Upload File

digital signature

36
June 20, 2022 1 June 20, 2022 1 Digital signature Presented by Sandeep kr. Vishwakarma M.Tech. (Computer Sc.&Engg.) NITTTR, Chandigarh

Upload: sandeep-vishwakarma

Post on 15-Nov-2015

15 views

Category:

Documents


1 download

Report

Tags:

DESCRIPTION

digital signature detail with example

TRANSCRIPT

  • **Digital signaturePresented by Sandeep kr. VishwakarmaM.Tech. (Computer Sc.&Engg.)NITTTR, Chandigarh

  • **Contents Introduction What is digital signature ?

    Message digest

    Digital signature standard

    Digital signature algorithm

    References

  • Introduction Digital signature is a sort of Cryptography. Cryptography is known as Secret Writing. There are two types of cryptography- 1) Symmetric (Secret Key) Cryptography 2) Asymmetric (Public Key) Cryptography

    Public Key Cryptography is mostly used in digital signature.

  • **Introduction cont

    Let us discuss the security measures applied to each single message. We can say that security provides four services:

    Message securityPrivacyAuthenticationIntegrityNon-repudiation

  • **Introduction cont

    Privacy:- Means that the sender and receiver expect confidentiality. Privacy with Symmetric-Key Cryptography

    Encryption DecryptionnetworkShared keyPlain textPlain textcipher textAliceBob

  • **Introduction cont

    Privacy with public-key cryptographyEncryption Decryptionnetworkplain textplain textcipher textAliceBobBob Private keyBob Public key

  • **Introduction cont

    Message authentication: It means that the receiver needs to be sure the senders identity.

    Integrity: It means that the data must arrive at the receiver exactly as they were sent.

    Non repudiation: It means that a receiver must be able to prove that a received message came from specific sender.

  • **What is digital signature ?

    We have already discussed privacy. The other three can be achieved by using what is called digital signature. We have two choices of signing document: 1. We can sign the entire document 2. We can sign a digest of the document Signing the whole document: Public-key encryption can be used to sign a document. However, the role of the public and private keys are different here. The sender uses her private key to encrypt the message. The receiver, on other hand use the public key to decrypt the message. In digital signature the encryption and decryption possible using DSA algorithm.

  • **Signing the whole document: cont.Encryption DecryptionNetwork plain textplain textCiphertext AliceBobPrivate keyPublic keyDigital signature does not provide privacy.

  • **Signing the whole document: cont... Here the sender creates a miniature version or digest of document and sign it. To create a digest of message, we use a hash function. The hash function create a fixed- size digest from a variable-length message as shown in fig.

    The two most common hash function are called MD5 and SHA-1.Hash functionMessage (variable length)Message digest ( fixed length)

  • **Signing the digest of documentAfter the digest has been created. The sender side shown as:

    Encryption AliceAlice Private keyHashDigestMessage messageSign digest

    Message +digestSend to bob

  • **Signing the digest of document contReceiver side

    Digest bobDecrypt DigestMessage From AliceHash compareAlice public key

  • **Message digest A message digest is a fingerprint or the summary of message. It is similar to the concept of Longitudinal Redundancy Check (LRC) or Cyclic Redundancy Check (CRC). That is used to verify the integrity of data.

  • **Message digest cont The two most common hash function are called MD5 and SHA-1. MD5: The National Institute of Standards and Technology (NIST) along with NSA developed the Secure Hash Algorithm (SHA). How MD5 Works? Step1: Padding - The first step in MD5 is to add padding bits to the original message. The aim of this step to make the length of original message equal to a value, which is 64 bit less than exact multiple of 512. for example, if the length of original message is 1000 bits we add the padding of 472 bits to make the length of message 1472 bits.

  • Message digest contOriginal messagePadding (1-512) bitOriginal message PaddingThe total length of this should be 64 bits less than a multiple of 512.For example, it can be 448 bits (448=512-64), or 960 bits (960=2*512-64)or 1472=(3*512-64)

  • **Message digest cont Step2:Append length after padding bits are added, the next step is to calculate the original length of the message and add it to the end of the message after padding The length of message is calculated, excluding the padding. so the length is considered as 1000. This length of the original message is now expressed as a 64 bit value and appended to end of the original message + padding.

  • **Message digest cont

  • **Message digest cont Step3: Divide the input into 512-bit blocks Now we divide the input message into blocks each of length 512 bitsblock1block2block3block4Block n

  • **Message digest cont Step4: Initialize chaining variables In this step 5 variables are initialized. They are called A,B,C,D and E each of these 32 bit number. The initial hexadecimal values of these chaining variables are shown bellow:

    A hex 01 23 45 67 B hex 89 AB CD EF C hex FE DC BA 98 D hex 76 54 32 10 E hex C3 D2 E1 F032*5=160 bits

  • **Message digest cont Step5: Process blocks Now the actual algorithm begins. It is complicated and we shall discuss it step-by- step to simplify it to maximum extent possible. There is a loop that runs for as many 512-bit blocks as in the message. Step5.1 copy all the five variable into five corresponding variable a,b,c,d and e. Thus we have a=A, b=B, c=C, d=D, e=EabcdeABCDECopying chaining variables into temporary variables

  • **Message digest cont... Actually the algorithm considers the combination of a,b,c,d and e as a 160 bit single resister.

    abcdeabcdAbstracted viewInternal viewAbstracted view of the chaining variables

  • **Message digest cont... Step 5.2: Divide the current 512-bit block into 16 sub-blocks. Thus each sub block contains 32 bits.

    Block 1 (512 bit)Sub-block1Sub-block3Sub-block2Sub-block16Sub- blocks within a block32 bit32 bit32 bit32 bit

  • **Message digest cont... Step 5.3 : SHA has four round ,each round consisting of 20 steps .Each round takes the current 512 bit block, The resister abcde and a constant K[t] (t= 0 to 79) as the three input .

    .One round512 bit blockabcdeK[t]

  • Message digest cont... It then updates the constant of the resister abcde using SHA algorithm step. Here we have only four constant defined for K[t], one used in each of the four round .

  • **Message digest cont... Step5.4: SHA consist four round, each round containing 20 iteration. This makes it a total of 80 iteration .the logical operation of a single HAS iteration looks as shown in fig.Single SHA-1 iterationS^30

  • **Message digest contMathematically an iteration consist of following:

    abcde = (e + process p + s^5(a) + W[t] + K[t]), a , s^30(b), c , d

    Where abcde = the resister made up Process p = the logical operation ,we shall study laterS^t = circular-left shift of 32 bit sub- block by t bitsW[t] = A 32 bit derived from the current 32 bit sub- block, study later K[t] = one of the four additive constant .

  • **Message digest cont We will see the meaning of process p and W[t] in the above equation.RoundProcess p 1234(bANDc) OR ((NOTb) AND(d))BXORcXORd(bANDc)OR(bANDd )OR (c AND d)BXOR c XORd

  • **Message digest cont The value of W[t] are calculated as follows: For first 16 words of W (i.e. t=0 to 15),the content of the input message sub-block M[t] becomes the contents of W[t] straightway. The remaining 64 values of W are derived using the equation : W[t]= s^1(W[t-16]XOR W[t-14] XOR W[t-8] XOR W[t-3])

    S^1 indicate circular-left shift by 1 bit position.

  • **Digital signature standard The National Institute of Standards and Technology has published Federal Information Processing Standards Publications (FIPS PUBS), known as digital signature standard. The DSS makes use of the Secure Hash Algorithm (SHA) and present a new digital signature technique called the Digital Signature Algorithm (DSA) Appropriate for applications requiring a digital rather than written signature. The DSA digital signature is a pair of large numbers represented in a computer as strings of binary digits. The digital signature is computed using a set of rules (i.e., the DSA) and a set of parameters such that the identity of the signatory and integrity of the data can be verified.

  • **Digital signature standard contThe DSA provides the capability to generate and verify signatures. Signature generation makes use of a private key to generate a digital signature. Signature Verification makes use of a public key, which corresponds to, but is not the same as, the private key. Each user possesses a private and public key pair. Public keys are assumed signatures for stored as well as transmitted data. Anyone can verify the signature of a user by employing that user's public key. Signature generation can be performed only by the possessor of the user's private key.

  • **Digital signature standard cont... signature generation and signature verification

  • **Digital signature algorithmDSA algorithm makes use of the following variables:

    p= A prime number of length L bits. L=A multiple of 64 between 512 and 1024 (i.e. L= 512 or 576 .1024)q= A 160 bit prime factor of (p-1)

    g= h^((p-1)/q) mod p, where h is the number less than (p-1) such that h^((p-1)/q) is greater than 1.x= A numper less than q. (privet key)y= g^x mod p. (public key)H= message digest algorithm (SHA-1) .

  • **Digital signature algorithm cont The first thee variables p, q, g are public in nature. let us assume that sender wants to sign a message m and send the signed message to receiver. Then the following step take place.The sender generate the random number key which is less than q.The sender now calculate a. r= (g^k mod p) mod q b. s= (k^-1 (H(m)+xr)) mod q.The values r and s are the signature of the sender. The sender sends these values to receiver.

  • **Digital signature algorithm cont To verify the signature the receiver calculates:w=s^-1 mod q u1=(H(m) *w)modeq u2= (rw) mod q v= ((g^u1 * y^u2)mod p) mod q.If v=r ,the signature is said to be verified. Otherwise it is rejected.

  • References1.Cryptography and network security By Atul Kahate .

    2.Data Communication and Networking by B.A. Forouzen.

    3.Federal Information Processing Standards Publication: (Digital Signature Standard) IEEE paper.


Web viewKnow about Digital Signature Certificate & pre-requisites. Digital Signature Certificate: Digital Signature Certificates are the digital equivalent (that is

Digital signature schemes Digital signature schemes

DIGITAL SIGNATURE STANDARD (DSS) · DIGITAL SIGNATURE STANDARD (DSS) 1. INTRODUCTION . This publication prescribes the Digital Signature Algorithm (DS A) for digital signature generation

Digital Signature Appearances PDF documents. Signature interoperability The digital signature API in Acrobat allows plug-ins to implement digital signature handlers

Digital Signature & Digital Certificate

Digital signature

Pki Digital Signature

Digital signature 2

Icai Digital Signature

Digital Signature - Rajasthan · Digital Signature How to install Digital signature for Windows XP/ Windows7-32bit/ Windows7-64bit over the system Step 1 For digital signature, user

E-Signature Vs. Digital Signature

Digital signature

DIGITAL SIGNATURE INTRODUCTION AND CLASSIFICATION ...cygnus.tele.pw.edu.pl/~zkotulsk/seminarium/digital_signature.pdf · Digital signature ... M.Sc. Bartłomiej Słota - Digital signature

Digital Signature Validation Process - Randstad India · Digital Signature Validation Process. 1.Click here to validate the Digital Signature . 2.Click on “Signature ... Signature

Digital signature