Klara Góral Karolina Kozak Ignacio Lastres Electronic signature.

Slides:



Advertisements
Similar presentations
Public Key Infrastructure and Applications
Advertisements

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Cryptographic Technologies
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
© Julia Wilk (FHÖV NRW) 1 Digital Signatures. © Julia Wilk (FHÖV NRW)2 Structure 1. Introduction 2. Basics 3. Elements of digital signatures 4. Realisation.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Encryption Methods By: Michael A. Scott
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.
Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
CSCI 6962: Server-side Design and Programming
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Public Key Cryptography July Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.
Cryptography, Authentication and Digital Signatures
ITIS 1210 Introduction to Web-Based Information Systems Chapter 50 Cryptography, Privacy, and Digital Certificates.
Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.
Internet-security.ppt-1 ( ) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.
DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
What is Digital Signature Building confidentiality and trust into networked transactions. Kishankant Yadav
Digital Signatures, Message Digest and Authentication Week-9.
DIGITAL SIGNATURE.
Security fundamentals Topic 4 Encryption. Agenda Using encryption Cryptography Symmetric encryption Hash functions Public key encryption Applying cryptography.
Encryption Basics Module 7 Section 2. History of Encryption Secret - NSA National Security Agency –has powerful computers - break codes –monitors all.
Mort Anvari Introduction to Encryption Technology To insert your company logo on this slide From the Insert Menu Select “Picture” Locate your logo file.
Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.
Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy
Network Security Celia Li Computer Science and Engineering York University.
EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
Content Introduction History What is Digital Signature Why Digital Signature Basic Requirements How the Technology Works Approaches.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Unit 3 Section 6.4: Internet Security
e-Health Platform End 2 End encryption
NET 311 Information Security
Pooja programmer,cse department
Presentation transcript:

Klara Góral Karolina Kozak Ignacio Lastres Electronic signature

Agenda: 1. Introduction 2. General overlook 3. Legal statements 4. History 5. Construction 6. Use of electronic signature 7. Future

General overlook

Signature Stylized script associated with a person

Electronic signature An electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record

electronic signature vs. digital signature

Legal statements

Laws regarding use of electronic signatures Canada - PIPEDA Japan - Law Concerning Electronic Signatures and Certification Services India - Information Technology Act European Union - Electronic Signature Directive Czechia – Zákon o elektronickém podpisu Croatia Costa Rica - Digital Signature Law China - Law of the People’s Republic of China on Electronic Signature Canada - PIPEDA Singapore - Singapore Electronic Transactions Act Poland - Ustawa o podpisie elektronicznym Philippines - Electronic Commerce Act Peru - Ley Nº Ley de Firmas y Certificados Digitales Mexico - E-Commerce Act Republika Srpska Spain - Real Decreto- ley 14/1999, sobre firma electrónica South Africa - The Electronic Communications and Transactions Act Slovenia Slovene Electronic Commerce and Electronic Signature Act Slovakia - Zákon č.215/2002 o elektronickom podpise U.S. - Digital Signature And Electronic Authentication Law UK - s.7 Electronic Communications Act 2000 Turkey - Electronic Signature Law

Laws regarding use of electronic signatures Canada - PIPEDA Japan - Law Concerning Electronic Signatures and Certification Services India - Information Technology Act European Union - Electronic Signature Directive Czechia – Zákon o elektronickém podpisu Croatia Costa Rica - Digital Signature Law China - Law of the People’s Republic of China on Electronic Signature Canada - PIPEDA Singapore - Singapore Electronic Transactions Act Poland - Ustawa o podpisie elektronicznym Philippines - Electronic Commerce Act Peru - Ley Nº Ley de Firmas y Certificados Digitales Mexico - E-Commerce Act Republika Srpska Spain - Real Decreto- ley 14/1999, sobre firma electrónica South Africa - The Electronic Communications and Transactions Act Slovenia Slovene Electronic Commerce and Electronic Signature Act Slovakia - Zákon č.215/2002 o elektronickom podpise U.S. - Digital Signature And Electronic Authentication Law UK - s.7 Electronic Communications Act 2000 Turkey - Electronic Signature Law

The Electronic Signatures in Global and National Commerce Act (ESIGN) Validity and legal effect of contracts entered into electronically legal status equivalent to a written signature may not be denied legal effect, validity, or enforceability solely because it is in electronic form

Legal requirements of electronic signatures: must be unique to the person using it must be verifiable must be under the sole control of the person using it must guarantee that the document signed cannot be altered after it has been electronically signed must capture and preserve the signer's intent, consent, understanding, or responsibility related to a document that is being signed

History

History of electronic signatures Before 1861 – morse code used to send messages electronically by telegraphy acceptance of the enforceability of telegraphic messages as electronic signatures in New Hampshire Supreme Court 1980s – use of fax 1990s - Acceptance of the enforceability of agreements made by , entering PIN into a bank ATM, signing a debit or credit slip with digital pen pad device, installing software with a clickwrap software licence on the package, signing electronic documents online

History of electronic signatures Joint Communicué on electronic commerce first agreement signed electronically by USA and Ireland in 1998

Construction How it works?

Cryptography The basis of electronic signatures is cryptography, mathematical discipline that not only handles the encryption of texts to ensure their confidentiality and provides mechanisms to ensure data integrity and identity of participants in a transaction.

Cryptography Encryption involves transforming a plain text (understood by all) by an algorithm in a cipher text, thanks to a secret or encryption key, which is unintelligible to all except the legitimate recipient. HASH function

Hash function To obtain a hash (also called a message digest) of a text fairly short series of characters representing the text to which you apply this hash function  the fingerprint of a document.

Hash function Must only associate a hash with a plain text  the slightest alteration of the document will cause a change in the hash. It must be a one-way function for the original message can not be retrieved from the hash. If there is a way of finding the plaintext from the hash, it seems that the hash function has a "trapdoor. "

Hash algorithms MD5 (Message Digest) - developed by Rivest in creates (from a text whose size is chosen at random) a 128-bit fingerprint processing it into blocks of 512 bits. - it is common to see Internet downloads that are accompanied by MD5 files  to verify its integrity.

Hash algorithms SHA (Secure Hash Algorithm) - creates a digital fingerprint that is 160 bits of length. - SHA-1 is an improved version from 1994 produces a fingerprint of 160 bits from a message that has a maximum length of 264 bits and processed in blocks of 512 bits.

Integrity verification when sending a message along with its hash  the recipient can be sure that the message has not been altered(intentionally or accidentally). when a recipient receives a message simply has to calculate the hash of the received message and comparing it with the hash that accompanies the document. if the message(or hash) is falsified during the communication, the two digital fingerprints will not coincide.

Sealing data to ensure that the message has been sent by the person claiming to be the sender. the sender simply encrypts (signs) the hash using its private key (seal) and send the seal to the recipient the recipient must decrypt the seal with the sender's public key then the recipient must compare the received hash with the hash function of the hash received as attachment.

Methods of encryption Asymmetric encryption or public key - when using a pair of separate keys for encryption and decryption processes. - one key, the private is kept secret, while the second key, the public, is known by everyone. -using RSA algorithms, Diffie-Hellman, etc.

Example 1. John produces a summary of the document. 2. John encrypts the abstract with his private key, thereby signing the document. This summary is your electronic signature. 3.John sends the document along with the summary signed (electronic signature) to Peter. 4. Peter produces a summary of the document received from John, using the same function summary way. 5. Peter then decrypted with the public key of John, which is known, the summary signed (electronic signature of John). 6. If the digest matches the digest signed Peter has generated the electronic signature is valid.

Methods of encryption Symmetric key encryption or secret - when using the same key in encryption and decryption operations. - these systems are much faster than public key, and appropriate for the encryption of large volumes of data. - this is done using algorithms such as IDEA, RC5, DES, Triple DES, etc..

Use of electronic signature

Use of electronic signatures e-government and on-line banking signing electronic contracts and other documents authorizing online forms and service orders provide advantage over non-user competition

Future

Electronic signatures in Poland ID card with chip