1 / 44

Digital Signature Cryptography

Digital Signature Cryptography. Digital signature. ‘Digital signature’ means authentication of any electronic record by means of an electronic method or procedure in accordance with the provisions of Section 3

andrewyoung
Télécharger la présentation

Digital Signature Cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Digital Signature Cryptography

  2. Digital signature • ‘Digital signature’ means authentication of any electronic record by means of an electronic method or procedure in accordance with the provisions of Section 3 • Electronic record means data, record or data generated, image or sound, received or sent in an electronic form or microfilm or computer generated fiche • Digital Signature Certificate to be issued by Certifying Authority • Asymmetric Crypto System and hash functions details - as prescribed

  3. Digital Signature Basically a digital signature is a two way process, involving two parties: • The signer (creator of the digital signature) and • The recipient (verifier of the digital signature). A digital signature is complete, if and only if, the recipient successfully verifies it.

  4. Need for Digital Signature It has been realized that Internet being a public network would never be secure enough and there would always be a fear of interception, transmission errors, delays, deletion, authenticity or verification of an electronic message using Internet as a medium. Hence the goal was to protect the message, not the medium.

  5. The art and science of keeping messages secure is cryptography Plain Text Plain Text Encryption Decryption Cipher Text

  6. Symmetric Cryptography • Asymmetric Cryptography

  7. Symmetric Cryptography When a single secret key is used to maintain communication between the sender and the receiver, it is referred to as a symmetric cryptography or private-key cryptographic system.   Here, both encryption and decryption use the same key.

  8. Symmetric Cryptography K1 = K2 Encryption Key(K1) Decryption Key(K2) Plain Text Decryption Plain Text Encryption Cipher Text

  9. Asymmetric Cryptography For both the processes of encryption and decryption two different keys are used. It is referred to as a asymmetric cryptography or public-key cryptographic system.

  10. Asymmetric Cryptography K1 = K2 Encryption Key(K1) Decryption Key(K2) Encryption Decryption Plain Text Plain Text Cipher Text

  11. Same Key SYMMETRIC Different Keys [Keys of a pair – Public and Private] ASYMMETRIC [PKI] ENCRYPTION DECRYPTION Encrypted Message 1 9a46894335be49f0b9cab28d755aaa9cd98571b275bbb0adb405e6931e856ca3e5e569edd135285482 Message 1 Central to the growth of e-commerce and e-governance is the issue of trust in electronic environment. Message 1 Central to the growth of e-commerce and e-governance is the issue of trust in electronic environment. Encrypted Message 1 9a46894335be49f0b9cab28d755aaa9cd98571b275bbb0adb405e6931e856ca3e5e569edd135285482 Message 2 The Internet knows no geographical boundaries. It has redefined time and space. Advances in computer and telecommunication technologies have led to the explosive growth of the Internet. This in turn is affecting the methods of communication, work, study, education, interaction, leisure, health, governance, trade and commerce. Encrypted Message 2 a520eecb61a770f947ca856cd675463f1c95a9a2b8d4e6a71f80830c87f5715f5f59334978dd7e97da0707b48a1138d77ced56feba2b467c398683c7dbeb86b854f120606a7ae1ed934f5703672adab0d7be66dccde1a763c736cb9001d0731d541106f50bb7e54240c40ba780b7a553bea570b99c9ab3df13d75f8ccfdddeaaf3a749fd1411 Encrypted Message 2 a520eecb61a770f947ca856cd675463f1c95a9a2b8d4e6a71f80830c87f5715f5f59334978dd7e97da0707b48a1138d77ced56feba2b467c398683c7dbeb86b854f120606a7ae1ed934f5703672adab0d7be66dccde1a763c736cb9001d0731d541106f50bb7e54240c40ba780b7a553bea570b99c9ab3df13d75f8ccfdddeaaf3a749fd1411 Message 2 The Internet knows no geographical boundaries. It has redefined time and space. Advances in computer and telecommunication technologies have led to the explosive growth of the Internet. This in turn is affecting the methods of communication, work, study, education, interaction, leisure, health, governance, trade and commerce.

  12. Hash Function [compression function, contraction function, message digest, finger print, cryptographic checksum, message integrity check, and manipulation detection code ] A Hash Function is a mathematical algorithm that takes a variable length input string and convert it to a fixed length output string [ called hash value]

  13. Hash Function Message (Any Length) HASH Hash is a fixed length string 128 bit MD5 160 bit SHA-1

  14. Digital Signature

  15. Basically a digital signature is a two way process, involving two parties: The signer (creator of the digital signature) and The recipient (verifier of the digital signature). A digital signature is complete, if and only if, the recipient successfully verifies it.

  16. Concept of Digital Signatures Scanned but not Digital Signatures Digital Signatures bab3dbfba30eedc0c52dacfc144df4d9c6508502

  17. Signed Message Hash Signed Messages Calculated Hash Message Sent thru’ Internet Message + signature Message + Signature if OK Signatures verified COMPARE Hash SIGN hash With Sender’s Private key Decrypt Signature With Sender’s Public Key Sender Receiver

  18. Signed Message Hash Signed Messages Calculated Hash Message Sent thru’ Internet Message + signature Message + Signature if OK Signatures verified COMPARE Hash SIGN hash With Sender’s Private key Decrypt Signature With Sender’s Public Key Sender Receiver

  19. Hash Value, Digital Signatures Signature Algorithm SHA1RSA Message 1 This is a sample message for demonstration on digital signatures. This will be used to generate a message digest using sha1 and generating 160 bit digest Hash Value 1 7a08f27d5282b673fbb97cd028a7451292c052c8 Digital Signature 1 bab3dbfba30eedc0c52dacfc144df4d9c6508502 A dot is added at the end of the message Signer’s Private Key Message 2 This is a sample message for demonstration on digital signatures. This will be used to generate a message digest using sha1 and generating 160 bit digest. Hash Value 2 b3cafe1ea21f290ad8be71b510297d038b68a7f9 Digital Signature 2 5335ba87f67cfc65d7ea2d7dced44ea3dc16282c Signer’s Private Key Adding a space between bit and digest Message 3 This is a sample message for demonstration on digital signatures. This will be used to generate a message digest using sha1 and generating 160 bit digest. Hash Value 3 cd7db886d5e0e63d48c6c4358c86aa3d6e2afe86 Digital Signature 3 71892180a9af4dd59ceb285eda5cfc3e9b72aaf8 Signer’s Private Key

  20. Paper signatures v/s Digital Signatures V/s

  21. Paper signatures v/s Digital Signatures V/s

  22. Digital signatures are based on asymmetric, or public key, cryptography and are capable of fulfilling the demand of burgeoning e-commerce by not only providing message authentication, integrity and non-repudiation function but also making it highly scalable.

  23. The basic problem with the aforesaid digital signature regime is that it operates in online, software driven space, without human intervention. Sender sends a digitally signed message; recipient receives and verifies it. The only requirement is that both sender and the recipient to have digital signature software at their respective ends.

  24. Law & E-Governance

  25. Primary Legal Issues Surrounding E-Governance • Adopting a functional equivalent approach •  Facilitating efficient Government-Citizen interface. • The focus is to give due legal recognition to digital signatures and electronic records.

  26. Legal Recognition of Electronic Records and Digital Signatures • Legal recognition to electronic records and digital signatures.[Section 4& 5]. •  Use of electronic records and digital signatures in government and its agencies for filing, issue, grant, receipt or payment of money [Section 6]. • Electronic records or information, whenever retained, as required by law must be retained in the format in which it was originally generated, sent or received[Section 7].

  27. Publication of Electronic Gazette The IT Act provides that the rule, regulation, order, bye-law, notification or any other matter could now also be published in the Electronic Gazette apart from the Official Gazette [Section 8].

  28. Limited Electronic Governance Rights It does not confer a right upon any person to insist that any Ministry or Department of the Central or State government (or any authority or body) to accept, issue, create, retain or preserve any document in the form of electronic records or to participate in any monetary transaction in the electronic form[Section 9].

  29. Issue of Privacy

  30. “Privacy is where technology and the law collide.” - Richard Smith(who traced the ‘I Love You’ and ‘Melissa viruses’)

  31. Internet is not a private network. It is a shared-information network. As and when you log onto the Internet and navigate on the World Wide Web, your digital profile is being created. The same technology that makes it easy for you to find what you want when you want on the Internet also makes it easy for others to learn about you.

  32. Though the Constitution of India has not guaranteed the right to privacy as a fundamental right to the citizens but nevertheless, the Supreme Court has come to the rescue of common citizen, time and again by construing “right to privacy” as a part of the right to “ protection of life and personal liberty”.

  33. Privacy:Three Legal Principles

  34. That the individual’s right to privacy exist and any unlawful invasion of privacy would make the ‘offender’ liable for the consequences in accordance with law; That there is constitutional recognition given to the right of privacy which protects personal privacy against unlawful governmental invasion; That the person’s “right to be let alone” is not an absolute right and may be lawfully restricted for the prevention of crime, disorder or protection of health or morals or protection of rights and freedom of others;

  35. Freedom of Expression

  36. Freedom of Expression The Indian Constitution lays down under Article 19 certain fundamental rights to every citizen. The Art. 19 uses the expression ‘freedom’ and mentions the several forms and aspects of it, which are secured to individuals, together with the limitations that could be, placed upon them in the general interest of the society.

  37. Art.19(1)(a) provides “that all the citizens shall have the right to freedom of speech and expression”. But it should be read with sub-Art. (2), which imposes reasonable restrictions imposed by the State relating to defamation; contempt of court; decency or morality; security of the State; friendly relations with foreign states; incitement to an offence; public order; and maintenance of the sovereignty and integrity of India.

  38. Thus fundamental right to freedom of speech and expression extends to the Internet medium as well. Every citizen has a freedom to acquire or share kowledge (or information) using Internet and related resources, subject only to reasonable restrictions.

  39. Role of CERT-IN Computer Emergency Response Team – India, the single authority for issue of instructions in the context of blocking of websites. CERT-IN has to instruct the DoT to block the website after, • Verifying the authenticity of the complaint; • Satisfying that action of blocking of website is absolutely essential.

  40. CERT-IN [Gazette Notification (Extraordinary) No. G.S.R. 181 (E), dated 27th February, 2003]is based on the premise that such blocking can be challanged if it amounts to restriction of freedom of speech and expression.

  41. However, the websites promoting hate content, slander, or defamation of others, promoting gambling, promoting racism, violence and terrorism and other such material, in addition to promoting pornography, including child pornography, and violent sex can reasonably be blocked since all such websites may not claim constitutional right of free speech. Blocking of such websites may be equated to  “balanced flow of information” and not censorship.

  42. The following officers can submit the complaint to the Director, CERT-IN: • Secretary, National Security Council Secretariat • Secretary, Ministry of Home Affairs • Foreign Secretary or a representative not below the rank of Joint Secretary • Secretaries, Dept. of Home Affairs of each of the States and of the Union Territories • CBI, IB, DG of Police of all the States • Secretaries or Heads of all (IT Departments) of all the States and Union Territories not below the rank of Joint Secretary of Central Government • Chairman of NHRC, Minorities Commission or SC or ST Commission or National Women Commission • The directive of the court

  43. “The law is the last interpretation of the law given by the last judge.”- Anon.

More Related