SlideShare una empresa de Scribd logo

Digital signature

Descargar como PPT, PDF
Hossain Md Shakhawat
Hossain Md Shakhawat

Digital Signature, Electronic Signature, How digital signature works, Confidentiality of digital signature, Authenticity of digital signature, Integrity of digital signature, standard of digital signature, Algorithm of digital signature, Mathematical base of digital signature, parameters of digital signature, key computation of digital signature, key generation of digital signature, verification of of digital signature

Educación
1 de 29
1 Digital Signature
2 What is “Digital Signature” ? What is the difference between Electronic and Digital Signature? How does it work? How safe is a digital signature ? What is Electronic Signature ? Is it hard to use ? Is a digital signature legally enforceable ? ?
What is Digital Signature?What is Digital Signature?  Digital Signature is a type of electronic signature that encrypts documents with digital codes that are particularly difficult to duplicate.  A digital signature (standard electronic signature) takes the concept of traditional paper-based signing and turns it into an electronic “fingerprint.” This “fingerprint,” or coded message, is unique to both the document and the signer and binds them together.  It is used to validate the authenticity and integrity of a message, software or digital document. Digital signatures cryptographically bind an electronic identity to an electronic document and the signature cannot be copied to another document. 3
4
What is Digital Signature?What is Digital Signature?  Digital signature technique is based on public key cryptography with a difference.  In public key cryptography a pair of keys are used, one public key and one private key. The public key is often used for message encryption , and the private key is often used for decrypting the message.  However in case of digital signature message is encrypted with the private key and decrypted with the public key.  Only a specific person with the corresponding private key can encrypt the message or in other words sign the message. However any party who has the signatory’s public key can encrypt the message, in other words can verify the message.
6 How to Use?How to Use?
Confidentiality IssuesConfidentiality Issues  It should be possible for the receiver of a message to ascertain its origin. An intruder should not be able to masquerade as someone else.  It should be possible for the receiver of a message to verify that it has not been modified in transit. An intruder should not be able to substitute a false message for a legitimate one.  A sender should not be able to falsely deny later that he sent a message.
Attributes of Digital SignatureAttributes of Digital Signature  Digital signature ensures the confidentiality via the following three attributes: 1. Authentication 2. Integrity 3. Non-repudiation 8
Attributes of Digital SignatureAttributes of Digital Signature  Authentication: Authentication means the act of proving who you say you are. Authentication means that you know who created and sent the message. Digital signature is used to authenticate the source of messages. It ensures the user of the sender.  Integrity: Integrity ensures that when a message is sent over a network, the data that arrives is the same as the data that was originally sent. Integrity is the assurance that the information is trustworthy and accurate. Digital signature ensures the integrity of message.  Non-repudiation: this is an important criteria of digital signature. As digital signature ensures the authentication of the message, so the sender can’t repudiate it later. At the same time it also ensures the identity of the receiver, so the receiver can’t repudiate it later. 9
What is Electronic Signature?What is Electronic Signature?  An electronic signature is a typed name or a scanned image of a handwritten signature.  As a result, e-signatures are very problematic when it comes to maintaining integrity and security, as nothing prevents one individual from typing another individual’s name.  Due to this reality, an electronic signature that does not incorporate additional measures of security (the way digital signatures do) is considered an insecure way of signing documentation. 10
Difference Between Digital andDifference Between Digital and Electronic SignatureElectronic Signature  A digital signature, often referred to as advanced or standard version of electronic signature, that provides the highest levels of security and universal acceptance.  Digital signatures are based on Public Key Infrastructure (PKI) technology, and guarantee signer identity and intent, data integrity, and the non-repudiation of signed documents. The digital signature cannot be copied, tampered with or altered. 11
Difference Between Digital andDifference Between Digital and Electronic SignatureElectronic Signature  In addition, because digital signatures are based on standard PKI technology, they can be validated by anyone without the need for proprietary verification software.  On the other hand, there is no standard format for electronic signatures that may be a digitized image of a handwritten signature, a symbol, voiceprint, etc., used to identify the author(s) of an electronic message.  An electronic signature is vulnerable to copying and tampering, and invites forgery. In many cases, electronic signatures are not legally binding and will require proprietary software to validate the e-signature. 12
Is Digital Signature LegallyIs Digital Signature Legally Enforceable?Enforceable? “Yes” In 2006, The parliament of Bangladesh enacted “ICT Act 2006”, which made signed electronic contracts and documents as legally binding as a paper-based contract. Today, digital signature (standard electronic signature) solutions carry recognized legal significance, enabling organizations to comply with regulations worldwide. 13
What is Standard?What is Standard?  There are three algorithms that are suitable for digital signature generation under the DSS standard.  They are the Digital Signature Algorithm (DSA, which I will talk about more in depth later), the RSA algorithm, and the Elliptic Curve Digital Signature Algorithm (ECDSA). 14
Digital Signature AlgorithmDigital Signature Algorithm 15
16 1. Sender takes the input message. 2. Digest the input message using message digest algorithm 3. Apply DSA (using private key) to encrypt the digested message. Here the digital signature is padded into the digested message. 4. Create a data packet using the original message plus the encrypted message. 5. Send the packet to the intended receiver. Data Packet +
17 1. Receiver receives the packet. 2. Separate the original message and encrypted message. 3. Apply message digest algorithm on the original message. 4. Now Apply DSA (using public key) on the encrypted message to decrypt it. At this stage the digital signature is removed from the message and we get digested message. 5. Then compare them Data Packet + Separate two parts
DSA: ParametersDSA: Parameters  Signature Computation: A DSA digital signature is computed using a set of domain parameters: 1. A private key x, 2. A per-message or data secret number k, 3. Data to be signed, 4. And a hash function.  Signature Verification: A digital signature is verified using the same domain parameters: 1. A public key y that is mathematically associated with the private key x used to generate the digital signature, 2. Data to be verified, 3. And the same hash function that was used during signature generation. 18
DSA: ParametersDSA: Parameters  These parameters are defined as follows:  The first three parameters, p, q, and g, are public and can be common across a network of users. x is private and y is public key. 19
DSA: ParametersDSA: Parameters  Selection of Parameter Sizes and Hash Functions for DSA 20
DSA: How Signature isDSA: How Signature is Generated by the Sender ?Generated by the Sender ?  Let N be the bit length of q. And let min(N, outlen) denote the minimum of the positive integers N and outlen. Outlen is the bit length of the hash function output block.  The signature of a message m consists of the pair of numbers r and s that is computed according to the following equations: r = (gk mod p) mod q z= H(m) [z = the leftmost min(N, outlen) bits of Hash(m)] s = (k-1 (H(m) + xr) ) mod q.  When computing s, the string z obtained from Hash(m) is converted to an integer.  (r , s) is considered to be the signature of the sender. 21
DSA: How Signature isDSA: How Signature is Generated by the Sender ?Generated by the Sender ?  The values of r and s shall be checked to determine if r = 0 or s = 0.  If either r = 0 or s = 0, a new value of k shall be generated, and the signature shall be recalculated.  It is extremely rare that r = 0 or s = 0 if signatures are generated properly.  The signature (r, s) is transmitted along with the message to the verifier. 22
DSA: How Signature isDSA: How Signature is Verified by the Receiver ?Verified by the Receiver ?  Signature verification may be performed by any party the signatory (sender), the intended receiver or any other party using the signatory’s public key.  A signatory may wish to verify that the computed signature is correct or not, before sending the signed message to the intended receiver.  The intended receiver (or any other party) verifies the signature to determine its authenticity upon on receiving the message. 23
DSA: How Signature isDSA: How Signature is Verified by the Receiver ?Verified by the Receiver ?  Let m', r', and s' is the received versions of m, r, and s, respectively. If every thing goes right then m‘=m, r‘=r, and s‘=s.  Let y be the public key of the claimed signatory and let N be the bit length of q.  Also, let min(N, outlen) denote the minimum of the positive integers N and outlen, where outlen is the bit length of the hash function output block.  The signature verification process is as follows: – The verifier will check that 0 < r' < q and 0 < s' < q. If either condition is violated, the signature shall be rejected as invalid. 24
DSA: How Signature isDSA: How Signature is Verified by the Receiver ?Verified by the Receiver ? 2. If the two conditions in step 1 are satisfied, the verifier computes the following: w = (s')–1 mod q. z = H(m' ) u1 = (z * w) mod q = (H(m' ) * w) mod q u2 = (r' * w) mod q. v = [ ( (gu1 * yu2 ) mod p) mod q ] The string z obtained from Hash(m') is converted to an integer 2. If v = r', then the signature considered to be verified. If m' = m, r' = r, and s'= s then v = r‘. 3. If v ≠ r', then the message or the signature may have been modified. The signature is considered invalid. 25
ExampleExample  Alice wants to send message m to Bob.  Sender side: 1. Alice generates a random number, k, less than 2. Alice generates r = (gk mod p) mod q s = (k-1 (H(m) + xr)) mod q 1. The parameters (r,s) are her signature; she sends these to bob along with the signed message m'. 26
ExampleExample  Receiver Side: 1. Let bob received the message and signatures as m', r', and s‘. Then Bob verifies the signature by computing: w = (s')–1 mod q. z = H(m' ) u1 = (z * w) mod q = (H(m' ) * w) mod q u2 = (r' * w) mod q. v = [ ( (gu1 * yu2 ) mod p) mod q ] 2. If v = r', then the signature and message considered to be authenticated. 3. If v ≠ r', The signature and message is considered invalid. 27
ReferencesReferences  http://en.wikipedia.org/wiki/  Applied Cryptography by Bruce Schneier; 10th Anniversary edition  FIPS PUB 186-3; FEDERAL INFORMATION PROCESSING STANDARDS PUBLICATION
29 Md. Shakhawat Hossain Student of Department of Computer Science & Engineering University of Rajshahi E-mail: mshimul86@gmail.com

Recomendados

Digital Signature
Digital SignatureDigital Signature
Digital SignatureMohamed Talaat
 
Digital signatures
Digital signaturesDigital signatures
Digital signaturesIshwar Dayal
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)Soham Kansodaria
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signaturesRohit Bhat
 
Digital signature
Digital signatureDigital signature
Digital signatureFilipp Kolobov
 
Cryptography
CryptographyCryptography
CryptographySidharth Mohapatra
 
Digital signature
Digital signatureDigital signature
Digital signaturePraseela R
 
Digital Signature
Digital SignatureDigital Signature
Digital SignatureAdarsh Kumar Yadav
 

Recomendados

Digital Signature
Digital SignatureDigital Signature
Digital SignatureMohamed Talaat
 
Digital signatures
Digital signaturesDigital signatures
Digital signaturesIshwar Dayal
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)Soham Kansodaria
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signaturesRohit Bhat
 
Digital signature
Digital signatureDigital signature
Digital signatureFilipp Kolobov
 
Cryptography
CryptographyCryptography
CryptographySidharth Mohapatra
 
Digital signature
Digital signatureDigital signature
Digital signaturePraseela R
 
Digital Signature
Digital SignatureDigital Signature
Digital SignatureAdarsh Kumar Yadav
 
Digital Signature ppt
Digital Signature pptDigital Signature ppt
Digital Signature pptOECLIB Odisha Electronics Control Library
 
Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authorityKrutiShah114
 
Diffie-hellman algorithm
Diffie-hellman algorithmDiffie-hellman algorithm
Diffie-hellman algorithmComputer_ at_home
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography pptOECLIB Odisha Electronics Control Library
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographyMd. Afif Al Mamun
 
cryptography ppt free download
cryptography ppt free downloadcryptography ppt free download
cryptography ppt free downloadTwinkal Harsora
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptkusum sharma
 
Encryption ppt
Encryption pptEncryption ppt
Encryption pptAnil Neupane
 
Hash Function
Hash FunctionHash Function
Hash FunctionSiddharth Srivastava
 
Public Key Cryptography
Public Key CryptographyPublic Key Cryptography
Public Key CryptographyGopal Sakarkar
 
IP Security
IP SecurityIP Security
IP SecurityDr.Florence Dayana
 
Cryptography
CryptographyCryptography
Cryptographyjayashri kolekar
 
Secure electronic transaction ppt
Secure electronic transaction pptSecure electronic transaction ppt
Secure electronic transaction pptSubhash Gupta
 
Digital Signature Standard
Digital Signature StandardDigital Signature Standard
Digital Signature StandardSou Jana
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructurevimal kumar
 
Digital signature
Digital signatureDigital signature
Digital signatureAbdullah Khosa
 
Key management
Key managementKey management
Key managementSujata Regoti
 
Data encryption
Data encryptionData encryption
Data encryptionDeepam Goyal
 
RSA Algorithm
RSA AlgorithmRSA Algorithm
RSA AlgorithmSrinadh Muvva
 
Elgamal &amp; schnorr digital signature scheme copy
Elgamal &amp; schnorr digital signature scheme copyElgamal &amp; schnorr digital signature scheme copy
Elgamal &amp; schnorr digital signature scheme copyNorth Cap University (NCU) Formely ITM University
 
Digital signature
Digital signatureDigital signature
Digital signatureYash Karanke
 
Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Ahmed Mohamed Mahmoud
 

Más contenido relacionado

La actualidad más candente

Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authorityKrutiShah114
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographyMd. Afif Al Mamun
 
cryptography ppt free download
cryptography ppt free downloadcryptography ppt free download
cryptography ppt free downloadTwinkal Harsora
 
Public Key Cryptography
Public Key CryptographyPublic Key Cryptography
Public Key CryptographyGopal Sakarkar
 
Secure electronic transaction ppt
Secure electronic transaction pptSecure electronic transaction ppt
Secure electronic transaction pptSubhash Gupta
 
Digital Signature Standard
Digital Signature StandardDigital Signature Standard
Digital Signature StandardSou Jana
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructurevimal kumar
 

La actualidad más candente (20)

Digital Signature ppt
Digital Signature pptDigital Signature ppt
Digital Signature ppt
 
Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authority
 
Diffie-hellman algorithm
Diffie-hellman algorithmDiffie-hellman algorithm
Diffie-hellman algorithm
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography ppt
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
cryptography ppt free download
cryptography ppt free downloadcryptography ppt free download
cryptography ppt free download
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
Encryption ppt
Encryption pptEncryption ppt
Encryption ppt
 
Hash Function
Hash FunctionHash Function
Hash Function
 
Public Key Cryptography
Public Key CryptographyPublic Key Cryptography
Public Key Cryptography
 
IP Security
IP SecurityIP Security
IP Security
 
Cryptography
CryptographyCryptography
Cryptography
 
Secure electronic transaction ppt
Secure electronic transaction pptSecure electronic transaction ppt
Secure electronic transaction ppt
 
Digital Signature Standard
Digital Signature StandardDigital Signature Standard
Digital Signature Standard
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructure
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Key management
Key managementKey management
Key management
 
Data encryption
Data encryptionData encryption
Data encryption
 
RSA Algorithm
RSA AlgorithmRSA Algorithm
RSA Algorithm
 
Elgamal &amp; schnorr digital signature scheme copy
Elgamal &amp; schnorr digital signature scheme copyElgamal &amp; schnorr digital signature scheme copy
Elgamal &amp; schnorr digital signature scheme copy
 

Destacado

Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Ahmed Mohamed Mahmoud
 
Data encryption standard (des)
Data encryption standard (des)Data encryption standard (des)
Data encryption standard (des)Mecheko Sha
 
Advanced Encryption Standard (AES)
Advanced Encryption Standard (AES)Advanced Encryption Standard (AES)
Advanced Encryption Standard (AES)Amir Masinaei
 
Advanced Encryption Standard (AES)
Advanced Encryption Standard (AES)Advanced Encryption Standard (AES)
Advanced Encryption Standard (AES)Hardik Manocha
 
Data encryption standard
Data encryption standardData encryption standard
Data encryption standardPrasad Prabhu
 
Advanced Encryption Standard (AES) Implementaion using Java
Advanced Encryption Standard (AES) Implementaion using JavaAdvanced Encryption Standard (AES) Implementaion using Java
Advanced Encryption Standard (AES) Implementaion using JavaSunil Kumar R
 
Data Encryption Standard
Data Encryption StandardData Encryption Standard
Data Encryption StandardAmirul Wiramuda
 
Digital signature
Digital signatureDigital signature
Digital signatureAJAL A J
 
Digital Signature
Digital SignatureDigital Signature
Digital Signaturesaurav5884
 
Aes (advance encryption standard)
Aes (advance encryption standard) Aes (advance encryption standard)
Aes (advance encryption standard) Sina Manavi
 
AES-Advanced Encryption Standard
AES-Advanced Encryption StandardAES-Advanced Encryption Standard
AES-Advanced Encryption StandardPrince Rachit
 

Destacado (20)

Digital signature
Digital signatureDigital signature
Digital signature
 
Trible data encryption standard (3DES)
Trible data encryption standard (3DES)Trible data encryption standard (3DES)
Trible data encryption standard (3DES)
 
Data encryption standard (des)
Data encryption standard (des)Data encryption standard (des)
Data encryption standard (des)
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
Aes
AesAes
Aes
 
Advanced Encryption Standard (AES)
Advanced Encryption Standard (AES)Advanced Encryption Standard (AES)
Advanced Encryption Standard (AES)
 
AES Cryptosystem
AES CryptosystemAES Cryptosystem
AES Cryptosystem
 
Advanced Encryption Standard (AES)
Advanced Encryption Standard (AES)Advanced Encryption Standard (AES)
Advanced Encryption Standard (AES)
 
Data encryption standard
Data encryption standardData encryption standard
Data encryption standard
 
Advanced Encryption Standard (AES) Implementaion using Java
Advanced Encryption Standard (AES) Implementaion using JavaAdvanced Encryption Standard (AES) Implementaion using Java
Advanced Encryption Standard (AES) Implementaion using Java
 
Data Encryption Standard
Data Encryption StandardData Encryption Standard
Data Encryption Standard
 
cns 2marks
cns 2markscns 2marks
cns 2marks
 
Cryptography
CryptographyCryptography
Cryptography
 
Aes
AesAes
Aes
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Substitution Cipher
Substitution CipherSubstitution Cipher
Substitution Cipher
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
DES
DESDES
DES
 
Aes (advance encryption standard)
Aes (advance encryption standard) Aes (advance encryption standard)
Aes (advance encryption standard)
 
AES-Advanced Encryption Standard
AES-Advanced Encryption StandardAES-Advanced Encryption Standard
AES-Advanced Encryption Standard
 

Similar a Digital signature

digital_sign_interview.ppt
digital_sign_interview.pptdigital_sign_interview.ppt
digital_sign_interview.pptjayarao21
 
CYBER SECURITY : DIGITAL SIGNATURE,
CYBER SECURITY : DIGITAL SIGNATURE,CYBER SECURITY : DIGITAL SIGNATURE,
CYBER SECURITY : DIGITAL SIGNATURE,ShivangiSingh241
 
Information and data security digital signatures
Information and data security digital signaturesInformation and data security digital signatures
Information and data security digital signaturesMazin Alwaaly
 
Digital Signatdsbuisduifhudosffdosfure.pptx
Digital Signatdsbuisduifhudosffdosfure.pptxDigital Signatdsbuisduifhudosffdosfure.pptx
Digital Signatdsbuisduifhudosffdosfure.pptxMuthuvasanSR
 
Digital Signature in Indian Evidence act .pptx
Digital Signature in Indian Evidence act .pptxDigital Signature in Indian Evidence act .pptx
Digital Signature in Indian Evidence act .pptx9jz8vgkshv
 
Digital signature
Digital signatureDigital signature
Digital signatureAJAL A J
 
Computer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowComputer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowBrijesh Vishwakarma
 
Information Security (Digital Signatures)
Information Security (Digital Signatures)Information Security (Digital Signatures)
Information Security (Digital Signatures)Zara Nawaz
 
What is digital signature or DSC
What is digital signature or DSCWhat is digital signature or DSC
What is digital signature or DSCAdv Prashant Mali
 
Ao318992
Ao318992Ao318992
Ao318992IJMER
 
What is digital signature certificate ,how to apply online dsc
What is digital signature certificate ,how to apply online dscWhat is digital signature certificate ,how to apply online dsc
What is digital signature certificate ,how to apply online dscDSC Delhi
 
E business--dig sig
E business--dig sigE business--dig sig
E business--dig sigravik09783
 
digital signature ppt
digital signature pptdigital signature ppt
digital signature pptNitesh Dubey
 

Similar a Digital signature (20)

digital_sign_interview.ppt
digital_sign_interview.pptdigital_sign_interview.ppt
digital_sign_interview.ppt
 
CYBER SECURITY : DIGITAL SIGNATURE,
CYBER SECURITY : DIGITAL SIGNATURE,CYBER SECURITY : DIGITAL SIGNATURE,
CYBER SECURITY : DIGITAL SIGNATURE,
 
D.Silpa
D.SilpaD.Silpa
D.Silpa
 
Information and data security digital signatures
Information and data security digital signaturesInformation and data security digital signatures
Information and data security digital signatures
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Digital Signatdsbuisduifhudosffdosfure.pptx
Digital Signatdsbuisduifhudosffdosfure.pptxDigital Signatdsbuisduifhudosffdosfure.pptx
Digital Signatdsbuisduifhudosffdosfure.pptx
 
Digital Signature in Indian Evidence act .pptx
Digital Signature in Indian Evidence act .pptxDigital Signature in Indian Evidence act .pptx
Digital Signature in Indian Evidence act .pptx
 
Unit v
Unit vUnit v
Unit v
 
Ds over
Ds overDs over
Ds over
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Computer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU LucknowComputer System Security (UNIT IV) For AKTU Lucknow
Computer System Security (UNIT IV) For AKTU Lucknow
 
Information Security (Digital Signatures)
Information Security (Digital Signatures)Information Security (Digital Signatures)
Information Security (Digital Signatures)
 
What is digital signature or DSC
What is digital signature or DSCWhat is digital signature or DSC
What is digital signature or DSC
 
Digital_signature_ppt.pptx
Digital_signature_ppt.pptxDigital_signature_ppt.pptx
Digital_signature_ppt.pptx
 
Ao318992
Ao318992Ao318992
Ao318992
 
Digital signatures and e-Commerce
Digital signatures and e-CommerceDigital signatures and e-Commerce
Digital signatures and e-Commerce
 
What is digital signature certificate ,how to apply online dsc
What is digital signature certificate ,how to apply online dscWhat is digital signature certificate ,how to apply online dsc
What is digital signature certificate ,how to apply online dsc
 
Sindhu priya .s
Sindhu priya .sSindhu priya .s
Sindhu priya .s
 
E business--dig sig
E business--dig sigE business--dig sig
E business--dig sig
 
digital signature ppt
digital signature pptdigital signature ppt
digital signature ppt
 

Más de Hossain Md Shakhawat

Recipe for the effective presentaion
Recipe for the effective presentaionRecipe for the effective presentaion
Recipe for the effective presentaionHossain Md Shakhawat
 
Breadth first search and depth first search
Breadth first search and depth first searchBreadth first search and depth first search
Breadth first search and depth first searchHossain Md Shakhawat
 
Introduction to programming with c,
Introduction to programming with c,Introduction to programming with c,
Introduction to programming with c,Hossain Md Shakhawat
 
Introduction to digital image processing
Introduction to digital image processingIntroduction to digital image processing
Introduction to digital image processingHossain Md Shakhawat
 
Input devices_(Mouse and Keyboard)
Input devices_(Mouse and Keyboard)Input devices_(Mouse and Keyboard)
Input devices_(Mouse and Keyboard)Hossain Md Shakhawat
 

Más de Hossain Md Shakhawat (20)

Recipe for the effective presentaion
Recipe for the effective presentaionRecipe for the effective presentaion
Recipe for the effective presentaion
 
The Road to Higher study in Japan
The Road to Higher study in JapanThe Road to Higher study in Japan
The Road to Higher study in Japan
 
Application of dfs
Application of dfsApplication of dfs
Application of dfs
 
Breadth first search and depth first search
Breadth first search and depth first searchBreadth first search and depth first search
Breadth first search and depth first search
 
Islamic jurisprudence
Islamic jurisprudenceIslamic jurisprudence
Islamic jurisprudence
 
Introduction to Medical Imaging
Introduction to Medical ImagingIntroduction to Medical Imaging
Introduction to Medical Imaging
 
Jpeg compression
Jpeg compressionJpeg compression
Jpeg compression
 
Surah Fatiha
Surah FatihaSurah Fatiha
Surah Fatiha
 
Hashing
HashingHashing
Hashing
 
Decision making and looping
Decision making and loopingDecision making and looping
Decision making and looping
 
Decision making and branching
Decision making and branchingDecision making and branching
Decision making and branching
 
Caesar cipher
Caesar cipherCaesar cipher
Caesar cipher
 
Rsa rivest shamir adleman
Rsa rivest shamir adlemanRsa rivest shamir adleman
Rsa rivest shamir adleman
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptography
 
Introduction to programming with c,
Introduction to programming with c,Introduction to programming with c,
Introduction to programming with c,
 
Introduction to digital image processing
Introduction to digital image processingIntroduction to digital image processing
Introduction to digital image processing
 
History of computing
History of computingHistory of computing
History of computing
 
Introduction to Printers
Introduction to PrintersIntroduction to Printers
Introduction to Printers
 
Input devices_(Mouse and Keyboard)
Input devices_(Mouse and Keyboard)Input devices_(Mouse and Keyboard)
Input devices_(Mouse and Keyboard)
 
Binary search tree(bst)
Binary search tree(bst)Binary search tree(bst)
Binary search tree(bst)
 

Último

mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfUmakantAnnand
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
Micromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersMicromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersChitralekhaTherkar
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 

Último (20)

mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.Compdf
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
Micromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersMicromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of Powders
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 

Digital signature

  • 2. 2 What is “Digital Signature” ? What is the difference between Electronic and Digital Signature? How does it work? How safe is a digital signature ? What is Electronic Signature ? Is it hard to use ? Is a digital signature legally enforceable ? ?
  • 3. What is Digital Signature?What is Digital Signature?  Digital Signature is a type of electronic signature that encrypts documents with digital codes that are particularly difficult to duplicate.  A digital signature (standard electronic signature) takes the concept of traditional paper-based signing and turns it into an electronic “fingerprint.” This “fingerprint,” or coded message, is unique to both the document and the signer and binds them together.  It is used to validate the authenticity and integrity of a message, software or digital document. Digital signatures cryptographically bind an electronic identity to an electronic document and the signature cannot be copied to another document. 3
  • 4. 4
  • 5. What is Digital Signature?What is Digital Signature?  Digital signature technique is based on public key cryptography with a difference.  In public key cryptography a pair of keys are used, one public key and one private key. The public key is often used for message encryption , and the private key is often used for decrypting the message.  However in case of digital signature message is encrypted with the private key and decrypted with the public key.  Only a specific person with the corresponding private key can encrypt the message or in other words sign the message. However any party who has the signatory’s public key can encrypt the message, in other words can verify the message.
  • 7. Confidentiality IssuesConfidentiality Issues  It should be possible for the receiver of a message to ascertain its origin. An intruder should not be able to masquerade as someone else.  It should be possible for the receiver of a message to verify that it has not been modified in transit. An intruder should not be able to substitute a false message for a legitimate one.  A sender should not be able to falsely deny later that he sent a message.
  • 8. Attributes of Digital SignatureAttributes of Digital Signature  Digital signature ensures the confidentiality via the following three attributes: 1. Authentication 2. Integrity 3. Non-repudiation 8
  • 9. Attributes of Digital SignatureAttributes of Digital Signature  Authentication: Authentication means the act of proving who you say you are. Authentication means that you know who created and sent the message. Digital signature is used to authenticate the source of messages. It ensures the user of the sender.  Integrity: Integrity ensures that when a message is sent over a network, the data that arrives is the same as the data that was originally sent. Integrity is the assurance that the information is trustworthy and accurate. Digital signature ensures the integrity of message.  Non-repudiation: this is an important criteria of digital signature. As digital signature ensures the authentication of the message, so the sender can’t repudiate it later. At the same time it also ensures the identity of the receiver, so the receiver can’t repudiate it later. 9
  • 10. What is Electronic Signature?What is Electronic Signature?  An electronic signature is a typed name or a scanned image of a handwritten signature.  As a result, e-signatures are very problematic when it comes to maintaining integrity and security, as nothing prevents one individual from typing another individual’s name.  Due to this reality, an electronic signature that does not incorporate additional measures of security (the way digital signatures do) is considered an insecure way of signing documentation. 10
  • 11. Difference Between Digital andDifference Between Digital and Electronic SignatureElectronic Signature  A digital signature, often referred to as advanced or standard version of electronic signature, that provides the highest levels of security and universal acceptance.  Digital signatures are based on Public Key Infrastructure (PKI) technology, and guarantee signer identity and intent, data integrity, and the non-repudiation of signed documents. The digital signature cannot be copied, tampered with or altered. 11
  • 12. Difference Between Digital andDifference Between Digital and Electronic SignatureElectronic Signature  In addition, because digital signatures are based on standard PKI technology, they can be validated by anyone without the need for proprietary verification software.  On the other hand, there is no standard format for electronic signatures that may be a digitized image of a handwritten signature, a symbol, voiceprint, etc., used to identify the author(s) of an electronic message.  An electronic signature is vulnerable to copying and tampering, and invites forgery. In many cases, electronic signatures are not legally binding and will require proprietary software to validate the e-signature. 12
  • 13. Is Digital Signature LegallyIs Digital Signature Legally Enforceable?Enforceable? “Yes” In 2006, The parliament of Bangladesh enacted “ICT Act 2006”, which made signed electronic contracts and documents as legally binding as a paper-based contract. Today, digital signature (standard electronic signature) solutions carry recognized legal significance, enabling organizations to comply with regulations worldwide. 13
  • 14. What is Standard?What is Standard?  There are three algorithms that are suitable for digital signature generation under the DSS standard.  They are the Digital Signature Algorithm (DSA, which I will talk about more in depth later), the RSA algorithm, and the Elliptic Curve Digital Signature Algorithm (ECDSA). 14
  • 15. Digital Signature AlgorithmDigital Signature Algorithm 15
  • 16. 16 1. Sender takes the input message. 2. Digest the input message using message digest algorithm 3. Apply DSA (using private key) to encrypt the digested message. Here the digital signature is padded into the digested message. 4. Create a data packet using the original message plus the encrypted message. 5. Send the packet to the intended receiver. Data Packet +
  • 17. 17 1. Receiver receives the packet. 2. Separate the original message and encrypted message. 3. Apply message digest algorithm on the original message. 4. Now Apply DSA (using public key) on the encrypted message to decrypt it. At this stage the digital signature is removed from the message and we get digested message. 5. Then compare them Data Packet + Separate two parts
  • 18. DSA: ParametersDSA: Parameters  Signature Computation: A DSA digital signature is computed using a set of domain parameters: 1. A private key x, 2. A per-message or data secret number k, 3. Data to be signed, 4. And a hash function.  Signature Verification: A digital signature is verified using the same domain parameters: 1. A public key y that is mathematically associated with the private key x used to generate the digital signature, 2. Data to be verified, 3. And the same hash function that was used during signature generation. 18
  • 19. DSA: ParametersDSA: Parameters  These parameters are defined as follows:  The first three parameters, p, q, and g, are public and can be common across a network of users. x is private and y is public key. 19
  • 20. DSA: ParametersDSA: Parameters  Selection of Parameter Sizes and Hash Functions for DSA 20
  • 21. DSA: How Signature isDSA: How Signature is Generated by the Sender ?Generated by the Sender ?  Let N be the bit length of q. And let min(N, outlen) denote the minimum of the positive integers N and outlen. Outlen is the bit length of the hash function output block.  The signature of a message m consists of the pair of numbers r and s that is computed according to the following equations: r = (gk mod p) mod q z= H(m) [z = the leftmost min(N, outlen) bits of Hash(m)] s = (k-1 (H(m) + xr) ) mod q.  When computing s, the string z obtained from Hash(m) is converted to an integer.  (r , s) is considered to be the signature of the sender. 21
  • 22. DSA: How Signature isDSA: How Signature is Generated by the Sender ?Generated by the Sender ?  The values of r and s shall be checked to determine if r = 0 or s = 0.  If either r = 0 or s = 0, a new value of k shall be generated, and the signature shall be recalculated.  It is extremely rare that r = 0 or s = 0 if signatures are generated properly.  The signature (r, s) is transmitted along with the message to the verifier. 22
  • 23. DSA: How Signature isDSA: How Signature is Verified by the Receiver ?Verified by the Receiver ?  Signature verification may be performed by any party the signatory (sender), the intended receiver or any other party using the signatory’s public key.  A signatory may wish to verify that the computed signature is correct or not, before sending the signed message to the intended receiver.  The intended receiver (or any other party) verifies the signature to determine its authenticity upon on receiving the message. 23
  • 24. DSA: How Signature isDSA: How Signature is Verified by the Receiver ?Verified by the Receiver ?  Let m', r', and s' is the received versions of m, r, and s, respectively. If every thing goes right then m‘=m, r‘=r, and s‘=s.  Let y be the public key of the claimed signatory and let N be the bit length of q.  Also, let min(N, outlen) denote the minimum of the positive integers N and outlen, where outlen is the bit length of the hash function output block.  The signature verification process is as follows: – The verifier will check that 0 < r' < q and 0 < s' < q. If either condition is violated, the signature shall be rejected as invalid. 24
  • 25. DSA: How Signature isDSA: How Signature is Verified by the Receiver ?Verified by the Receiver ? 2. If the two conditions in step 1 are satisfied, the verifier computes the following: w = (s')–1 mod q. z = H(m' ) u1 = (z * w) mod q = (H(m' ) * w) mod q u2 = (r' * w) mod q. v = [ ( (gu1 * yu2 ) mod p) mod q ] The string z obtained from Hash(m') is converted to an integer 2. If v = r', then the signature considered to be verified. If m' = m, r' = r, and s'= s then v = r‘. 3. If v ≠ r', then the message or the signature may have been modified. The signature is considered invalid. 25
  • 26. ExampleExample  Alice wants to send message m to Bob.  Sender side: 1. Alice generates a random number, k, less than 2. Alice generates r = (gk mod p) mod q s = (k-1 (H(m) + xr)) mod q 1. The parameters (r,s) are her signature; she sends these to bob along with the signed message m'. 26
  • 27. ExampleExample  Receiver Side: 1. Let bob received the message and signatures as m', r', and s‘. Then Bob verifies the signature by computing: w = (s')–1 mod q. z = H(m' ) u1 = (z * w) mod q = (H(m' ) * w) mod q u2 = (r' * w) mod q. v = [ ( (gu1 * yu2 ) mod p) mod q ] 2. If v = r', then the signature and message considered to be authenticated. 3. If v ≠ r', The signature and message is considered invalid. 27
  • 28. ReferencesReferences  http://en.wikipedia.org/wiki/  Applied Cryptography by Bruce Schneier; 10th Anniversary edition  FIPS PUB 186-3; FEDERAL INFORMATION PROCESSING STANDARDS PUBLICATION
  • 29. 29 Md. Shakhawat Hossain Student of Department of Computer Science & Engineering University of Rajshahi E-mail: mshimul86@gmail.com