Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security of Digital Signatures

Published byJody Turner Modified over 6 years ago

Similar presentations

Presentation on theme: "Security of Digital Signatures"— Presentation transcript:

1 Security of Digital Signatures
Done by : Noor Ghufran Noura

2 What is digital signature ?
Introduction What is digital signature ?

3 Security of Digital Signatures
Reasons for using digital security: It insures by means of verification. Digital certificates ensure confidentiality. Digital certificates also verify date and time.

4 What is included in a digital signature scheme?
A digital signature scheme contains the following components: A security parameter k A message space A signature bound B A verification algorithm V

5 Security Analysis a security analysis of signature systems that use smart cards is used as a case study of digital signature security. there are other digital signatures systems such as cryptographic information

6 Card and Card Reader There are several techniques, both invasive and non-invasive, that can be used to gather information about the implementation. The most common and effective ones are different forms of side channel analysis for example, makes use of the fact that one can record different execution times for different values of a key. With the aid of statistical analysis, it is possible to extract the hidden private key.

7 In addition to the chip’s hardware structure, one has to consider the implemented public key algorithms that are used to encrypt and decrypt content, as well as creating and verifying signatures. the card reader usually has a seal to prove that it was not opened and manipulated, there is still a problem with a user who does not know how the seal should look like. Hence, it could be possible to replace the seal after the manipulation without anyone noticing the difference.

8 Remote Applications When the data to be signed is produced by a remote application, the execution of this program is not affected by a compromise of the user’s computer. However, many web applications suffer from input validation errors that lead to buffer overflow or cross-site scripting vulnerabilities. These vulnerabilities can be exploited by an attacker to seize control over one endpoint of the secure communication channel.

9 Local Applications there are a number of ways an attacker can manipulate memory and code of operating system processes. In particular, we considered how device drivers or parts of the citizen card environment . when a user wishes to sign an (e.g., with a client such as Mozilla Thunderbird), the mail content being signed can be tampered with by intercepting and changing the appropriate functions of the mail client.

10 Conclusion A large number of people can profit from the availability of a digital signature framework that allows carrying out public administration duties and business over the Internet. However, the fact that a digital signature is legally equivalent to a handwritten signature also raises security concerns.

11 we hope to raise awareness that smart card solutions are not the remedy to all security-related problems, as marketing departments often want to make users believe. A security solution can only be as strong as its weakest link. In the case of the smart-card-based solutions, the weakest link is the untrusted operating system environment that the applications are running on.

12 Reference: Nentwich F, Kirda E, and Kruegel C. (2006). Practical Security Aspects of Digital Signature Systems. Retrieved on May2, 2012 from website: citizen_technical.pdf

Download ppt "Security of Digital Signatures"

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.

Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.
SSL Protocol By Oana Dini. Overview Introduction to SSL SSL Architecture SSL Limitations.

SSL Protocol By Oana Dini. Overview Introduction to SSL SSL Architecture SSL Limitations.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.

Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.

Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
Chapter 5 Digital Signatures MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.

Chapter 5 Digital Signatures MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
AQA Computing A2 © Nelson Thornes 2009 Section 6.4 1 Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.

AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
General Key Management Guidance. Key Management Policy  Governs the lifecycle for the keying material  Hope to minimize additional required documentation.

General Key Management Guidance. Key Management Policy  Governs the lifecycle for the keying material  Hope to minimize additional required documentation.
Cryptography, Authentication and Digital Signatures

Cryptography, Authentication and Digital Signatures
Risks of data manipulation and theft Gateway Average route travelled by an email sent via the Internet from A to B Washington DC A's provider Paris A.

Risks of data manipulation and theft Gateway Average route travelled by an sent via the Internet from A to B Washington DC A's provider Paris A.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.

Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.
Chapter 21 Distributed System Security Copyright © 2008.

Chapter 21 Distributed System Security Copyright © 2008.

Similar presentations

Ads by Google