CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

Slides:

Advertisements

Similar presentations

Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.

Advertisements

Cryptography and Network Security

Digital Signatures and Hash Functions. Digital Signatures.

Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.

Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Chapter 13 – Digital Signatures & Authentication Protocols Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,

CNS2010handout 10 :: digital signatures1 computer and network security matt barrie.

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

Digital Signature Algorithm (DSA) Kenan Gençol presented in the course BIL617 Cryptology instructed by Asst.Prof.Dr. Nuray AT Department of Computer Engineering,

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Cryptography1 CPSC 3730 Cryptography Chapter 13 Digital Signature Standard (DSS)

1 Information System Security AABFS-Jordan Summer 2006 Digital Signature and Hashing Functions Prepared by: Maher Abu Hamdeh & Adel Hamdan Supervised by:

Chapter 3 Encryption Algorithms & Systems (Part C)

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 6 Epayment Security II.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.5 Public Key Algorithms.

E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.

CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS

Cryptography and Network Security Chapter 13

13.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 13 Digital Signature.

13.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 13 Digital Signature.

Csci5233 Computer Security1 Bishop: Chapter 10 Key Management: Digital Signature.

Information Security and Management 13. Digital Signatures and Authentication Protocols Chih-Hung Wang Fall

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

Lecture 8 Digital Signatures. This lecture considers techniques designed to provide the digital counterpart to a handwritten signature. A digital signature.

Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.

Chapter 5 Digital Signatures MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.

Bob can sign a message using a digital signature generation algorithm

1 Lect. 15 : Digital Signatures RSA, ElGamal, DSA, KCDSA, Schnorr.

The RSA Algorithm Rocky K. C. Chang, March

Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.

Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.

Digital Signatures: Mathematics Zdeněk Říha. Data authentication Data integrity + data origin Digital signature Asymmetric cryptography public and private.

IT 221: Introduction to Information Security Principles Lecture 6:Digital Signatures and Authentication Protocols For Educational Purposes Only Revised:

Cryptography, Authentication and Digital Signatures

Digital Signatures A primer 1. Why public key cryptography? With secret key algorithms Number of key pairs to be generated is extremely large If there.

Lecture 3.4: Public Key Cryptography IV CS 436/636/736 Spring 2013 Nitesh Saxena.

Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.

Cryptography and Network Security Chapter 13 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.

Signcryption Parshuram Budhathoki Department of Mathematical Sciences Florida Atlantic University April 18, 2013

Data Security and Encryption (CSE348) 1. Lecture # 20 2.

Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

1 Number Theory and Advanced Cryptography 6. Digital Signature Chih-Hung Wang Sept Part I: Introduction to Number Theory Part II: Advanced Cryptography.

Prepared by Dr. Lamiaa Elshenawy

DIGITAL SIGNATURE. A digital signature is an authentication mechanism that enables the creator of a message to attach a code that acts as a signature.

Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 11 September 23, 2004.

Digital Signature Standard (DSS) US Govt approved signature scheme designed by NIST & NSA in early 90's published as FIPS-186 in 1991 revised in 1993,

X. Digital Signatures and Authentication Protocols We begin this chapter with an overview of digital signatures, authentication protocol and Digital Signature.

1 An Ordered Multi-Proxy Multi-Signature Scheme Authors: Min-Shiang Hwang, Shiang-Feng Tzeng, Shu-Fen Chiou Speaker: Shu-Fen Chiou.

Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.

1 The RSA Algorithm Rocky K. C. Chang February 23, 2007.

Security. Security Needs Computers and data are used by the authorized persons Computers and their accessories, data, and information are available to.

Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.

Cryptography and Network Security Chapter 13

Fourth Edition by William Stallings Lecture slides by Lawrie Brown

CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles 14. Digital signature.

Cryptographic Hash Function

B. R. Chandavarkar CSE Dept., NITK Surathkal

Digital Signatures…!.

Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS

Cryptography and Network Security Chapter 13

Digital Signature Standard (DSS)

Presentation transcript:

CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin

CSE 597E Fall 2001 PennState University2 Introduction Cryptography – art & science of preventing users from unauthorized or illegal actions towards information, networking resources and services. Cryptographic transformation – conversion of input data into output data using a cryptographic key. Cryptosystem – forward and inverse cryptographic transformation pair

CSE 597E Fall 2001 PennState University3 A Cryptosystem Input data Forward Cryptographic Transformation Inverse Cryptographic Transformation Key Output data Input data SenderReceiver

CSE 597E Fall 2001 PennState University4 Types of Cryptosystems Private key cryptosystem – a private key is shared between the two communicating parties which must be kept secret between themselves. Public key cryptosystem – the sender and receiver do not share the same key and one key can be public and the other can be private

CSE 597E Fall 2001 PennState University5 Types of Cryptosystems Forward Cryptographic Transformation Inverse Cryptographic Transformation Key Output data Input data SenderReceiver Input data Share private key A Private Key Cryptosystem

CSE 597E Fall 2001 PennState University6 Types of Cryptosystems Forward Cryptographic Transformation Inverse Cryptographic Transformation 1 st Key2 nd Key Output data Input data SenderReceiver Input data Do not share the same key information and one key may be public A Public Key Cryptosystem

CSE 597E Fall 2001 PennState University7 Digital Signatures Encryption, message authentication and digital signatures are all tools of modern cryptography. A signature is a technique for non- repudiation based on the public key cryptography. The creator of a message can attach a code, the signature, which guarantees the source and integrity of the message.

CSE 597E Fall 2001 PennState University8 Properties of Signatures Similar to handwritten signatures, digital signatures must fulfill the following: Must not be forgeable Recipients must be able to verify them Signers must not be able to repudiate them later In addition, digital signatures cannot be constant and must be a function of the entire document it signs

CSE 597E Fall 2001 PennState University9 Types of Signatures Direct digital signature – involves only the communicating parties Assumed that receiver knows public key of sender. Signature may be formed by (1) encrypting entire message with sender’s private key or (2) encrypting hash code of message with sender’s private key. Further encryption of entire message + signature with receiver’s public key or shared private key ensures confidentiality.

CSE 597E Fall 2001 PennState University10 Types of Signatures Problems with direct signatures: Validity of scheme depends on the security of the sender’s private key  sender may later deny sending a certain message. Private key may actually be stolen from X at time T, so timestamp may not help.

CSE 597E Fall 2001 PennState University11 Types of Signatures Arbitrated digital signature – involves a trusted third party or arbiter Every signed message from sender, X, to receiver, Y, goes to an arbiter, A, first. A subjects message + signature to number of tests to check origin & content A dates the message and sends it to Y with indication that it has been verified to its satisfaction

CSE 597E Fall 2001 PennState University12 Basic Mechanism of Signature Schemes A key generation algorithm to randomly select a public key pair. A signature algorithm that takes message + private key as input and generates a signature for the message as output A signature verification algorithm that takes signature + public key as input and generates information bit according to whether signature is consistent as output.

CSE 597E Fall 2001 PennState University13 Digital Signature Standards NIST FIPS 186 Digital Signature Standard (DSS) El Gamal RSA Digital Signature - ISO ANSI X CCITT X.509

CSE 597E Fall 2001 PennState University14 DSS Public-key technique. User applies the Secure Hash Algorithm (SHA) to the message to produce message digest. User’s private key is applied to message digest using DSA to generate signature.

15 Global Public-Key Components p A prime number of L bits where L is a multiple of 64 and 512  L  1024 qA 160-bit prime factor of p-1 g= h (p-1)/q mod p, where h is any integer with 1 1 User’s Private Key xA random or pseudorandom integer with 0<x<q User’s Public Key y= g x mod p User’s Per-Message Secret Number kA random or pseudorandom integer with 0<k<q Signing r = (g k mod p) mod q s = [k -1 (H(M) = xr)] mod q Signature = (r, s) Verifying w = (s’) -1 mod q u 1 = [H(M’)w] mod q u 2 = (r’)w mod qv = [(g u1 y u2 ) mod p] mod q Test: v = r’ The Digital Signature Algorithm (DSA)

CSE 597E Fall 2001 PennState University16 DSS DSA - M = message to be signed - H(M) = hash of M using SHA - M’, r’, s’ = received versions of M, r, s

CSE 597E Fall 2001 PennState University17 El Gamal Signature Scheme A variant of the DSA. Based on the assumption that computing discrete logarithms over a finite field with a large prime is difficult. Assumes that it is computationally infeasible for anyone other than signer to find a message M and an integer pair (r, s) such that a M = y r r s (mod p).

18 El Gamal Signature Scheme Parameters of El Gamal pA large prime number such that p-1 has a large prime factor xThe private key information of a user where x<p aA primitive element of the finite field for the prime p y= a x mod p (p,a,y)The public key information

19 El Gamal Signature Scheme Step 1 Randomly choose an integer k such that (k, p-1) = 1, 1<k<p-1, and k has not been used to sign a previous message Step 2 Calculate r = a k (mod p) Step 3 Find s such that M = xr + ks (mod (p-1)) Step 4 Collect the pair (r, s) as the digital signature on the message M Since, M = xr + ks (mod (p-1))  a M = a (xr+ks) = a xr a ks = y r r s (mod p)  Given M and (r, s), the receiver or 3 rd party can verify the signature by checking whether a M = y r r s (mod p) holds or not.

CSE 597E Fall 2001 PennState University20 RSA Digital Signature Scheme Based on the difficulty of factoring large numbers. Given M, RSA digital signature can be produced by encrypting either M itself or a digest of M using the private signature key s. Signature, S = w s mod n, where w is message to be signed or message digest and n = pq (p and q are large primes). Verification: w = S v mod n, where (v, n) is the public verification key.

CSE 597E Fall 2001 PennState University21 Conclusions Digital signatures are an effective mechanism used for authenticity and non-repudiation of messages. Several signature schemes exist, but DSS is probably the most popular. Digital signatures may be expanded to be used as digital pseudonyms which would prevent authorities from figuring out a sender’s identity, for example by cross- matching

CSE 597E Fall 2001 PennState University22 Thank you!