What is Digital Signature Building confidentiality and trust into networked transactions. Kishankant Yadav www.signyourdoc.com 9571333822.

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

Public Key Infrastructure and Applications
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Chapter 11: Cryptography
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Principles of Information Security, 2nd edition1 Cryptography.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Cryptography Basic (cont)
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Cryptographic Technologies
Overview of Cryptography Oct. 29, 2002 Su San Im CS Dept. EWU.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Cryptography, Authentication and Digital Signatures
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
Internet Security. Four Issues of Internet Security Authenticity: Is the sender of a message who they claim to be? Privacy: Are the contents of a message.
Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Lifecycle Metadata for Digital Objects October 18, 2004 Transfer / Authenticity Metadata.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
CRYPTOGRAPHY. TOPICS OF SEMINAR Introduction & Related Terms Categories and Aspects of cryptography Model of Network Security Encryption Techniques Public.
Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.
BZUPAGES.COM Cryptography Cryptography is the technique of converting a message into unintelligible or non-understandable form such that even if some unauthorized.
EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.
Lifecycle Metadata for Digital Objects October 9, 2002 Transfer / Authenticity Metadata.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
CPIS 312 Chapter Four: PUBLIC KEY CRYPTO. Index 2 A.Introduction A.1 Asymmetric Key Cryptography- Introduction A.2 General ideas about the Public Key.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
Fundamentals of Network Security Ravi Mukkamala SCI 101 October 6, 2003.
Basics of Cryptography
Computer Communication & Networks
K E Y Plain text Cipher text Encryption Decryption
Cryptography and Security Technologies
Chapter 7 STRENGTH OF ENCRYPTION & Public Key Infrastructure
10/7/2019 Created by Omeed Mustafa 1 st Semester M.Sc (Computer Science department) Cyber-Security.
Presentation transcript:

What is Digital Signature Building confidentiality and trust into networked transactions. Kishankant Yadav

Encryption It is a technique of converting plain text into ciphertext and reconverting it into plain text.

Basic Techniques of Encryption Transposition Cipher Substitution Cipher Product Cipher

Basic Techniques of Encryption- Transposition Cipher Encrypts by changing the order of characters in the text. e.g. : Replace 1st character with 6th 2nd with 7th 3rd with 8th 4th with 9th 5th with 10th and so on

Basic Techniques of Encryption- Transposition Cipher WE WILL ATTACK ON BHAI ON SUNDAY LL ATWE WI ON BHTACK SUNDAAI ONY TRANSPOSE

Basic Techniques of Encryption- Substitution Cipher Encrypts by replacing the characters in the text with characters in a “Key” on the basis of some rule. e.g. : Key is “MANISH” and Rule is Replace all A in the text with M B with A C with N D with I E with S F with H G with A and so on

Basic Techniques of Encryption- Substitution Cipher INDORE IS A GOOD CITY DKILQS DR M BLLI NDTY SUBSTITUTE

Basic Techniques of Encryption- Product Cipher Combination of Transposition and Substitution Take a Key replace the characters in the text with characters in the Key. Transpose the result.

Basic Techniques of Encryption- Product Cipher INDORE IS A GOOD CITY DKILQS DR M BLLI NDTY SUBSTITUTE TRANSPOSE S DR DKILQI NDTM BLLY

Elements of Encryption Encryption method Decryption method Plain text Plain text Encryption key Decryption Key Cipher text Encryption Algorithm (function used to encrypt or decrypt) Encryption keys (information used to cipher)

Good Encryption System: Features Short Key Strong Algorithm High work factor Low error propagation

Encryption Building confidentiality and trust into networked transactions. CHANGING THE WAY OF DOING BUSINESS

A MATTER OF TRUST Building Trust: Direct trust relationship Using Encryption

Some every day transactions: Credit Card Contract Notarized Notarized Document Medical Records Why do we place trust in these transactions? Authentication Confidentiality Integrity Non-repudiation

Ways of Encryption Two ways of encryption Symmetric Key or Private Key Encryption Asymmetric Key or Public Key Encryption (abbreviated as PKI)

Symmetric Cryptosystem Also called private key infrastructure Cleartext MessageCipher TextCleartext Message DES | RC4 Four score and seven years ago, our forefathers brought forth the proposition sdfklj98a475$5 6jhgv98456vjnf 84576FGHH78l fkghj- 506#6lkjg4#$5; lkn;t7;lsk%0

Symmetric Cryptosystem Similar key is used for encryption and decryption Both parties should know the same key Original Message Original Message Encrypted Message Encrypted Message Also called private key infrastructure Secured transmission of encryption key to other person is a problem.

Asymmetric Cryptosystem  Also called Public Key Infrastructure (PKI)  Improvement over Private Key System  Provides all elements expected from a secure transaction : Authentication Confidentiality Integrity Non-repudiation  Accordingly generates : Signed message Secret message Signed and Secret message

Public Key System One half of a key pair is used to encrypt, the other half is used to decrypt.Encryption Recipient’s Public Key Recipient’s Private Key Decryption

Public Key Infrastructure(PKI)  Uses a pair of keys.  One part of pair is used for encryption  Another part is used for decryption  One part is kept private (called private key of a person) and another is made public (called public key of a person)  Any key (public or private) can be used for encryption and then another is used for decryption  Same key can not be used for encryption and decryption both. There has to be combination of both keys. Basic Methodology

Public Key Infrastructure(PKI) To generate a secret message  Message is encrypted by sender with Receiver’s public key and  It is decrypted by receiver with his private key. How messages are generated Original Message Encrypted Message Receiver’s public key Encrypted Message Original Message Receiver’s private key Encryption Decryption Confidentiality Integrity It ensures :

Public Key Infrastructure(PKI) To generate a signed message  Message is encrypted by sender with Sender’s private key and  It is decrypted by receiver with Sender’s public key. How messages are generated Original Message Encrypted Message Sender’s private key Encrypted Message Original Message Sender’s public key Encryption Decryption Authentication Non Repudiation It ensures :

Asymmetric Cryptosystem Original Message Encrypted Message I Sender’s private key Encrypted Message II Receiver’s public key Encrypted Message II Encrypted Message I Original Message Sender’s public key Receiver’s private key To generate a signed and secret message :  Message is first encrypted by sender with Sender’s private key.  This encrypted message is again encrypted with Receiver’s public key  It is decrypted by receiver first with his private key and then with sender’s public key. How messages are generated It ensures : Authentication Non Repudiation IntegrityConfidentiality

Digital Signatures Digital signatures are hash code of a document encrypted with sender’s private key. For sending the message, first hash code of message is generated. This hash code is encrypted using sender’s private key. The message is sent along with encrypted hash code. At other end, receiver decrypts hash code with sender’s public key. He also on his own calculates hash code of the message received. Two hash codes should tally. Authentication It ensures : Non Repudiation Integrity Basic Methodology

Digital Signatures In earlier process, message has been sent in clear text form thus confidentiality has not been achieved. To overcome this problem, message and encrypted hash code may be encrypted by a symmetric key. This symmetric key is also then encrypted with receiver’s public key. All these i.e. Message and encrypted hash code which are now encrypted with symmetric key and symmetric key itself which is now encrypted with receiver’s public key, are sent to receiver. Receiver first decrypt the symmetric key with his private key and then decrypt message and hash code with this symmetric key.

How does PKI work? Original Message Encrypted & Signed Sender’s Private Key Hash Code Digital Signature Symmetric Key Recipient’s Public Key Encrypted Symmetric Key Sender Original Message

How does PKI work? Encrypted & Signed Symmetric Key Encrypted Symmetric Key Recipient’s Private Key Original Message Hash Algorithm Hash Code Digital Signature Sender’s Public Key Message verified Recipient

private Certificate ties a participant to public key The authenticity of the certificate is guaranteed by the digital signature generated using the CA’s private key. Validity Period Expires: 31 December 2022 Public Key: Signed: CA’s Signature Name: Prashant Mali Number: A ID Number & Name A Digital Certificate is a digitally signed document that associates a public key with a user. Digital Certificate

Key Lifecycle Management Key Generation Certificate Issuance Key Usage or Certificate Validation Key Expiry Key Update

Encryption Standard Data Encryption standard A short key, strong algorithm system Uses a 64 bit key, 56 bits for algorithm and 8 bits are parity RSA (Rivest, Shamir, Adalman) Public key system. Once private key is used to encrypt, it can be decrypted only using its public key and vice-versa.

Thank You Questions Contact: Cell: