digital signature & esign overview
TRANSCRIPT
Digital Signature & eSign(An Overview)
e-Hastakshar (eSign) Workshop for Application Service Providers (ASP)17-18 December, 2015
Rishi Pathak – C-DAC
Outline of Talk
• What are Digital Signatures• Cryptographic hash functions• Asymmetric cryptography• PKI & DSC• PKCS#7• eSign
Introduction
• Digital Signatures are synonymous to handwritten signature or stamped seal
• Mathematical technique for validating– Authenticity and integrity of a message, software
or digital document
• Gained legal validity as per Indian IT Act 2000
Paper Signatures v/s Digital Signatures
Properties Paper Electronic
Authenticity May be forged Cannot be copied
Integrity Signature independent of the document
Signature depends on the contents of the document
Non-repudiation • Handwriting expert needed
• Error prone
• Any computer user• Error free
PKCS & X509 Standards• PKCS 1 :
– Properties and format of RSA key pairs– Algorithms for encryption/decryption, signing/verification
• PKCS 7– Cryptographic Message Syntax (CMS) Standard
• PKCS 10– Certificate Signing Request (CSR) Syntax Standard
• PKCS 9 : Extended attributes for CMS and CSR– Signing Time, NONCE, Sequence, Counter Signature– DOB, Certificate Extensions, Name, Gender, Name & Address etc.
• X509 version 3 and 2 : – Digital Signature Certificate(DSC), Certificate Revocation List(CRL)
• PKCS 11 : Cryptographic Token Interface Standard– An API for signing and verifying data by a device that holds the key
(Hardware Tokens, HSM)
Associations in Digital Signature
• Document content :: Hash (Digital fingerprint)• Hash :: Private key (Secret)• Private key :: Public key (Known to everyone)• Public key :: Certificate (Identity)• Certificate :: CA (Trusted third party)• CA :: RCAI (Root Certificate Authority of INDIA)
Building Blocks
• Cryptographic hash functions– Integrity
• Asymmetric cryptography– Authentication
• PKI (Public Key Infrastructure)– Identity – Non repudiation
Cryptographic Hash Functions• Uniquely maps data of arbitrary size onto a fixed length
string• Iterative one way compression • Use cases : password, hash tables, caches, finding
duplicate records etc. • Uses in cryptography - HMAC & Digital Signatures • Properties
– Pre-image resistance : Infeasible to generate a message from its hash
– Second pre-image resistance : Given a hash, difficult to find another message with same hash
– Collision resistance : No two different messages with same hash
Symmetric Cryptography
• Same key is used for encryption and decryption
• Challenge– Key distribution – Key management
• Non Repudiation ?
Public Key Cryptography
• Employs asymmetric(mathematically related) keys(key pairs) for encryption and decryption
• RSA, DSA, ECDSA• Key used to encrypt differs from key to be
used for decryption • Encryption using Public key• Signing using Private key
Public Key Cryptography
• Strength lies in computational impracticality in deducing Private key from Public key
• Security lies in protecting Private key • Uses include Public key encryption and Digital
Signatures• Computational complexity limits usage for short
messages • Also used in hand shaking for secure exchange of
symmetric keys in SSL/TLS
Signing & Verification- Flow
Signing & Verification- Example
Public Key Infrastructure
• PKI – Public Key Infrastructure ecosystem is an intersection of:• Cryptography (Math) – Cryptographers/Researchers • Technology & Implementation – PKI System Developer• Policy & Law – PKI System & Users
• Application • Subject Authentication• Certificate Generation
• Certificate Distribution• Certificate Revocation
PKI - Registration/Certification
Certificate Authority• Certifying authority is an entity which issues Digital Certificate • It is a Trusted third party• CA’s are the important characteristics of Public Key
Infrastructure (PKI)Responsibilities of CA• Verify the credentials of the person requesting for the
certificate (RA’s responsibility)• Issue certificates• Revoke certificate• Generate and upload CRL• Maintain & update certificate repository• Make available Certification Practice Statement
PKI - India• Strictly hierarchal trust path model
• CCA operates Root Certificate Authority of India(self signed certificate)• Only one level of sub Certifying Authorities(max 4 certs a chain)
• Necessitates issuance of end entity certificates only through its sub-CA
Digital Signature Certificate
A Public Key Certificate is an electronic document used to prove ownership of a public key. The certificate includes :• Information about its owner's identity(Subject), • Information about the key, • The Digital Signature of an entity that has verified
the certificate's contents are correct(Issuer CA in PKI)
X.509
X509 is ITU-T standard for PKIDefines formats for:• Digital Certificates – Version3• CRL – Version 2• Certificate Path Validation• Distinguished Name
X.509 v3 Certificate
• Version (3)• Serial Number• Signature Algorithm
Identifier• Issuer Name• Validity Period
• Not before• Not after
• Subject Name
• Subject Public Key Information• Public key algorithm• Subject public key
• Optional Fields• Extensions(optional)
C-DAC CA Certificate
X.509 v3 CertificateClass of certificate : “Aadhaar-eKYC – OTP”Mandatorily included in the Subject
Varying Pseudonym guarantees unique Subject for same Aadhaar holder
X.509 v3 ExtensionAssociate additional information for subjects, public keys and certificate revocation lists
• Extension type• Extension value• Criticality indicator
Key Usage(Critical) : Digital Signatures, Non RepudiationCRL distribution pointsCertificate PoliciesCertification Practice Statement(CPS)
PKCS#7
• Specifies a syntax for digital envelopes and digital signatures
• Widely used in many applications for enveloping and authenticating messages, and for distribution of certificates and certificate revocation lists
• PKCS#7 Content-Type : SignedData for Digital Signatures
Abstract Syntax Notation 11. The rules of syntax for describing the contents of a
message in terms of data type and content sequence or structure
2. How you actually encode each data item in a message – BER & DER(Identifier-Length-Content), XER etc.
Age ::= INTEGER (0..7)User ::= SEQUENCE { name IA5String (SIZE(1..128)), age Age, address IA5String OPTIONAL,
}
Data Types : BOOLEAN, INTEGER, BIT STRING, OCTET STRING, NULL, REAL, ENUMERATED, GeneralizedTime, IA5String, UTF8StringConstructors : SEQUENCE, SET
PKCS#7 - SignedData
Supports multiple signers/signatures
PKCS#7 - SignerInfos
PKCS#7
What is Digested and Signed• RAW• Hash of the message• Does not contain information on DigestAlgorithm
• PKCS#7• EncryptedDigest ASN1 structure• Contains both hash & DigestAlgorithm• AuthenticatedAttributes in case they are present
PKCS#7 - EncryptedDigest
ASN1 Definition of EncryptedDigest
ASN1 Parse of Decrypted EncryptedDigest
PKCS#7 – SigningTime
• AuthenticatedAttributes DER encoded ASN1 structure is digested
• This forms an association of message & signing time with the signature
AuthenticatedAttributes include • SigningTime• MessageDigest and other attributes
PKCS#7 - Signatures Types1. Single signature
– One signer and his/her signature on a document2. Parallel signature
– Multiple signer and their signature on a document3. Counter signature
– Hierarchy of signatures – UnauthenticatedAttributes contains SignerInfos for counter signer– Signature is on EncryptedDigest of previous signer– Recursive in nature
Signature container may OR may not include content on which digital signature was created4. Attached PKCS#7 signature5. Detached PKCS#7 signature
Without eSignSubscriber :• Application to CA for DSC (soft/hard mode)• Key generation and safe custody(iToken, Smart card)
PKI :• Manual verification of credentials (VA)• Issuance & communication of DSC
Limited by :• Not online• Time taken for ascertaining subscribers identity• Key management, accessibility and cost
Mass adoption and integration with services
eSignElectronic Authentication Techniques & Procedure Rules, 2015
- Legal validity to authentication & eKYC using Aadhaar
eSign facilitates Digital Signatures by an Aadhaar holder– Registered & active mobile number is a
prerequisite– OTP and Biometric authentication methods– eKYC treated as verified PoI and PoA
(Registration)
Thank YouQ/A