Presentation is loading. Please wait.

Presentation is loading. Please wait.

 Introduction  History  What is Digital Signature  Why Digital Signature  Basic Requirements  How the Technology Works  Approaches.

Similar presentations


Presentation on theme: " Introduction  History  What is Digital Signature  Why Digital Signature  Basic Requirements  How the Technology Works  Approaches."— Presentation transcript:

1

2  Introduction  History  What is Digital Signature  Why Digital Signature  Basic Requirements  How the Technology Works  Approaches

3  Purpose of Digital Signature  Algorithm of Digital Signature  Challenges and Opportunities  Application  Drawbacks  Conclusion

4  The authenticity of many legal, financial, and other documents is determined by the presence or absence of an authorized handwritten signature.  Various methods have been devised to solve this problem, but the use of ‘digital signature’ is definitely the best solution amongst them.  A digital signature is nothing but an attachment to any piece of electronic information, which represents the content of the document and the identity of the originator of that document uniquely.

5  Use of signatures is recorded in the Talmud (fourth century), complete with security procedures to prevent the alteration of documents after they are signed.  The practice of authenticating documents by affixing handwritten signatures began to be used within the Roman Empire in the year AD 439, during the rule of Valentinian III.  It is from this Roman usage of signatures that the practice obtained its significance in Western legal tradition.

6  Hash value of a message when encrypted with the private key of a person is his digital signature on that e-Document.  Digital Signature of a person therefore varies from document to document thus ensuring authenticity of each word of that document.  As the public key of the signer is known, anybody can verify the message and the digital signature.

7 To provide Authenticity, Integrity and Non-repudiation to electronic documents To use the Internet as the safe and secure medium for Banking, e- Commerce and e-Governance with Security of Servers

8 Although messages may often include information about the entity sending a message, that information may not be accurate. Digital signatures can be used to authenticate the source of messages. When ownership of a digital signature secret key is bound to a specific user, a valid signature shows that the message was sent by that user. The importance of high confidence in sender authenticity is especially obvious in a financial context. For example, suppose a bank's branch office sends instructions to the central office requesting a change in the balance of an account. If the central office is not convinced that such a message is truly sent from an authorized source, acting on such a request could be a grave mistake.

9 In many scenarios, the sender and receiver of a message may have a need for confidence that the message has not been altered during transmission. Although encryption hides the contents of a message, it may be possible to change an encrypted message without understanding it. (Some encryption algorithms, known as nonmalleable ones, prevent this, but others do not.) However, if a message is digitally signed, any change in the message will invalidate the signature. Furthermore, there is no efficient way to modify a message and its signature to produce a new message with a valid signature, because this is still considered to be computationally infeasible by most cryptographic hash functions.

10  Private Key The private key is one which is accessible only to the signer. It is used to generate the digital signature which is then attached to the message.  Public Key The public key is made available to all those who receive the signed messages from the sender. It is used for verification of the received message.

11 Digital Signature Certificate A subscriber of the private key and public key pair makes the public key available to all those who are intended to receive the signed messages from the subscriber. But in case of any dispute between the two sides, there must be some entity with the receiver which will allow the receiver of the message to prove that the message was indeed sent by the subscriber of the key pair. This can be done with the Digital Signature Certificate.

12

13 The use of digital signatures usually involves two processes, one performed by the signer and the other by the receiver of the digital signature:  Digital signature creation uses a hash result derived from and unique to both the signed message and a given private key. For the hash result to be secure, there must be only a negligible possibility that the same digital signature could be created by the combination of any other message or private key.

14 .  Digital signature verification is the process of checking the digital signature by reference to the original message and a given public key, thereby determining whether the digital signature was created for that same message using the private key that corresponds to the referenced public key.

15  Digital Signature Generation

16  Digital Signature Verification

17  Secure Hash Algorithm

18  Institutional overhead: The cost of establishing and utilizing certification authorities, repositories, and other important services, as well as assuring quality in the performance of their functions.  Subscriber and Relying Party Costs: A digital signer will require software, and will probably have to pay a certification authority some price to issue a certificate. Hardware to secure the subscriber's private key may also be advisable.

19  Electronic Mail  Data storage  Electronic funds transfer  Software Distribution  eGovernance Applications

20  The private key must be kept in a secured manner.  The process of generation and verification of digital signature requires considerable amount of time.  For using the digital signature the user has to obtain private and public key, the receiver has to obtain the digital signature certificate also.

21


Download ppt " Introduction  History  What is Digital Signature  Why Digital Signature  Basic Requirements  How the Technology Works  Approaches."

Similar presentations


Ads by Google