Introduction to Digital signatures

Introduction to the world of

Digital

Signature

s…!

Rohit Bhat 1PI08EC092 VI Sem ECE

Encryption

Digital signature overview

Digital Signature Creation

Hashing

How Encryption and Digital Signatures Work

Digital Signature Verifications

Different Digital Signature Schemes

Legal aspects

Advantages and Disadvantages

Contents

Encryption

Encryption is the conversion of data into a form, called a CIPHER Text.

The use of encryption/decryption is as old as the art of communication.

Encryption/decryption is especially important in wireless communications.

Encryption/decryption is a good idea when carrying out any kind of sensitive transaction.

Ex: A credit-card purchase online, or the discussion of a company secret between

different departments in the organization.

Private key encryption Private key means that each computer has a secret key (code) that it can use to encrypt a packet of information before it is sent over the network to the other computer.

Public Key encryption Public key encryption uses a combination of a private key and a public key.

The key is based on a hash value. This is a value that is computed from a base input number using a hashing algorithm.

Types of Encryption

Encryption depends on modifying or scrambling messages. So a key is necessary to understand the message.If the original message is GOD IS GREATthen the encrypted version depends on the key as follows:

(key = 1) HPE JT HSFBU

(key = 2) IQF KU ITGCV

(key = 3) JRG LV JSHDW

Simple Encryption Example

What is a digital signature? A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document.

A digital signature can be used with any kind of message, whether it is encrypted or not, simply so that the receiver can be sure of the sender's identity and that the message arrived intact.

Digital Signatures

Creation of Digital SignaturesCreation of Digital Signatures

A digital signature scheme typically A digital signature scheme typically consists of three algorithms:consists of three algorithms:

HASHING algorithm.HASHING algorithm. Signature Generation AlgorithmSignature Generation Algorithm A signature verifying algorithm that, given a A signature verifying algorithm that, given a

message, public key and a signature, either message, public key and a signature, either accepts or rejects the message's claim to accepts or rejects the message's claim to authenticity.authenticity.

HashingHashing Hashing is the transformation of a string of characters into Hashing is the transformation of a string of characters into

a usually shorter fixed-length value or key that represents a usually shorter fixed-length value or key that represents the original string.the original string.

As a simple example of the using of hashing in databases, a As a simple example of the using of hashing in databases, a group of people could be arranged in a database like this:group of people could be arranged in a database like this:

Abernathy Sara, Epperdingle Roscoe, Moore Wilfred, Smith David (and many Abernathy Sara, Epperdingle Roscoe, Moore Wilfred, Smith David (and many more sorted into alphabetical order)more sorted into alphabetical order)

After Hashing, each of them will be replaced by a 4 digit After Hashing, each of them will be replaced by a 4 digit number (in this case)number (in this case)

7864=> Abernathy Sara 9802=> Epperdingle Roscoe 1990=> Moore 7864=> Abernathy Sara 9802=> Epperdingle Roscoe 1990=> Moore Wilfred 8822=> Smith David (and so forth). Wilfred 8822=> Smith David (and so forth).

Hashing AlgorithmHashing Algorithm

The formula for hashing depends on two inputs:The formula for hashing depends on two inputs: the sequence of characters representing the the sequence of characters representing the

electronic data to be signedelectronic data to be signed a secret number referred to as a signature's a secret number referred to as a signature's

private key associated with the signing party and private key associated with the signing party and which only that party has access towhich only that party has access to

Some simple Hash FunctionsSome simple Hash Functions The division-remainder methodThe division-remainder method FoldingFolding Radix transformationRadix transformation Digit rearrangementDigit rearrangement

Encryption scrambles or modifies a message or document so it

cannot be read and understood, except by the intended recipient.A key is necessary to reverse the scrambling or modification, to make the message readable.

Methods of Encryption based on Privacy are as follows:

• a message may be digitally signed, but not encrypted• a message may be encrypted first, then digitally signed• a message may be digitally signed first, then encrypted

Methods of Encryption based on PrivacyMethods of Encryption based on Privacy

Public-private digital key pair

Certificate Authority.

The public key certificate creates proof of the identity of the signer by using the services of a certificate authority.

A certificate authority uses a variety of processes to associate the particular public key with an individual.

The combination of public key and proof of identity result in a public key certificate - also called a signer's certificate.

Prerequisites to create a digital signature

It is the process of checking the digital signature by the reference to the original message and a given public key. Verifying also relies on a formula. Here, the formula depends on three inputs:

The sequence of characters representing the supposedly originally signed electronic data The public key of the signing party The value representing the supposedly authentic digital signature.

The output of the formula is a simple answer: YES or NO.

Digital Signature Verification

Digital Signature SchemesDigital Signature Schemes

The following are the widely used The following are the widely used Schemes for Digital SignaturesSchemes for Digital Signatures

RSA SchemeRSA Scheme ElGamal SchemeElGamal Scheme Schnorr Scheme Schnorr Scheme Digital Signature Standard (DSS) Digital Signature Standard (DSS)

RSA AlgorithmRSA Algorithm RSARSA stands for Rivest, Shamir and Adleman who first stands for Rivest, Shamir and Adleman who first

publicly described the algorithmpublicly described the algorithm RSA involves a public key and a private keyRSA involves a public key and a private key..  

The keys for the RSA algorithm are generated the following The keys for the RSA algorithm are generated the following way:way:

1.1. Choose two distinct prime numbers Choose two distinct prime numbers pp and  and qq..

2.2. Compute Compute nn =  = pq, n is used as a modulus in further stepspq, n is used as a modulus in further steps

3.3. Compute φ(Compute φ(nn) = () = (pp – 1)( – 1)(qq – 1), where φ is Euler's quotient  – 1), where φ is Euler's quotient function.function.

4.4. Choose an integer Choose an integer ee such that 1<  such that 1< ee <φ( <φ(nn) and gcd() and gcd(ee,φ(,φ(nn)) )) = 1, i.e. = 1, i.e. ee and φ( and φ(nn) are co-prime and ) are co-prime and ee is released as the  is released as the public key exponent.public key exponent.

5.5. Determine Determine dd =  = ee–1–1 mod φ( mod φ(nn); i.e. ); i.e. dd is the multiplicative is the multiplicative inverse of inverse of ee mod φ( mod φ(nn) and ) and dd is kept as the private key  is kept as the private key exponent.exponent.

ElGamal SchemeElGamal Scheme The ElGamal signature scheme is a digital signature scheme which The ElGamal signature scheme is a digital signature scheme which

is based on the difficulty of computing discrete logarithms.is based on the difficulty of computing discrete logarithms. Taher ElGamal in 1984 devised this algorithmTaher ElGamal in 1984 devised this algorithm The ElGamal signature scheme allows that a verifier can confirm The ElGamal signature scheme allows that a verifier can confirm

the authenticity of a message the authenticity of a message mm sent by the signer sent to him  sent by the signer sent to him over an insecure channel.over an insecure channel.

System ParametersSystem Parameters Let Let HH be a collision-resistant hash function. be a collision-resistant hash function. Let Let pp be a large prime such that computing discrete  be a large prime such that computing discrete

logarithms modulo logarithms modulo pp is difficult. is difficult. Let Let gg <  < pp be a randomly chosen generator of the multiplicative  be a randomly chosen generator of the multiplicative

group of integers modulo group of integers modulo pp i.e Z i.e Zpp..

1. Key Generation2. Signature Generation3. Verification

Schnorr Digital Signature SchemeSchnorr Digital Signature Scheme In Schnorr Scheme security is based on the intractability of

certain discrete logarithm problems. It is considered the simplest digital signature scheme to be It is considered the simplest digital signature scheme to be

provably secure in a random oracle model.provably secure in a random oracle model.

The Algorithm goes this way:The Algorithm goes this way: Choosing parametersChoosing parameters All users of the signature scheme agree on a group All users of the signature scheme agree on a group GG with  with

generator generator gg of prime order  of prime order qq in which the discrete  in which the discrete log problem is hard. Typically a Schnorr group is used.log problem is hard. Typically a Schnorr group is used.

All users agree on a cryptographic hash function H.All users agree on a cryptographic hash function H.

A.A. Key generationKey generation

B.B. SigningSigning

C.C. VerifyingVerifying

Digital Signature Standard (DSS)Digital Signature Standard (DSS) The DSA is used by a signatory to generate a digital The DSA is used by a signatory to generate a digital

signature on data and by a verifier to verify the authenticity signature on data and by a verifier to verify the authenticity of the signature.of the signature.

Each signatory has a public and private key.Each signatory has a public and private key. For both signature generation and verification, the data For both signature generation and verification, the data

which is referred to as a message, M, is reduced by means which is referred to as a message, M, is reduced by means of the Secure Hash Algorithm (SHA)of the Secure Hash Algorithm (SHA)

The DSA makes use of the following parameters:1)1) p = a prime modulus, where 2p = a prime modulus, where 2L-1L-1 < p < 2 < p < 2LL for 512 = < L = <1024 and L a  for 512 = < L = <1024 and L a

multiple of 64multiple of 64

2)2) q = a prime divisor of p - 1, where 2q = a prime divisor of p - 1, where 2159159 < q < 2 < q < 2160160  

3)3) g = hg = h(p-1)/q(p-1)/q mod p, where h is any integer with 1 < h < p - 1 such that  mod p, where h is any integer with 1 < h < p - 1 such that hh(p-1)/q(p-1)/q mod p > 1 (g has order q mod p) mod p > 1 (g has order q mod p)

4)4) k = a randomly or pseudorandomly generated integer with 0 < k < qk = a randomly or pseudorandomly generated integer with 0 < k < q The integers p, q, and g can be public and can be common to a group of The integers p, q, and g can be public and can be common to a group of

users. users. A user's private and public keys are x and y, respectively.A user's private and public keys are x and y, respectively.

Digital Signature Standard (DSS)Digital Signature Standard (DSS)The signature of a message M is the pair of numbers r and s

computed according to the equations below:

r = (gr = (gkk mod p) mod q and  mod p) mod q and 

s = (ks = (k-1-1(SHA(M) + xr)) mod q.(SHA(M) + xr)) mod q.

In the above, kIn the above, k-1-1 is the multiplicative inverse of k, mod q; i.e. (k is the multiplicative inverse of k, mod q; i.e. (k--

11 k) mod q = 1 and 0< k k) mod q = 1 and 0< k-1-1< q.< q.The verification process goes as below: Let M', r' and s' be the received versions of M, r, and s, Let M', r' and s' be the received versions of M, r, and s,

respectively, and let y be the public key of the signatory. respectively, and let y be the public key of the signatory. The verifier first checks to see that 0 < r' < q and 0 < s' < q; The verifier first checks to see that 0 < r' < q and 0 < s' < q;

if either condition is violated the signature shall be rejected.if either condition is violated the signature shall be rejected. If these two conditions are satisfied, the verifier computes If these two conditions are satisfied, the verifier computes 

w = (s')w = (s')-1-1 mod q ; u1 = ((SHA(M')w) mod q ; mod q ; u1 = ((SHA(M')w) mod q ;

u2 = ((r')w) mod q ; v = (((g)u2 = ((r')w) mod q ; v = (((g)ulul (y) (y)u2u2) mod p) mod q. ) mod p) mod q. 

If v = r', then the signature is verified else if v != r’ then the If v = r', then the signature is verified else if v != r’ then the received message could have been modified and hence not received message could have been modified and hence not authenticauthentic

The digital signature is that which makes a document a legal one.

It is a representation of assuring that the document meats all legal and is authentic in its framework.

The actual digital signature provides the following:

• Evidence

• Ceremony

• Approval

• Efficiency

Legal Aspects of Digital Signatures

Advantages Authentication, identification of the person that signs.

Advantages of Digital Signatures

Integrity of data, every change will be detected.

Non repudiation, because the author cannot be denied of his work (he created and sent).

Imposter preventionElimination of possibility of committing fraud by an imposter

The disadvantages of using digital signatures involve the primary avenue for any business: money.

Though the use of Digital Signatures is very powerful way to secure and authenticate a message or document, its advantages are hampered by lost or theft of keys and the use of vulnerable storage facilities.

A number of Digital Signature standard exist which are incompatible with each other and there is a strong need of a standard through which these different methods (keys) can interact.

Disadvantages

Q

U

E

R

I

E

s

?