Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

Slides:



Advertisements
Similar presentations
Public Key Infrastructure and Applications
Advertisements

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.
Netprog: Cryptgraphy1 Cryptography Reference: Network Security PRIVATE Communication in a PUBLIC World. by Kaufman, Perlman & Speciner.
Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Cryptographic Technologies
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
© Julia Wilk (FHÖV NRW) 1 Digital Signatures. © Julia Wilk (FHÖV NRW)2 Structure 1. Introduction 2. Basics 3. Elements of digital signatures 4. Realisation.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Encryption Methods By: Michael A. Scott
Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.
Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.
Computer Science Public Key Management Lecture 5.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Introduction to Public Key Cryptography
13.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 13 Digital Signature.
© Julia Wilk (FHÖV NRW) 1 Digital Signatures. © Julia Wilk (FHÖV NRW)2 Structure 1. Introduction 2. Basics 3. Elements of digital signatures 4. Realisation.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Public Key Cryptography July Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
Chapter 5 Digital Signatures MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.
Cryptography, Authentication and Digital Signatures
Public-Key Cryptography CS110 Fall Conventional Encryption.
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Basic Cryptography 1. What is cryptography? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to,
ITIS 1210 Introduction to Web-Based Information Systems Chapter 50 Cryptography, Privacy, and Digital Certificates.
Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.
1 Cryptography NOTES. 2 Secret Key Cryptography Single key used to encrypt and decrypt. Key must be known by both parties. Assuming we live in a hostile.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.
Digital Signatures, Message Digest and Authentication Week-9.
A A E E D D C C B B # Symmetric Keys = n*(n-1)/2 F F
DIGITAL SIGNATURE. A digital signature is an authentication mechanism that enables the creator of a message to attach a code that acts as a signature.
Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.
Group 9 Chapter 8.3 – 8.6. Public Key Algorithms  Symmetric Key Algorithms face an inherent problem  Keys must be distributed to all parties but kept.
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles 14. Digital signature.
Basics of Cryptography
Cryptography Reference: Network Security
Cryptography Reference: Network Security
e-Health Platform End 2 End encryption
Best Digital Signature Service in Noida. Electronic Record 1.Very easy to make copies 2.Very fast distribution 3.Easy archiving and retrieval 4.Copies.
Cryptography Reference: Network Security
Presentation transcript:

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department

Digital Signature

What is a Digital Signature?  A digital signature is an electronic means of authenticating an online identity.  Digital signature can be used in all electronic communications.  It is an electronic stamp or seal that append to the document. A digital signature can:  Authenticate the identity of the sender of a message or signer of a document.  Ensure the document being unchanged during transmission.  Be automatically time-stamped.

Properties of Signatures  Similar to handwritten signatures, digital signatures must fulfill the following:  Must not be forgeable  Recipients must be able to verify them  Signers must not be able to repudiate them later  In addition, digital signatures cannot be constant and must be a function of the entire document it signs.

Types of Signatures  Direct digital signature: involves only the communicating parties.  Assumed that receiver knows public key of sender. Signature may be formed by: 1. Encrypting entire message with sender’s private key or 2. Encrypting hash code of message with sender’s private key.  Further encryption of entire message + signature with receiver’s public key or shared private key ensures confidentiality.

Types of Signatures  Arbitrated digital signature: involves a trusted third party or arbiter.  Every signed message from sender, X, to receiver, Y, goes to an arbiter, A, first.  A subjects message + signature to number of tests to check origin & content.  A dates the message and sends it to Y with indication that it has been verified to its satisfaction.

How digital Signature works? User A User B Use A’s private key to sign the document Transmit via the Internet User B received the document with signature attached Verify the signature by A’s public key stored at the directory

Elements of digital signatures 1. Basic functionality 2. Hash functions and hash results 3. Asymmetric encryption 4. Certification 5. User’s realisation

2. Hash functions and hash results:  Hash function: algorithm which creates a digital representation in the form of a hash result of a standard length which is usually much smaller than the message but substantially unique to it.  A hash function takes the message, and produces a fixed size (typically 64 to 512 bits) value dependent on the message.  Premises for hash functions:  Hash function has to be unique.  “One-way-property”

3. Asymmetric encryption:  Basic: a pair of keys, namely a private key and a public key.  Premises:  Private key has to be saved.  Public key can be accessible for everyone, but its owner’s identity has to be identifiable without problems to guarantee authentication (certificate).  Not possible to generate the Private key by knowing someone’s Public key.

4. Encryption: Proceeding  Generating message’s digest (hash result).  Using Public Key to encrypt hash result.  Result of the encryption: digital signature.  Sender sends:  message, digital signature and certificate to receiver.  Receiver wants to check:  Integrity  Generating hash result, compare it to the sender’s hash result and decrypting the message with the sender’s public key.  Authenticity  Can be checked by means of the certificate.

Encryption: Proceeding

Certification  Important for authenticity:  Receiver of a message has to be sure that the public key he uses really belongs to the sender. Solution: Certification Authority (CA)  Certificate: comparable with a digital identity card  Document that shows someone’s identity doubtless  Three - stepped infrastructure guarantees authenticity: 1.Sender 2.Certification Authority (CA) 3.Authority that controls CA

Realisation by user Important for security:  Private key has to be absolutely saved and only available for his user.  Technical premises:  Chip card and PIN  Encryption of the hash result algorithms.  Card reader.  Computer and corresponding software.

Basic Features of Digital Signature  Private key: sender uses the private key to sign the document.  Public key: recipient uses the public key to authenticate the document.  Message hash algorithm: perform a mathematical calculation on the document and generate a hash value unique to the message.  Encryption algorithm: accept the private key and a hash value to generate a digital signature or accept a public key and a digital signature to generate a hash value.

Digital Signature Procedure  A Digital Signature is the result of encrypting the Hash of the data to be exchanged.  Encryption is the process of encoding data and information into an unreadable form.  A Hash (or Message Digest) is the process of mathematically reducing a data stream down to a fixed length field.  Signature Process is opposite to Encryption Process  Private Key is used to Sign (encrypt) Data  Public Key is used to verify (decrypt) Signature

Message Encryption (User A sends message to User B) Public Key Directory Text User A User B’s Public Key Encryption Encrypted Text

Digital Signature Process Step 1. Hash (digest) the data using one of the supported Hashing algorithms, e.g., DSA, RSA. Step 2. Encrypt the hashed data using the sender’s private key. Step 3. Append the signature (and a copy of the sender’s public key) to the end of the data that was signed. Data Hash Encrypt Hash Digital Signature Private Step 1.Step 2. Step 3. Public

RSA Algorithm  RSA is an algorithm for public-key cryptography.  It requires the use of a public key and a private key. p, q: primes, n = pq, ed = 1 mod f (n), Signing: S = M d mod n Verification: M = S e mod n Where: e: public key, d: secret key, (factoring, n: 1024 bits) M: message

 RSA is an algorithm for public-key cryptography.  It requires the use of a public key and a private key. The following steps illustrate the key generation algorithm for RSA:  Choose two large prime numbers namely p and q.  Compute the product of these two primes, n = p*q.  Also, compute the value of f (n) = (p-1)(q-1(.  Choose an integer e between 1 and f(n)  Finally, compute d whereby e * d mod f(n) =1 OR d = e-1 mod f(n)

Example: Perform encryption and decryption using RSA for the following: p=3, q=11, e=7, M=5. Solution:  First, we need to find the private key d We know that the following must hold: e * d mod f(n) =1 f(n) = (p - 1) (q - 1) = 2 * 10=20 p * q=33 7 * d mod 20 = 1 d = 3 Encryption : Decryption : S = M d mod n = 5^7 mod 33 = mod 33 = 14 M = S e mod n = 14 mod 33= 2744 mod 33 = 5

Signature Verification Process  Step 1. Hash the original data using the same hashing algorithm.  Step 2. Decrypt the digital signature using the sender’s public key. All digital signatures contain a copy of the signer’s public key.  Step 3. Compare the results of the hashing and the decryption. If the values match then the signature is verified. If the values do not match, then the data or signature was probably modified in transit. Data Hash Decrypt Hash Digital Signature Public Key Step 2. Step 3. Hash Step 1.

Example: Alice wants to send Bob a private message. A public is Alice’s public key. A private is Alice’s private key. B public is Bob’s public key. B private is Bob’s private key.

Hello Bob,Wanna get together? AliceBob encrypt using B public decrypt using B private

OK Alice, Your place or mine? AliceBob decrypt using A private encrypt using A public

Procedure:  Nobody can read the message from Alice, but anyone could produce it. How does Bob know that the message was really sent from Alice?  Bob may be comforted to know that only Alice can read his reply.  Alice can create a digital signature and prove she sent the message (or someone with knowledge of her private key).  The signature can be a message digest encrypted with A private.

Alice’s Signature  Alice feeds her original message through a hash function and encrypts the message digest with A private.  Bob can decrypt the message digest using A public.  Bob can compute the message digest himself.  If the 2 message digests are identical, Bob knows Alice sent the message.

AliceBob Sign with A private check signature using A public encrypt using B public decrypt using B private Revised Scheme

Cryptography  3 cryptographic algorithms:  Message-digest algorithms  Map variable-length plaintext to fixed-length ciphertext.  Secret-key algorithms  Use one single key to encrypt and decrypt.  Public-key algorithms  Use 2 different keys – public key and private key.

Keys  It is a variable value that is used by cryptographic algorithms to produce encrypted text, or decrypt encrypted text.  The larger the key the greater the number of potential combinations that can be created.  Decryption of the information requires the key. EncryptionDecryption Plaintext Ciphertext Key

Secret-key Encryption  Use a secret key to encrypt a message into ciphertext.  Use the same key to decrypt the ciphertext to the original message.  Requires you to know which computers will be communicating with each other so you can install the key in each one  Also called “Symmetric cryptography”. EncryptionDecryption Plaintext Ciphertext Secret Key

Secret Key How to? Encrypted Text Original Text + Secret key = Encrypted Text Original TextSecret key + = Encryption Decryption

Secret-Key Problem?  All keys need to be replaced, if one key is compromised.  Not practical for the Internet environment.  On the other hand, the encryption speed is fast.  Suitable to encrypt your personal data.

Public-key Encryption  Involves 2 distinct keys – public, private.  The private key is kept secret and never be divulged.  The public key is not secret and can be freely distributed, shared with anyone.  It is also called “asymmetric cryptography”.  100 to 1000 times slower than secret-key algorithms. EncryptionDecryption Plaintext Ciphertext Public KeyPrivate Key

Questions? ?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.