Hossain Md Shakhawat, profile picture
Uploaded byHossain Md Shakhawat
PPT, PDF26,337 views

Digital signature

Digital signatures are encrypted electronic signatures that provide a higher level of security compared to traditional electronic signatures by binding a unique coded message to both the document and the signer. They ensure authentication, integrity, and non-repudiation, making them legally enforceable under laws like the ICT Act 2006 in Bangladesh. Conversely, electronic signatures, often just a scanned image of a signature, lack the same security measures and can be easily forged, making them less reliable.

Education
Related topics:
Digital Signature Overview
In this document
Powered by AI

Introduction to digital signatures and an overview of key questions about their functionality and legal enforceability.

Definition of digital signatures, their unique properties, and the use of public key cryptography.

Confidentiality issues related to digital signatures and attributes: authentication, integrity, non-repudiation.

Comparison between electronic and digital signatures, highlighting the security and legal differences.

Legal enforceability of digital signatures established by the ICT Act 2006 in Bangladesh, acknowledging their significance.

Overview of algorithms suitable for digital signature generation under the DSS standard.

Detailed steps of how a digital signature is generated by the sender, including mathematical parameters.

Steps for verifying a digital signature, detailing verification parameters and successful verification checks.

Practical example demonstrating the signature generation by Alice and verification process by Bob.

Links and references to materials about digital signatures and the presenter’s information.

Embed presentation

Downloaded 1,840 times
1 Digital Signature
2 What is “Digital Signature” ? What is the difference between Electronic and Digital Signature? How does it work? How safe is a digital signature ? What is Electronic Signature ? Is it hard to use ? Is a digital signature legally enforceable ? ?
What is Digital Signature?What is Digital Signature?  Digital Signature is a type of electronic signature that encrypts documents with digital codes that are particularly difficult to duplicate.  A digital signature (standard electronic signature) takes the concept of traditional paper-based signing and turns it into an electronic “fingerprint.” This “fingerprint,” or coded message, is unique to both the document and the signer and binds them together.  It is used to validate the authenticity and integrity of a message, software or digital document. Digital signatures cryptographically bind an electronic identity to an electronic document and the signature cannot be copied to another document. 3
4
What is Digital Signature?What is Digital Signature?  Digital signature technique is based on public key cryptography with a difference.  In public key cryptography a pair of keys are used, one public key and one private key. The public key is often used for message encryption , and the private key is often used for decrypting the message.  However in case of digital signature message is encrypted with the private key and decrypted with the public key.  Only a specific person with the corresponding private key can encrypt the message or in other words sign the message. However any party who has the signatory’s public key can encrypt the message, in other words can verify the message.
6 How to Use?How to Use?
Confidentiality IssuesConfidentiality Issues  It should be possible for the receiver of a message to ascertain its origin. An intruder should not be able to masquerade as someone else.  It should be possible for the receiver of a message to verify that it has not been modified in transit. An intruder should not be able to substitute a false message for a legitimate one.  A sender should not be able to falsely deny later that he sent a message.
Attributes of Digital SignatureAttributes of Digital Signature  Digital signature ensures the confidentiality via the following three attributes: 1. Authentication 2. Integrity 3. Non-repudiation 8
Attributes of Digital SignatureAttributes of Digital Signature  Authentication: Authentication means the act of proving who you say you are. Authentication means that you know who created and sent the message. Digital signature is used to authenticate the source of messages. It ensures the user of the sender.  Integrity: Integrity ensures that when a message is sent over a network, the data that arrives is the same as the data that was originally sent. Integrity is the assurance that the information is trustworthy and accurate. Digital signature ensures the integrity of message.  Non-repudiation: this is an important criteria of digital signature. As digital signature ensures the authentication of the message, so the sender can’t repudiate it later. At the same time it also ensures the identity of the receiver, so the receiver can’t repudiate it later. 9
What is Electronic Signature?What is Electronic Signature?  An electronic signature is a typed name or a scanned image of a handwritten signature.  As a result, e-signatures are very problematic when it comes to maintaining integrity and security, as nothing prevents one individual from typing another individual’s name.  Due to this reality, an electronic signature that does not incorporate additional measures of security (the way digital signatures do) is considered an insecure way of signing documentation. 10
Difference Between Digital andDifference Between Digital and Electronic SignatureElectronic Signature  A digital signature, often referred to as advanced or standard version of electronic signature, that provides the highest levels of security and universal acceptance.  Digital signatures are based on Public Key Infrastructure (PKI) technology, and guarantee signer identity and intent, data integrity, and the non-repudiation of signed documents. The digital signature cannot be copied, tampered with or altered. 11
Difference Between Digital andDifference Between Digital and Electronic SignatureElectronic Signature  In addition, because digital signatures are based on standard PKI technology, they can be validated by anyone without the need for proprietary verification software.  On the other hand, there is no standard format for electronic signatures that may be a digitized image of a handwritten signature, a symbol, voiceprint, etc., used to identify the author(s) of an electronic message.  An electronic signature is vulnerable to copying and tampering, and invites forgery. In many cases, electronic signatures are not legally binding and will require proprietary software to validate the e-signature. 12
Is Digital Signature LegallyIs Digital Signature Legally Enforceable?Enforceable? “Yes” In 2006, The parliament of Bangladesh enacted “ICT Act 2006”, which made signed electronic contracts and documents as legally binding as a paper-based contract. Today, digital signature (standard electronic signature) solutions carry recognized legal significance, enabling organizations to comply with regulations worldwide. 13
What is Standard?What is Standard?  There are three algorithms that are suitable for digital signature generation under the DSS standard.  They are the Digital Signature Algorithm (DSA, which I will talk about more in depth later), the RSA algorithm, and the Elliptic Curve Digital Signature Algorithm (ECDSA). 14
Digital Signature AlgorithmDigital Signature Algorithm 15
16 1. Sender takes the input message. 2. Digest the input message using message digest algorithm 3. Apply DSA (using private key) to encrypt the digested message. Here the digital signature is padded into the digested message. 4. Create a data packet using the original message plus the encrypted message. 5. Send the packet to the intended receiver. Data Packet +
17 1. Receiver receives the packet. 2. Separate the original message and encrypted message. 3. Apply message digest algorithm on the original message. 4. Now Apply DSA (using public key) on the encrypted message to decrypt it. At this stage the digital signature is removed from the message and we get digested message. 5. Then compare them Data Packet + Separate two parts
DSA: ParametersDSA: Parameters  Signature Computation: A DSA digital signature is computed using a set of domain parameters: 1. A private key x, 2. A per-message or data secret number k, 3. Data to be signed, 4. And a hash function.  Signature Verification: A digital signature is verified using the same domain parameters: 1. A public key y that is mathematically associated with the private key x used to generate the digital signature, 2. Data to be verified, 3. And the same hash function that was used during signature generation. 18
DSA: ParametersDSA: Parameters  These parameters are defined as follows:  The first three parameters, p, q, and g, are public and can be common across a network of users. x is private and y is public key. 19
DSA: ParametersDSA: Parameters  Selection of Parameter Sizes and Hash Functions for DSA 20
DSA: How Signature isDSA: How Signature is Generated by the Sender ?Generated by the Sender ?  Let N be the bit length of q. And let min(N, outlen) denote the minimum of the positive integers N and outlen. Outlen is the bit length of the hash function output block.  The signature of a message m consists of the pair of numbers r and s that is computed according to the following equations: r = (gk mod p) mod q z= H(m) [z = the leftmost min(N, outlen) bits of Hash(m)] s = (k-1 (H(m) + xr) ) mod q.  When computing s, the string z obtained from Hash(m) is converted to an integer.  (r , s) is considered to be the signature of the sender. 21
DSA: How Signature isDSA: How Signature is Generated by the Sender ?Generated by the Sender ?  The values of r and s shall be checked to determine if r = 0 or s = 0.  If either r = 0 or s = 0, a new value of k shall be generated, and the signature shall be recalculated.  It is extremely rare that r = 0 or s = 0 if signatures are generated properly.  The signature (r, s) is transmitted along with the message to the verifier. 22
DSA: How Signature isDSA: How Signature is Verified by the Receiver ?Verified by the Receiver ?  Signature verification may be performed by any party the signatory (sender), the intended receiver or any other party using the signatory’s public key.  A signatory may wish to verify that the computed signature is correct or not, before sending the signed message to the intended receiver.  The intended receiver (or any other party) verifies the signature to determine its authenticity upon on receiving the message. 23
DSA: How Signature isDSA: How Signature is Verified by the Receiver ?Verified by the Receiver ?  Let m', r', and s' is the received versions of m, r, and s, respectively. If every thing goes right then m‘=m, r‘=r, and s‘=s.  Let y be the public key of the claimed signatory and let N be the bit length of q.  Also, let min(N, outlen) denote the minimum of the positive integers N and outlen, where outlen is the bit length of the hash function output block.  The signature verification process is as follows: – The verifier will check that 0 < r' < q and 0 < s' < q. If either condition is violated, the signature shall be rejected as invalid. 24
DSA: How Signature isDSA: How Signature is Verified by the Receiver ?Verified by the Receiver ? 2. If the two conditions in step 1 are satisfied, the verifier computes the following: w = (s')–1 mod q. z = H(m' ) u1 = (z * w) mod q = (H(m' ) * w) mod q u2 = (r' * w) mod q. v = [ ( (gu1 * yu2 ) mod p) mod q ] The string z obtained from Hash(m') is converted to an integer 2. If v = r', then the signature considered to be verified. If m' = m, r' = r, and s'= s then v = r‘. 3. If v ≠ r', then the message or the signature may have been modified. The signature is considered invalid. 25
ExampleExample  Alice wants to send message m to Bob.  Sender side: 1. Alice generates a random number, k, less than 2. Alice generates r = (gk mod p) mod q s = (k-1 (H(m) + xr)) mod q 1. The parameters (r,s) are her signature; she sends these to bob along with the signed message m'. 26
ExampleExample  Receiver Side: 1. Let bob received the message and signatures as m', r', and s‘. Then Bob verifies the signature by computing: w = (s')–1 mod q. z = H(m' ) u1 = (z * w) mod q = (H(m' ) * w) mod q u2 = (r' * w) mod q. v = [ ( (gu1 * yu2 ) mod p) mod q ] 2. If v = r', then the signature and message considered to be authenticated. 3. If v ≠ r', The signature and message is considered invalid. 27
ReferencesReferences  http://en.wikipedia.org/wiki/  Applied Cryptography by Bruce Schneier; 10th Anniversary edition  FIPS PUB 186-3; FEDERAL INFORMATION PROCESSING STANDARDS PUBLICATION
29 Md. Shakhawat Hossain Student of Department of Computer Science & Engineering University of Rajshahi E-mail: mshimul86@gmail.com

More Related Content

PPT
Digital Signature
byMohamed Talaat
 
PPTX
Digital signature
byPraseela R
 
PPT
Introduction to Digital signatures
byRohit Bhat
 
PPTX
Digital signature(Cryptography)
bySoham Kansodaria
 
PDF
Digital signatures
byIshwar Dayal
 
PPT
Authentication Protocols
byTrinity Dwarka
 
PPTX
Digital signature
byFilipp Kolobov
 
PPT
Hash crypto
byHarry Potter
 
Digital Signature
byMohamed Talaat
 
Digital signature
byPraseela R
 
Introduction to Digital signatures
byRohit Bhat
 
Digital signature(Cryptography)
bySoham Kansodaria
 
Digital signatures
byIshwar Dayal
 
Authentication Protocols
byTrinity Dwarka
 
Digital signature
byFilipp Kolobov
 
Hash crypto
byHarry Potter
 

What's hot

PPTX
Cryptography.ppt
bykusum sharma
 
PPT
Digital Signature
byAdarsh Kumar Yadav
 
PPTX
Digital Signature ppt
byOECLIB Odisha Electronics Control Library
 
PPTX
Seminar ppt on digital signature
byjolly9293
 
PPTX
Substitution techniques
byvinitha96
 
PPT
Symmetric and Asymmetric Encryption.ppt
byHassanAli980906
 
PPTX
CMACs and MACS based on block ciphers, Digital signature
byAdarsh Patel
 
PPTX
Principles of public key cryptography and its Uses
byMohsin Ali
 
PPTX
Cryptography
byDarshini Parikh
 
PPTX
Digital signature
byAbdullah Khosa
 
PPTX
Cryptography
bySagar Janagonda
 
PPTX
Digital signature
byYash Karanke
 
PPTX
Steganography
byUttam Jain
 
PPT
RC4&RC5
byMohamed El-Serngawy
 
PDF
Asymmetric Cryptography
byUTD Computer Security Group
 
PPTX
Cryptography
byRutuja Solkar
 
PDF
Authentication techniques
byIGZ Software house
 
PPT
Message Authentication Code & HMAC
byKrishna Gehlot
 
PPTX
Kerberos
bySutanu Paul
 
PPTX
Kerberos
byRahul Pundir
 
Cryptography.ppt
bykusum sharma
 
Digital Signature
byAdarsh Kumar Yadav
 
Digital Signature ppt
byOECLIB Odisha Electronics Control Library
 
Seminar ppt on digital signature
byjolly9293
 
Substitution techniques
byvinitha96
 
Symmetric and Asymmetric Encryption.ppt
byHassanAli980906
 
CMACs and MACS based on block ciphers, Digital signature
byAdarsh Patel
 
Principles of public key cryptography and its Uses
byMohsin Ali
 
Cryptography
byDarshini Parikh
 
Digital signature
byAbdullah Khosa
 
Cryptography
bySagar Janagonda
 
Digital signature
byYash Karanke
 
Steganography
byUttam Jain
 
RC4&RC5
byMohamed El-Serngawy
 
Asymmetric Cryptography
byUTD Computer Security Group
 
Cryptography
byRutuja Solkar
 
Authentication techniques
byIGZ Software house
 
Message Authentication Code & HMAC
byKrishna Gehlot
 
Kerberos
bySutanu Paul
 
Kerberos
byRahul Pundir
 

Viewers also liked

PPT
Digital signature
byAJAL A J
 
PPT
Digital Signature
bysaurav5884
 
PPTX
Hash Function
bySiddharth Srivastava
 
PDF
AES-Advanced Encryption Standard
byPrince Rachit
 
PPT
Cryptography
byIGZ Software house
 
PPT
DES
byNaga Srimanyu Timmaraju
 
PDF
Advanced Encryption Standard (AES) Implementaion using Java
bySunil Kumar R
 
PPT
Digital Signature
bynayakslideshare
 
PPT
AES Cryptosystem
byهيثم فرج
 
PPTX
Trible data encryption standard (3DES)
byAhmed Mohamed Mahmoud
 
PDF
Advanced Encryption Standard (AES)
byHardik Manocha
 
PPTX
Aes (advance encryption standard)
bySina Manavi
 
PPT
Aes
bySurya Kiran
 
PPTX
Aes
byKunal Prajapati
 
PDF
Data Encryption Standard
byAmirul Wiramuda
 
PDF
cns 2marks
byilakiyadinesh
 
PPTX
Substitution Cipher
byAgung Julisman
 
DOCX
Data encryption standard
byPrasad Prabhu
 
PPT
Data encryption standard (des)
byMecheko Sha
 
PPSX
Advanced Encryption Standard (AES)
byAmir Masinaei
 
Digital signature
byAJAL A J
 
Digital Signature
bysaurav5884
 
Hash Function
bySiddharth Srivastava
 
AES-Advanced Encryption Standard
byPrince Rachit
 
Cryptography
byIGZ Software house
 
DES
byNaga Srimanyu Timmaraju
 
Advanced Encryption Standard (AES) Implementaion using Java
bySunil Kumar R
 
Digital Signature
bynayakslideshare
 
AES Cryptosystem
byهيثم فرج
 
Trible data encryption standard (3DES)
byAhmed Mohamed Mahmoud
 
Advanced Encryption Standard (AES)
byHardik Manocha
 
Aes (advance encryption standard)
bySina Manavi
 
Aes
bySurya Kiran
 
Aes
byKunal Prajapati
 
Data Encryption Standard
byAmirul Wiramuda
 
cns 2marks
byilakiyadinesh
 
Substitution Cipher
byAgung Julisman
 
Data encryption standard
byPrasad Prabhu
 
Data encryption standard (des)
byMecheko Sha
 
Advanced Encryption Standard (AES)
byAmir Masinaei
 

Similar to Digital signature

PPTX
CYBER SECURITY : DIGITAL SIGNATURE,
byShivangiSingh241
 
PPTX
Information Security (Digital Signatures)
byZara Nawaz
 
PPTX
DSS
bySubashiniRathinavel
 
PPT
Information and data security digital signatures
byMazin Alwaaly
 
PPTX
DIGITAL SIGNATURE PPT.pptx
byRanga91
 
PPTX
Digital signatur
byRuwandi Madhunamali
 
PPT
Digital signature
byAJAL A J
 
PPTX
UNIT III- DIGITAL SIGNATURE AND AUTHENTICATION.pptx
bybhavivsbec
 
PPTX
Digital_signature_ppt.pptx
byMIRZATABISHHASAN1
 
PPTX
digital signature in cryptography and network security
byNithyasriA2
 
PPT
Digital signature Algorithm for cryptography.ppt
byNeha gupta
 
PPT
Digital signature for college use aaaaaaaaaaaaaaaaaaaaaaaa.ppt
byCPLVASUBHIMANI
 
PPT
Digital signature.ppt
byMehediHasanShaon1
 
PPTX
Digital Signature
byRahul Yadav
 
PPTX
Introduction to DIGITAL SIGNATURE in Cryptography.pptx
bytaherzamanrather
 
PPT
D.Silpa
byst anns PG College,Mallapur,Hyderabad, India
 
DOCX
Digital signature
bygajerachetan
 
PDF
SHA_and_DS.pdf
bySantosh Gupta
 
PPT
Digital signature
byswatihans
 
PPT
Digital signature
byswatihans
 
CYBER SECURITY : DIGITAL SIGNATURE,
byShivangiSingh241
 
Information Security (Digital Signatures)
byZara Nawaz
 
DSS
bySubashiniRathinavel
 
Information and data security digital signatures
byMazin Alwaaly
 
DIGITAL SIGNATURE PPT.pptx
byRanga91
 
Digital signatur
byRuwandi Madhunamali
 
Digital signature
byAJAL A J
 
UNIT III- DIGITAL SIGNATURE AND AUTHENTICATION.pptx
bybhavivsbec
 
Digital_signature_ppt.pptx
byMIRZATABISHHASAN1
 
digital signature in cryptography and network security
byNithyasriA2
 
Digital signature Algorithm for cryptography.ppt
byNeha gupta
 
Digital signature for college use aaaaaaaaaaaaaaaaaaaaaaaa.ppt
byCPLVASUBHIMANI
 
Digital signature.ppt
byMehediHasanShaon1
 
Digital Signature
byRahul Yadav
 
Introduction to DIGITAL SIGNATURE in Cryptography.pptx
bytaherzamanrather
 
D.Silpa
byst anns PG College,Mallapur,Hyderabad, India
 
Digital signature
bygajerachetan
 
SHA_and_DS.pdf
bySantosh Gupta
 
Digital signature
byswatihans
 
Digital signature
byswatihans
 

More from Hossain Md Shakhawat

PPT
Fundamentals of cryptography
byHossain Md Shakhawat
 
PPT
Hashing
byHossain Md Shakhawat
 
PPT
Caesar cipher
byHossain Md Shakhawat
 
PPT
Rsa rivest shamir adleman
byHossain Md Shakhawat
 
PPT
Binary search tree(bst)
byHossain Md Shakhawat
 
PPT
Application of dfs
byHossain Md Shakhawat
 
PPT
Breadth first search and depth first search
byHossain Md Shakhawat
 
PPT
Introduction to Printers
byHossain Md Shakhawat
 
PPT
Input devices_(Mouse and Keyboard)
byHossain Md Shakhawat
 
PPTX
Jpeg compression
byHossain Md Shakhawat
 
PPT
Introduction to digital image processing
byHossain Md Shakhawat
 
PPT
Introduction to programming with c,
byHossain Md Shakhawat
 
PPT
Decision making and looping
byHossain Md Shakhawat
 
PPT
Decision making and branching
byHossain Md Shakhawat
 
PPTX
Introduction to Medical Imaging
byHossain Md Shakhawat
 
PPTX
Recipe for the effective presentaion
byHossain Md Shakhawat
 
PPTX
Surah Fatiha
byHossain Md Shakhawat
 
PPTX
Islamic jurisprudence
byHossain Md Shakhawat
 
PPTX
The Road to Higher study in Japan
byHossain Md Shakhawat
 
PPT
History of computing
byHossain Md Shakhawat
 
Fundamentals of cryptography
byHossain Md Shakhawat
 
Hashing
byHossain Md Shakhawat
 
Caesar cipher
byHossain Md Shakhawat
 
Rsa rivest shamir adleman
byHossain Md Shakhawat
 
Binary search tree(bst)
byHossain Md Shakhawat
 
Application of dfs
byHossain Md Shakhawat
 
Breadth first search and depth first search
byHossain Md Shakhawat
 
Introduction to Printers
byHossain Md Shakhawat
 
Input devices_(Mouse and Keyboard)
byHossain Md Shakhawat
 
Jpeg compression
byHossain Md Shakhawat
 
Introduction to digital image processing
byHossain Md Shakhawat
 
Introduction to programming with c,
byHossain Md Shakhawat
 
Decision making and looping
byHossain Md Shakhawat
 
Decision making and branching
byHossain Md Shakhawat
 
Introduction to Medical Imaging
byHossain Md Shakhawat
 
Recipe for the effective presentaion
byHossain Md Shakhawat
 
Surah Fatiha
byHossain Md Shakhawat
 
Islamic jurisprudence
byHossain Md Shakhawat
 
The Road to Higher study in Japan
byHossain Md Shakhawat
 
History of computing
byHossain Md Shakhawat
 

Recently uploaded

PPTX
SP C PROGRAMMING BASIC CONCEPTS WITH SAMPLE CODE.pptx
byspunithasrit
 
PDF
Production Tech of Vegetables_Notes on PGR.pdf
bybisensharad
 
PDF
Phytogeography- species distribution, vegetation in India
byANAKHA JACOB
 
PPTX
Structure and Functions of Cell (Unit I)
byPranaliChandurkar2
 
PDF
Photoperiod Classification of Vegetable Plants.pdf
bybisensharad
 
PPTX
G-Protein-Coupled Receptors (GPCRs): Structure, Mechanism, and Functions
byAnoja Kurian
 
PDF
media brief 2 stuart hall image and anchoring text
by20hullse
 
PDF
Chapter 1 ICAR Intro_Horticulturte_FoH_.pdf
bybisensharad
 
PDF
Sample Research Instruments for Initial Survey.pdf
byThelma Villaflores
 
PPTX
Types_of_Volcanoes_Presentation.pptx Science 8 Matatag
byNekoChan623496
 
PDF
the dynasty history of Chahmanas Early Medieval India
byPrachiSontakke5
 
PPTX
TEACHING OF POETRY.pptx. The PPT helps and provides guidance on Lesson Planni...
byDr. Meeta Agrawal
 
PDF
Unit 1- Basics of Management Cha. of Magmt
byNileshKumbhar21
 
PDF
Introductions Introductions Introductions
byaidanattema
 
PPTX
14 November 2025 The Impact of Digital Technologies on Students Learning
byEduSkills OECD
 
PPTX
The Ides Of March Throughout History-- not just Caesar but also . . .
byBob Mayer
 
PDF
Herniation Syndromes - Neuro Imaging Master Series
bySean M. Fox
 
PPTX
How to Enter Opening Stock in Odoo 18 Inventory
byCeline George
 
PDF
Graphics Graphics Graphics Graphics Graphics
byaidanattema
 
PPTX
Q3 WEEK 1 _ LAYERS OF THE EARTH SCIENCE 8
byRoyoMel
 
SP C PROGRAMMING BASIC CONCEPTS WITH SAMPLE CODE.pptx
byspunithasrit
 
Production Tech of Vegetables_Notes on PGR.pdf
bybisensharad
 
Phytogeography- species distribution, vegetation in India
byANAKHA JACOB
 
Structure and Functions of Cell (Unit I)
byPranaliChandurkar2
 
Photoperiod Classification of Vegetable Plants.pdf
bybisensharad
 
G-Protein-Coupled Receptors (GPCRs): Structure, Mechanism, and Functions
byAnoja Kurian
 
media brief 2 stuart hall image and anchoring text
by20hullse
 
Chapter 1 ICAR Intro_Horticulturte_FoH_.pdf
bybisensharad
 
Sample Research Instruments for Initial Survey.pdf
byThelma Villaflores
 
Types_of_Volcanoes_Presentation.pptx Science 8 Matatag
byNekoChan623496
 
the dynasty history of Chahmanas Early Medieval India
byPrachiSontakke5
 
TEACHING OF POETRY.pptx. The PPT helps and provides guidance on Lesson Planni...
byDr. Meeta Agrawal
 
Unit 1- Basics of Management Cha. of Magmt
byNileshKumbhar21
 
Introductions Introductions Introductions
byaidanattema
 
14 November 2025 The Impact of Digital Technologies on Students Learning
byEduSkills OECD
 
The Ides Of March Throughout History-- not just Caesar but also . . .
byBob Mayer
 
Herniation Syndromes - Neuro Imaging Master Series
bySean M. Fox
 
How to Enter Opening Stock in Odoo 18 Inventory
byCeline George
 
Graphics Graphics Graphics Graphics Graphics
byaidanattema
 
Q3 WEEK 1 _ LAYERS OF THE EARTH SCIENCE 8
byRoyoMel
 

Digital signature

  • 1.
  • 2.
    2 What is “Digital Signature” ? Whatis the difference between Electronic and Digital Signature? How does it work? How safe is a digital signature ? What is Electronic Signature ? Is it hard to use ? Is a digital signature legally enforceable ? ?
  • 3.
    What is DigitalSignature?What is Digital Signature?  Digital Signature is a type of electronic signature that encrypts documents with digital codes that are particularly difficult to duplicate.  A digital signature (standard electronic signature) takes the concept of traditional paper-based signing and turns it into an electronic “fingerprint.” This “fingerprint,” or coded message, is unique to both the document and the signer and binds them together.  It is used to validate the authenticity and integrity of a message, software or digital document. Digital signatures cryptographically bind an electronic identity to an electronic document and the signature cannot be copied to another document. 3
  • 4.
  • 5.
    What is DigitalSignature?What is Digital Signature?  Digital signature technique is based on public key cryptography with a difference.  In public key cryptography a pair of keys are used, one public key and one private key. The public key is often used for message encryption , and the private key is often used for decrypting the message.  However in case of digital signature message is encrypted with the private key and decrypted with the public key.  Only a specific person with the corresponding private key can encrypt the message or in other words sign the message. However any party who has the signatory’s public key can encrypt the message, in other words can verify the message.
  • 6.
  • 7.
    Confidentiality IssuesConfidentiality Issues It should be possible for the receiver of a message to ascertain its origin. An intruder should not be able to masquerade as someone else.  It should be possible for the receiver of a message to verify that it has not been modified in transit. An intruder should not be able to substitute a false message for a legitimate one.  A sender should not be able to falsely deny later that he sent a message.
  • 8.
    Attributes of DigitalSignatureAttributes of Digital Signature  Digital signature ensures the confidentiality via the following three attributes: 1. Authentication 2. Integrity 3. Non-repudiation 8
  • 9.
    Attributes of DigitalSignatureAttributes of Digital Signature  Authentication: Authentication means the act of proving who you say you are. Authentication means that you know who created and sent the message. Digital signature is used to authenticate the source of messages. It ensures the user of the sender.  Integrity: Integrity ensures that when a message is sent over a network, the data that arrives is the same as the data that was originally sent. Integrity is the assurance that the information is trustworthy and accurate. Digital signature ensures the integrity of message.  Non-repudiation: this is an important criteria of digital signature. As digital signature ensures the authentication of the message, so the sender can’t repudiate it later. At the same time it also ensures the identity of the receiver, so the receiver can’t repudiate it later. 9
  • 10.
    What is ElectronicSignature?What is Electronic Signature?  An electronic signature is a typed name or a scanned image of a handwritten signature.  As a result, e-signatures are very problematic when it comes to maintaining integrity and security, as nothing prevents one individual from typing another individual’s name.  Due to this reality, an electronic signature that does not incorporate additional measures of security (the way digital signatures do) is considered an insecure way of signing documentation. 10
  • 11.
    Difference Between DigitalandDifference Between Digital and Electronic SignatureElectronic Signature  A digital signature, often referred to as advanced or standard version of electronic signature, that provides the highest levels of security and universal acceptance.  Digital signatures are based on Public Key Infrastructure (PKI) technology, and guarantee signer identity and intent, data integrity, and the non-repudiation of signed documents. The digital signature cannot be copied, tampered with or altered. 11
  • 12.
    Difference Between DigitalandDifference Between Digital and Electronic SignatureElectronic Signature  In addition, because digital signatures are based on standard PKI technology, they can be validated by anyone without the need for proprietary verification software.  On the other hand, there is no standard format for electronic signatures that may be a digitized image of a handwritten signature, a symbol, voiceprint, etc., used to identify the author(s) of an electronic message.  An electronic signature is vulnerable to copying and tampering, and invites forgery. In many cases, electronic signatures are not legally binding and will require proprietary software to validate the e-signature. 12
  • 13.
    Is Digital SignatureLegallyIs Digital Signature Legally Enforceable?Enforceable? “Yes” In 2006, The parliament of Bangladesh enacted “ICT Act 2006”, which made signed electronic contracts and documents as legally binding as a paper-based contract. Today, digital signature (standard electronic signature) solutions carry recognized legal significance, enabling organizations to comply with regulations worldwide. 13
  • 14.
    What is Standard?Whatis Standard?  There are three algorithms that are suitable for digital signature generation under the DSS standard.  They are the Digital Signature Algorithm (DSA, which I will talk about more in depth later), the RSA algorithm, and the Elliptic Curve Digital Signature Algorithm (ECDSA). 14
  • 15.
    Digital Signature AlgorithmDigitalSignature Algorithm 15
  • 16.
    16 1. Sender takesthe input message. 2. Digest the input message using message digest algorithm 3. Apply DSA (using private key) to encrypt the digested message. Here the digital signature is padded into the digested message. 4. Create a data packet using the original message plus the encrypted message. 5. Send the packet to the intended receiver. Data Packet +
  • 17.
    17 1. Receiver receivesthe packet. 2. Separate the original message and encrypted message. 3. Apply message digest algorithm on the original message. 4. Now Apply DSA (using public key) on the encrypted message to decrypt it. At this stage the digital signature is removed from the message and we get digested message. 5. Then compare them Data Packet + Separate two parts
  • 18.
    DSA: ParametersDSA: Parameters Signature Computation: A DSA digital signature is computed using a set of domain parameters: 1. A private key x, 2. A per-message or data secret number k, 3. Data to be signed, 4. And a hash function.  Signature Verification: A digital signature is verified using the same domain parameters: 1. A public key y that is mathematically associated with the private key x used to generate the digital signature, 2. Data to be verified, 3. And the same hash function that was used during signature generation. 18
  • 19.
    DSA: ParametersDSA: Parameters These parameters are defined as follows:  The first three parameters, p, q, and g, are public and can be common across a network of users. x is private and y is public key. 19
  • 20.
    DSA: ParametersDSA: Parameters Selection of Parameter Sizes and Hash Functions for DSA 20
  • 21.
    DSA: How SignatureisDSA: How Signature is Generated by the Sender ?Generated by the Sender ?  Let N be the bit length of q. And let min(N, outlen) denote the minimum of the positive integers N and outlen. Outlen is the bit length of the hash function output block.  The signature of a message m consists of the pair of numbers r and s that is computed according to the following equations: r = (gk mod p) mod q z= H(m) [z = the leftmost min(N, outlen) bits of Hash(m)] s = (k-1 (H(m) + xr) ) mod q.  When computing s, the string z obtained from Hash(m) is converted to an integer.  (r , s) is considered to be the signature of the sender. 21
  • 22.
    DSA: How SignatureisDSA: How Signature is Generated by the Sender ?Generated by the Sender ?  The values of r and s shall be checked to determine if r = 0 or s = 0.  If either r = 0 or s = 0, a new value of k shall be generated, and the signature shall be recalculated.  It is extremely rare that r = 0 or s = 0 if signatures are generated properly.  The signature (r, s) is transmitted along with the message to the verifier. 22
  • 23.
    DSA: How SignatureisDSA: How Signature is Verified by the Receiver ?Verified by the Receiver ?  Signature verification may be performed by any party the signatory (sender), the intended receiver or any other party using the signatory’s public key.  A signatory may wish to verify that the computed signature is correct or not, before sending the signed message to the intended receiver.  The intended receiver (or any other party) verifies the signature to determine its authenticity upon on receiving the message. 23
  • 24.
    DSA: How SignatureisDSA: How Signature is Verified by the Receiver ?Verified by the Receiver ?  Let m', r', and s' is the received versions of m, r, and s, respectively. If every thing goes right then m‘=m, r‘=r, and s‘=s.  Let y be the public key of the claimed signatory and let N be the bit length of q.  Also, let min(N, outlen) denote the minimum of the positive integers N and outlen, where outlen is the bit length of the hash function output block.  The signature verification process is as follows: – The verifier will check that 0 < r' < q and 0 < s' < q. If either condition is violated, the signature shall be rejected as invalid. 24
  • 25.
    DSA: How SignatureisDSA: How Signature is Verified by the Receiver ?Verified by the Receiver ? 2. If the two conditions in step 1 are satisfied, the verifier computes the following: w = (s')–1 mod q. z = H(m' ) u1 = (z * w) mod q = (H(m' ) * w) mod q u2 = (r' * w) mod q. v = [ ( (gu1 * yu2 ) mod p) mod q ] The string z obtained from Hash(m') is converted to an integer 2. If v = r', then the signature considered to be verified. If m' = m, r' = r, and s'= s then v = r‘. 3. If v ≠ r', then the message or the signature may have been modified. The signature is considered invalid. 25
  • 26.
    ExampleExample  Alice wantsto send message m to Bob.  Sender side: 1. Alice generates a random number, k, less than 2. Alice generates r = (gk mod p) mod q s = (k-1 (H(m) + xr)) mod q 1. The parameters (r,s) are her signature; she sends these to bob along with the signed message m'. 26
  • 27.
    ExampleExample  Receiver Side: 1.Let bob received the message and signatures as m', r', and s‘. Then Bob verifies the signature by computing: w = (s')–1 mod q. z = H(m' ) u1 = (z * w) mod q = (H(m' ) * w) mod q u2 = (r' * w) mod q. v = [ ( (gu1 * yu2 ) mod p) mod q ] 2. If v = r', then the signature and message considered to be authenticated. 3. If v ≠ r', The signature and message is considered invalid. 27
  • 28.
    ReferencesReferences  http://en.wikipedia.org/wiki/  AppliedCryptography by Bruce Schneier; 10th Anniversary edition  FIPS PUB 186-3; FEDERAL INFORMATION PROCESSING STANDARDS PUBLICATION
  • 29.
    29 Md. Shakhawat Hossain Studentof Department of Computer Science & Engineering University of Rajshahi E-mail: mshimul86@gmail.com