authentication of both sender and contents of the message, and non-repudiation. Such applications as Purchase order systems Automated forms processing contracts Remote financial transactions or inquires

6/1/ Covers Digital Signature What it is Basic principle Its components Create and verifying it Its application Public key cryptography Definition Character of key pairs Public key infrastructure PKI PKI Process Flow