16.2 Digital Signatures

16.2 Digital Signatures By: John Barton

What is a Digital Signature? • The idea comes from the idea of signing a document by its author (authenticating it). • When you send a document electronically you can also sign it and that is called a Digital Signature. • A Digital Signature provides security to the author of the document because the signature represents his/her integrity, authentication, and the document becomes nonrepudiation (the author cannot denying his/her signature later).

The Two Forms of Digital Signatures Are… • Signing the Whole Document • Signing the Digest

Bob (Bob's public key) (Bob's private key) Signing the Whole Document • When Bob wishes to send a document he first encrypts the message with his private key • Then Bob sends the ciphered text to the recipient who uses the public key to decrypt it. • After decryption the document can be read as Bob first sent it.

"Hey Bob, how about lunch at Taco Bell. I hear they have free refills!" HNFmsEm6Un BejhhyCGKOK JUxhiygSBCEiC 0QYIh/Hn3xgiK BcyLK1UcYiY lxx2lCFHDC/A HNFmsEm6Un BejhhyCGKOK JUxhiygSBCEiC 0QYIh/Hn3xgiK BcyLK1UcYiY lxx2lCFHDC/A "Hey Bob, how about lunch at Taco Bell. I hear they have free refills!" Keys • Bob has two parts to signing the whole document, a public key and a private key. • He keeps the private key for himself • He can then give out the public key… well as you might have guessed the public… so smart these computer guys. • In this example Susan is using her public key to send Bob a message.

Bob's Co-workers: Anyone can get Bob's Public Key, but Bob keeps his Private Key to himself Pat Doug Susan Problems with Signing the Whole Document • The process is very inefficient. • You cannot use any secret keys. • This method does not provide any secrecy, because anyone can use the public key to read a message.

Signing the Digest • The sender of a digest makes a miniature form of the document and signs it. • To create the digest hash functions are employed. • Hash Functions take any sized documents and fix their lengths at either a 128-bit digest or a 160-bit digest.

Properties of Hash Functions to Guarantee Success • Hashing should be one way, the digest can only be created form the message not vice versa. • Hashing should only be one-to-one.

Mission Control… Message Sent • Check out the Diagrams on pg 313 and 314 to follow along better • Bob sends a message. • The message gets hashed, it becomes a digest. • The digest becomes encrypted using Bob’s private key…the encrypted message is now considered a signed digest. • The total package is known as a the Message Plus Signed Digest.

Roger That…Message Received • The Message Plus Signed Digest is received by the recipient's computer and split into two parts…to ensure the message’s privacy. • There is the decrypted part and the hashed part. • Both become digests and then compared. • If they are the same the privacy is ensured and Bob is happy.

In Conclusion • Signing Two Ways – Whole or Digest • Two Types of Key - Public or Private • Hashing – (slows down Bob’s reaction time) but it speeds up the process of signing a digest. • When Everything Goes Right • BOB IS HAPPY Bob

16.2 Digital Signatures

16.2 Digital Signatures

Presentation Transcript

Digital Signatures

Digital Signatures

Digital Signatures

DIGITAL SIGNATURES

Digital Signatures

Digital Signatures

Digital Signatures

Digital Signatures

Digital Signatures

Digital Signatures

Digital Signatures

Digital Signatures

Digital Signatures

DIGITAL SIGNATURES

Digital Signatures

Digital Signatures

Digital Signatures

Digital Signatures

Digital Signatures

Digital Signatures

Digital Signatures

Digital Signatures