web technology and commerce unit-5 by arun pratap singh
TRANSCRIPT
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
1/82
UNIT : V
PREPARED BY ARUN PRATAP SINGH
WEB TECHNOLOGY AND COMMERCE (MCSE 201)
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
2/82
PREPARED BY ARUN PRATAP SINGH 1
1
ADVANCED TECHNOLOGIES FOR E-COMMERCE:
INTRODUCTION TO MOBILE AGENTS:
UNIT : V
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
3/82
PREPARED BY ARUN PRATAP SINGH 2
2
Mobile agents are defined as active objects (or clusters of objects) that have
behavior, state and location.
Mobility: Agentsthat can travel in network
Autonomy: Agent itself decides when and where to migrate next
A Mobile Agent, namely, is a type of software agent, with the feature of autonomy, social
ability, learning, and most significantly, mobility.
More specifically, a mobile agentis aprocess that can transport its state from one environment
to another, with its data intact, and be capable of performing appropriately in the new environment.
Mobile agents decide when and where to move. Movement is often evolved from RPC methods.
Just as a user directs an Internet browser to "visit" a website (the browser merely downloads a
copy of the site or one version of it in the case of dynamic web sites), similarly, a mobile agent
accomplishes a move through data duplication. When a mobile agent decides to move, itsaves
its own state,transports this saved state to the new host, and resumes execution from the saved
state.
A mobile agent is a specific form ofmobile code,within the field ofcode mobility.However, in
contrast to theRemote evaluation andCode on demand programming paradigms, mobile agents
are active in that they can choose to migrate between computers at any time during their
execution. This makes them a powerful tool for implementing distributed applications in
acomputer network.
http://en.wikipedia.org/wiki/Software_agenthttp://en.wikipedia.org/wiki/Process_(computing)http://en.wikipedia.org/wiki/Remote_procedure_callhttp://en.wikipedia.org/wiki/Serializationhttp://en.wikipedia.org/wiki/Serializationhttp://en.wikipedia.org/wiki/Mobile_codehttp://en.wikipedia.org/wiki/Code_mobilityhttp://en.wikipedia.org/wiki/Remote_evaluationhttp://en.wikipedia.org/wiki/Code_on_demandhttp://en.wikipedia.org/wiki/Distributed_systemhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Distributed_systemhttp://en.wikipedia.org/wiki/Code_on_demandhttp://en.wikipedia.org/wiki/Remote_evaluationhttp://en.wikipedia.org/wiki/Code_mobilityhttp://en.wikipedia.org/wiki/Mobile_codehttp://en.wikipedia.org/wiki/Serializationhttp://en.wikipedia.org/wiki/Serializationhttp://en.wikipedia.org/wiki/Remote_procedure_callhttp://en.wikipedia.org/wiki/Process_(computing)http://en.wikipedia.org/wiki/Software_agent -
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
4/82
PREPARED BY ARUN PRATAP SINGH 3
3
An open multi-agent systems (MAS) is a system in which agents, that are owned by a variety of
stakeholders, continuously enter and leave the system.
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
5/82
PREPARED BY ARUN PRATAP SINGH 4
4
Comparison of 3 Network computing paradigm
A mobile agent contains the following 3 components:
Code- the program (in a suitable language) that defines the agent's behavior.
State- the agent's internal variables etc., which enable it to resume its activities
after moving to another host.
Attributes - information describing the agent, its origin and owner, its movement
history, resource requirements, authentication keys etc. Part of this may be
accessible to the agent itself, but the agent must not be able to modify the attributes
MA System Arichitecture :
The main components include
mobile agents (defined before)
places
supports the execution of particular procedures and provides access to
local resources.
agent systems
Places inside an agent system may share resources, code, or security
mechanisms and, in general, have a privileged relationship with each other
and less expensive mobility.
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
6/82
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
7/82
PREPARED BY ARUN PRATAP SINGH 6
6
Mobility Support,
Unique Identification of Agents Support,
Transaction Support, and
Communication Support.
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
8/82
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
9/82
PREPARED BY ARUN PRATAP SINGH 8
8
Mobile Agent vs. Remote Procedure Call(RPC) :
RPC:
using Synchronous protocol-High Efficiency and low latency
Scaling -- Multiple servers
Mobile Agent:
Messaging(Asynchronous) :Robustness, especially in wide area network
Every node is a server
Application Areas for Mobile Agents :
Data collection from many places
Searching and filtering
Monitoring
Negotiating
Bartering
Parallel processing
Entertainment
Targeted information dissemination
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
10/82
PREPARED BY ARUN PRATAP SINGH 9
9
WIRELESS APPLICATION PROTOCOL (WAP) :
Wireless Application Protocol(WAP) is atechnical standard for accessing information over a
mobile wireless network.A WAP browser is aweb browser formobile devices such asmobile
phones that uses the protocol.
Before the introduction of WAP, mobile service providers had limited opportunities to offer
interactive data services, but needed interactivity to supportInternet andWebapplications such
as:
Email by mobile phone
Tracking of stock-market prices
Sports results
News headlines
Music downloads
What is WAP?
WAP stands for Wireless Application Protocol
WAP is an application communication protocol
WAP is used to access services and information
WAP is inherited from Internet standards
WAP is for handheld devices such as mobile phones
WAP is a protocol designed for micro browsers
WAP enables the creating of web applications for mobile devices.
WAP uses the mark-up language WML (not HTML)
WML is defined as an XML 1.0 application
The Wireless Application Protocol
The WAP is the leading standard for information services on wireless terminals like digital
mobile phones.
The WAP standard is based on Internet standards (HTML, XML and TCP/IP).
History of WAP
WAP is published by the WAP Forum, founded in 1997 by Ericsson, Motorola, Nokia, and
Unwired Planet.
Forum members now represent over 90% of the global handset market, as well as leading
infrastructure providers, software developers and other organizations.
http://en.wikipedia.org/wiki/Technical_standardhttp://en.wikipedia.org/wiki/Wireless_networkhttp://en.wikipedia.org/wiki/Web_browserhttp://en.wikipedia.org/wiki/Mobile_devicehttp://en.wikipedia.org/wiki/Mobile_phoneshttp://en.wikipedia.org/wiki/Mobile_phoneshttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/WWWhttp://en.wikipedia.org/wiki/Emailhttp://en.wikipedia.org/wiki/Emailhttp://en.wikipedia.org/wiki/WWWhttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Mobile_phoneshttp://en.wikipedia.org/wiki/Mobile_phoneshttp://en.wikipedia.org/wiki/Mobile_devicehttp://en.wikipedia.org/wiki/Web_browserhttp://en.wikipedia.org/wiki/Wireless_networkhttp://en.wikipedia.org/wiki/Technical_standard -
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
11/82
PREPARED BY ARUN PRATAP SINGH 10
10
WAP Architecture :
WAP Application Server :
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
12/82
PREPARED BY ARUN PRATAP SINGH 11
11
How WAP Model Works?
When it comes to actual use, WAP works like this:
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
13/82
PREPARED BY ARUN PRATAP SINGH 12
12
WAP I
protocol stack :
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
14/82
PREPARED BY ARUN PRATAP SINGH 13
13
WAP is designed in a layered fashion so that it can be extensible, flexible, and scalable.
As a result, the WAP protocol stack is divided into five layers.
Application Layer
Wireless Application Environment (WAE). This layer is of most interest to content
developers because it contains, among other things, device specifications and thecontent development programming languages, WML and WMLScript.
Session Layer
Wireless Session Protocol (WSP). Unlike HTTP, WSP has been designed by the WAP
Forum to provide fast connection suspension and reconnection.
WSP-The WAP session protocol (WSP) layer provides a lightweight session layer to
allow efficient exchange of data between applications.
Transaction Layer
Wireless Transaction Protocol (WTP). The WTP runs on top of a datagram service such
as User Datagram Protocol (UDP) and is part of the standard suite of TCP/IP protocols
used to provide a simplified protocol suitable for low bandwidth wireless stations.
WTP -- The WAP transaction protocol (WTP) layer provides transaction support, adding
reliability to the datagram service provided by WDP.
WDP-- The WAP datagram protocol (WDP) is the transport layer that sends and
receives messages via any available bearer network, including SMS, USSD, CSD,
CDPD and GPRS.
Security Layer
Wireless Transport Layer Security (WTLS). WTLS incorporates security features that are based
upon the established Transport Layer Security (TLS) protocol standard. It includes data integritychecks, privacy, service denial, and authentication services.
WTLS -- Wireless transport layer security (WTLS), an optional security layer, has
encryption facilities that provide the secure transport service required by many
applications, such as e-commerce.
Transport layer
Wireless Datagram Protocol (WDP). The WDP allows WAP to be bearer-independent by
adapting the transport layer of the underlying bearer. The WDP presents a consistent data
format to the higher layers of the WAP protocol stack, thereby offering the advantage of bearer
independence to application developers. Each of these layers provides a well-defined interface to the layer. This means that
the internal workings of any layer are transparent or invisible to the layers. The layered
architecture allows other applications and services to utilize the features provided by the
WAP-stack as well. This makes it possible to use the WAP-stack for services and
applications that currently are not specified by WAP.
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
15/82
PREPARED BY ARUN PRATAP SINGH 14
14
What is the purpose of WAP?
To enable easy, fast delivery of relevant information and services to mobile users.
It consists of a WML language specification, a WMLScript specification, and a
Wireless Telephony Application Interface(WTAI) specification.
WAP-Environment :
The Wireless Application Environment (WAE) provides an environment that enables a
wide range of applications to be used on wireless devices.
"WAP - The wireless service enabler" the WAP WAE programming model was
introduced.
Goals
device and network independent application environment
for low-bandwidth, wireless devices
considerations of slow links, limited memory, low computing power, small display,
simple user interface (compared to desktops)
integrated Internet/WWW programming model
high interoperability
WAE Components :
Architecture
Application model, Microbrowser, Gateway, Server
User Agents
WML/WTA/Others
content formats: vCard, vCalendar, Wireless Bitmap, WML, ...
WML
XML-Syntax, based on card stacks, variables, ...
WMLScript
procedural, loops, conditions, ... (similar to JavaScript)
WTA
telephone services, such as call control, text messages, phone book, ...
(accessible from WML/WMLScript)
Proxy (Method/Push)
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
16/82
PREPARED BY ARUN PRATAP SINGH 15
15
WAE: Logical Model :
WML: Wireless Markup Language :
Tag-based browsing language:
Screen management (text, images)
Data input (text, selection lists, etc.)
Hyperlinks & navigation support
Takes into account limited display, navigation capabilities of devices
XML-based language
describes only intent of interaction in an abstract manner
presentation depends upon device capabilities
Cards and Decks
document consists of many cards
User interactions are split into cards
Explicit navigation between cards
cards are grouped to decks
deck is similar to HTML page, unit of content transmission
Events, variables and state mgmt
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
17/82
PREPARED BY ARUN PRATAP SINGH 16
16
WML Script
WMLScript is based on ECMA Script, the same scripting language that
JavaScript is based on.
It can be used for enhancing services written in WML in the way that it to some
extent adds intelligence to the services, for example procedural logic, loops,
conditional expressions, and computational functions.
Wireless Telephony Application (WTA)
A framework and programming interface for telephony services.
The Wireless Telephony Application (WTA) environment provides a means to create
telephony services using WAP.
Collection of telephony specific extensions
designed primarily for network operators
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
18/82
PREPARED BY ARUN PRATAP SINGH 17
17
Example
calling a number (WML)
wtai://wp/mc;07216086415
calling a number (WMLScript)
WTAPublic.makeCall("07216086415");
Implementation
Extension of basic WAE application model
Extensions added to standard WML/WMLScript browser
Exposes additional API (WTAI)
WTA Logical Architecture
WAP - KEY BENEFITS :
Subscribers:
It is crucial that the subscribers will benefit from using WAP based services, otherwise
there will be no incentive neither for WAP as a whole nor for any of the other groups
mentioned below. The key-benefits can be summarised as:
Portability
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
19/82
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
20/82
PREPARED BY ARUN PRATAP SINGH 19
19
Use standard tools like ASP or CGI to generate content dynamically
Utilise existing investments in databases etc that are the basis of existing Internet
services
Manufacturers:
Mobile devices supporting WAP will be available in many different form factors, e.g.
cellular phones, pagers, and handheld PCs. Hardware manufacturers will also need to
supply operators etc with equipment, such as WAP Gateway/Proxys and WTA servers.
Manufacturer benefits are for example:
WAP scales across a broad range of mobile networks, meaning that WAP
implementations can be used in devices supporting different types of networks.
The expected wide adoption of WAP implies that economies of scales can be achieved,
meaning that the huge mass-market can be addressed
The fact that WAP is designed to consume minimal amount of memory, and that the use
of proxy technology relieves the CPU, means that inexpensive components can be used
in the handsets
Reuse the deep knowledge about wireless network infrastructure to develop advanced
servers that seamlessly integrates mobile VAS with telephony
Seize the opportunity to introduce new innovative products
Tools Providers:
Today there is a large amount of tools available for creating applications for the web.Content developers have become used to the convenience that tools like FrontPage and
DreamWeaver provides. Tools providers will be able to:
Reuse and modify existing products to support WAP, or even integrate WAP support in
existing tools.
Address a new customer base in the wireless community.
WAP Push Services :
Web push
Scheduled pull by client (browser)
example: Active Channels
no real-time alerting/response
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
21/82
PREPARED BY ARUN PRATAP SINGH 20
20
example: stock quotes
Wireless push
accomplished by using the network itself
example: SMS
limited to simple text, cannot be used as starting point for service
example: if SMS contains news, user cannot request specific news item
WAP push
Network supported push of WML content
example: Alerts or service indications
Pre-caching of data (channels/resources)
WAP Push Framework
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
22/82
PREPARED BY ARUN PRATAP SINGH 21
21
WEB SECURITY :
Many sensitive tasks are done through web
Online banking, online shopping
Database access
System administration
Web applications and web users are targets of many attacks
Cross site scripting
SQL injection
Cross site request forgery
Information leakage
Session hijacking
Web security is a tree branch of computer security specifically related to the Internet, often
involvingbrowser security but alsonetwork security on a more general level as it applies to otherapplications oroperating systems on a whole. Its objective is to establish rules and measures to
use against attacks over the Internet. The Internet represents an insecure channel for exchanging
information leading to a high risk ofintrusion or fraud, such asphishing.[2]Different methods have
been used to protect the transfer of data, includingencryption.
Web Security blocks web threats to reduce malware infections, decrease help desk
incidents and free up valuable IT resources.
http://en.wikipedia.org/wiki/Computer_securityhttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Browser_securityhttp://en.wikipedia.org/wiki/Network_securityhttp://en.wikipedia.org/wiki/Operating_systemshttp://en.wikipedia.org/wiki/Hacker_(computer_security)http://en.wikipedia.org/wiki/Phishinghttp://en.wikipedia.org/wiki/Internet_security#cite_note-2http://en.wikipedia.org/wiki/Internet_security#cite_note-2http://en.wikipedia.org/wiki/Internet_security#cite_note-2http://en.wikipedia.org/wiki/Encryptionhttp://en.wikipedia.org/wiki/Encryptionhttp://en.wikipedia.org/wiki/Internet_security#cite_note-2http://en.wikipedia.org/wiki/Phishinghttp://en.wikipedia.org/wiki/Hacker_(computer_security)http://en.wikipedia.org/wiki/Operating_systemshttp://en.wikipedia.org/wiki/Network_securityhttp://en.wikipedia.org/wiki/Browser_securityhttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Computer_security -
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
23/82
PREPARED BY ARUN PRATAP SINGH 22
22
Web Security Issues :
Secure communications between client & server
HTTPS (HTTP over SSL)
User authentication & session management
Cookies & other methods
Active contents from different websites
Protecting resources maintained by browsers
Web application security
Web site authentication (e.g., anti-phishing)
Privacy concerns
HTTP: HyperText Transfer Protocol :
Browser sends HTTP requests to the server
Methods: GET, POST, HEAD,
GET: to retrieve a resource (html, image, script, css,)
POST: to submit a form (login, register, )
HEAD
Server replies with a HTTP response
Stateless request/response protocol
Each request is independent of previous requests
Statelessness has a significant impact on design and implementation of
applications
HTTP Authentication -
Protect web content from those who dont have a need to know
Require users to authenticate using a userid/password before they are allowed access to
certain URLs
HTTP/1.1 requires that when a user makes a request for a protected resource the server
responds with a authentication request header
WWW-Authenticate
contains enough pertinent information to carry out a challenge-response
session between the user and the server
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
24/82
PREPARED BY ARUN PRATAP SINGH 23
23
Secure Sockets Layer (SSL)
Invented by Netscape and made public domain for everyones use
An additional layer to the TCP/IP stack that sits between the Application and
Transport layers
ensures that all application data is encrypted but TCP/IP headers are not
usually run on port 443 (default HTTPS port)
Public Key Cryptography
owner of a private key sends a public key to all who want to communicate with
him (keys are both prime factors of a large (1024 bit) number). Owner keeps the
private key secret and uses it to decrypt information sent to him that has been
encrypted with the public-key
RSA algorithm is most notable public-key cipher algorithm
Digital Certificates
issued by a disinterested third party (ex. Verisign)
the Certificate contains the public-key for the specific Web Server and a digital
signature of the certifying authority
Cookies
A cookie is a name/value pair created by a website to store information on your
computer
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
25/82
PREPARED BY ARUN PRATAP SINGH 24
24
Cookies Fields
An example cookie
Name session-token
Content "s7yZiOvFm4YymG.
Domain .amazon.com
Path /
Send For Any type of connection
Expires Monday, September 08, 2031 7:19:41 PM
Stored by the browser
Used by the web applications
used for authenticating, tracking, and maintaining specific information about
users
e.g., site preferences, contents of shopping carts
data may be sensitive
may be used to gather information about specific users
Cookie ownership
Once a cookie is saved on your computer, only the website that created the
cookie can read it
Web Authentication via Cookies-
HTTP is stateless
How does the server recognize a user who has signed in?
Servers can use cookies to store state on client
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
26/82
PREPARED BY ARUN PRATAP SINGH 25
25
After client successfully authenticates, server computes an authenticator and
gives it to browser in a cookie
Client cannot forge authenticator on his own (session id)
With each request, browser presents the cookie
Server verifies the authenticator
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
27/82
PREPARED BY ARUN PRATAP SINGH 26
26
Security threats :
With the emergence of Web 2.0, increased information sharing through social networking and
increasing business adoption of theWeb as a means of doing business and delivering service,
websites are often attacked directly.Hackers either seek to compromise the corporate network
or the end-users accessing the website by subjecting them todrive-by downloading.
As a result, industry is paying increased attention to the security of the web
applications themselves in addition to the security of the underlying computer network and
operating systems.
The majority of web application attacks occur through cross-site scripting (XSS) and SQL
injection attackswhich typically result from flawed coding, and failure to sanitize input to and
output from the web application. These are ranked in the 2009 CWE/SANS Top 25 Most
Dangerous Programming Errors. According the security vendor Cenzic, the top vulnerabilities in
March 2012 include:
Cross Site Scripting,37%
SQL Injection,16%
Path Disclosure,5%
Denial of Service,5%
Code Execution,4%
Memory Corruption,4%
Cross Site Request Forgery,4%
Information Disclosure,3%
Arbitrary File,3%
Local File Include,2%
Remote File Include,1%
Buffer overflow,1%
Other (PHP Injection,Javascript Injection,etc.), 15%
Security technology
While security is fundamentally based on people and processes, there are a number of technical
solutions to consider when designing, building and testing secure web applications. At a high
level, these solutions include:
Black Box testing tools such as Web application security scanners, vulnerability
scanners andpenetration testing software
White Box testing tools such asstatic source code analyzers
http://en.wikipedia.org/wiki/Web_2.0http://en.wikipedia.org/wiki/Social_networkinghttp://en.wikipedia.org/wiki/World_Wide_Webhttp://en.wikipedia.org/wiki/Hacker_(computer_security)http://en.wikipedia.org/wiki/Drive-by_downloadhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Operating_systemhttp://en.wikipedia.org/wiki/Cross-site_scriptinghttp://en.wikipedia.org/wiki/SQL_injectionhttp://en.wikipedia.org/wiki/SQL_injectionhttp://en.wikipedia.org/wiki/Mitre_Corporationhttp://en.wikipedia.org/wiki/SANS_Institutehttp://en.wikipedia.org/wiki/Cross_Site_Scriptinghttp://en.wikipedia.org/wiki/SQL_Injectionhttp://en.wikipedia.org/w/index.php?title=Path_Disclosure&action=edit&redlink=1http://en.wikipedia.org/wiki/Denial-of-service_attackhttp://en.wikipedia.org/wiki/Arbitrary_code_executionhttp://en.wikipedia.org/w/index.php?title=Memory_Corruption&action=edit&redlink=1http://en.wikipedia.org/wiki/Cross-site_request_forgeryhttp://en.wikipedia.org/wiki/Data_breachhttp://en.wikipedia.org/w/index.php?title=Arbitrary_File&action=edit&redlink=1http://en.wikipedia.org/w/index.php?title=Local_File_Include&action=edit&redlink=1http://en.wikipedia.org/wiki/Remote_file_inclusionhttp://en.wikipedia.org/wiki/Buffer_overflowhttp://en.wikipedia.org/w/index.php?title=PHP_Injection&action=edit&redlink=1http://en.wikipedia.org/w/index.php?title=Javascript_Injection&action=edit&redlink=1http://en.wikipedia.org/wiki/Application_security#Security_testing_for_applicationshttp://en.wikipedia.org/wiki/Web_application_security_scannerhttp://en.wikipedia.org/wiki/Vulnerability_scannerhttp://en.wikipedia.org/wiki/Vulnerability_scannerhttp://en.wikipedia.org/wiki/Penetration_testing#Web_application_penetration_testinghttp://en.wikipedia.org/wiki/Application_security#Security_testing_for_applicationshttp://en.wikipedia.org/wiki/Static_code_analysishttp://en.wikipedia.org/wiki/Static_code_analysishttp://en.wikipedia.org/wiki/Application_security#Security_testing_for_applicationshttp://en.wikipedia.org/wiki/Penetration_testing#Web_application_penetration_testinghttp://en.wikipedia.org/wiki/Vulnerability_scannerhttp://en.wikipedia.org/wiki/Vulnerability_scannerhttp://en.wikipedia.org/wiki/Web_application_security_scannerhttp://en.wikipedia.org/wiki/Application_security#Security_testing_for_applicationshttp://en.wikipedia.org/w/index.php?title=Javascript_Injection&action=edit&redlink=1http://en.wikipedia.org/w/index.php?title=PHP_Injection&action=edit&redlink=1http://en.wikipedia.org/wiki/Buffer_overflowhttp://en.wikipedia.org/wiki/Remote_file_inclusionhttp://en.wikipedia.org/w/index.php?title=Local_File_Include&action=edit&redlink=1http://en.wikipedia.org/w/index.php?title=Arbitrary_File&action=edit&redlink=1http://en.wikipedia.org/wiki/Data_breachhttp://en.wikipedia.org/wiki/Cross-site_request_forgeryhttp://en.wikipedia.org/w/index.php?title=Memory_Corruption&action=edit&redlink=1http://en.wikipedia.org/wiki/Arbitrary_code_executionhttp://en.wikipedia.org/wiki/Denial-of-service_attackhttp://en.wikipedia.org/w/index.php?title=Path_Disclosure&action=edit&redlink=1http://en.wikipedia.org/wiki/SQL_Injectionhttp://en.wikipedia.org/wiki/Cross_Site_Scriptinghttp://en.wikipedia.org/wiki/SANS_Institutehttp://en.wikipedia.org/wiki/Mitre_Corporationhttp://en.wikipedia.org/wiki/SQL_injectionhttp://en.wikipedia.org/wiki/SQL_injectionhttp://en.wikipedia.org/wiki/Cross-site_scriptinghttp://en.wikipedia.org/wiki/Operating_systemhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Drive-by_downloadhttp://en.wikipedia.org/wiki/Hacker_(computer_security)http://en.wikipedia.org/wiki/World_Wide_Webhttp://en.wikipedia.org/wiki/Social_networkinghttp://en.wikipedia.org/wiki/Web_2.0 -
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
28/82
PREPARED BY ARUN PRATAP SINGH 27
27
Fuzzing Tools used for input testing
Web application firewalls (WAF) used to providefirewall-type protection at the web application
layer
Password cracking tools for testingpassword strength and implementation
ENCRYPTION SCHEMES :
The process of converting plain text into an unintelligible format (cipher text) is called Encryption.
Incryptography,encryptionis the process of encoding messages or information in such a way
that only authorized parties can read it. Encryption doesn't prevent hacking but it reduces the
likelihood that the hacker will be able to read the data that is encrypted. In an encryption scheme,
the message or information, referred to asplaintext,is encrypted using an encryption algorithm,
turning it into an unreadableciphertext.This is usually done with the use of anencryption key,
which specifies how the message is to be encoded. Any adversary that can see the ciphertext
should not be able to determine anything about the original message. An authorized party,
however, is able to decode the ciphertext using a decryption algorithm, that usually requires a
secret decryption key, that adversaries do not have access to. For technical reasons, an
encryption scheme usually needs a key-generation algorithm to randomly produce keys.
http://en.wikipedia.org/wiki/Fuzz_testinghttp://en.wikipedia.org/wiki/Web_application_firewallhttp://en.wikipedia.org/wiki/Firewall_(computing)http://en.wikipedia.org/wiki/Password_crackinghttp://en.wikipedia.org/wiki/Password_strengthhttp://en.wikipedia.org/wiki/Cryptographyhttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Ciphertexthttp://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Ciphertexthttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Cryptographyhttp://en.wikipedia.org/wiki/Password_strengthhttp://en.wikipedia.org/wiki/Password_crackinghttp://en.wikipedia.org/wiki/Firewall_(computing)http://en.wikipedia.org/wiki/Web_application_firewallhttp://en.wikipedia.org/wiki/Fuzz_testing -
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
29/82
PREPARED BY ARUN PRATAP SINGH 28
28
ENCRYPTION SCHEMES-
People use encryption to change readable text, called plaintext, into an unreadable secret format,
called cipher text. Encrypting data provides additional benefits besides protecting the
confidentiality of a message. These advantages include ensuring that messages have not been
altered during transit and verifying the identity of the sender. All of these benefits can be realized
by using any of these encryption methods.
Hashing Encryption
The first encryption method, called hashing, creates a unique, fixed-length signature for a
message or data set. Hashes are created with an algorithm, or hash function, and people
commonly use them to compare sets of data. Since a hash is unique to a specific message, even
minor changes to that message result in a dramatically different hash, thereby alerting a user to
potential tampering.
A key difference between hashing and the other two encryption methods is that once the data is
encrypted, the process cannot be reversed or deciphered. This means that even if a potential attackerwere able to obtain a hash, he or she would not be able to use a decryption method to discover the
contents of the original message. Some common hashing algorithms are Message Digest 5 (MD5)
and SecureHashing Algorithm (SHA).
Symmetric Methods
Symmetric cryptography, also called private-key cryptography, is one of the oldest and most
secure encryption methods. The term "private key" comes from the fact that the key used
toencrypt and decrypt data must remain secure because anyone with access to it can read the
coded messages. A sender encodes a message intociphertext using a key, and the receiver uses
the same key to decode it.People can use this encryption method as either a "stream"cipher or a "block" cipher, depending
on the amount of data being encrypted or decrypted at a time. A stream cipher encrypts data one
character at a time as it is sent or received, while ablock cipher processes fixed chunks of data.
Common symmetric encryption algorithms includeData Encryption Standard (DES), Advanced
Encryption Standard (AES), and International Data Encryption Algorithm (IDEA).
Asymmetric Forms
Asymmetric, or public key, cryptography is, potentially, more secure than symmetric methods of
encryption. This type of cryptography uses two keys, a "private" key and a "public key," to perform
encryption and decryption. The use of two keys overcomes a major weakness in symmetric keycryptography, since a single key does not need to be securely managed among multiple users.
In asymmetric cryptography, a public key is freely available to everyone and used to encrypt
messages before sending them. A different, private key remains with the receiver of ciphertext
messages, who uses it to decrypt them. Algorithms that use public key encryption methods
include RSA and Diffie-Hellman.
http://www.wisegeek.org/what-is-an-algorithm.htmhttp://www.wisegeek.com/what-is-a-hashing-algorithm.htmhttp://www.wisegeek.com/what-is-encryption.htmhttp://www.wisegeek.com/what-is-ciphertext.htmhttp://www.wisegeek.com/what-is-a-cipher.htmhttp://www.wisegeek.com/what-is-a-block-cipher.htmhttp://www.wisegeek.com/what-is-data-encryption.htmhttp://www.wisegeek.com/what-is-data-encryption.htmhttp://www.wisegeek.com/what-is-a-block-cipher.htmhttp://www.wisegeek.com/what-is-a-cipher.htmhttp://www.wisegeek.com/what-is-ciphertext.htmhttp://www.wisegeek.com/what-is-encryption.htmhttp://www.wisegeek.com/what-is-a-hashing-algorithm.htmhttp://www.wisegeek.org/what-is-an-algorithm.htm -
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
30/82
PREPARED BY ARUN PRATAP SINGH 29
29
Data encryption has become a sad necessity for responsible data managers. However
cryptography is jargon-heavy even by the discouraging standards of the IT world symmetric
and asymmetric cryptosystems, public versus private keys, digital signatures, hash algorithms,
RSA, DES, Rijndael, PGP, MD5, SHA-1, https, secure sockets, Camellia, IDEA; what does it all
mean? What are the differences? Relative advantages and disadvantages? Hopefully this
article will clear some of the fog.
Substitution ciphers
Although we tend to use the words code and cipher interchangeably, technically they're two
entirely different things. When you substitute each letter in a message for a different symbol
that's a cipher. A code on the other hand means assigning a secret meaning to a word or
phrase.
For example, if "The birds are flying south" means "Flee! The police are on to us!" that's a code.
But the simple schoolboy code, 1 = 'A', 2 = 'B' etc. (invented, legend has it, by Julius Caesar),
is a cipher, a substitution cipher in fact. So the ASCII code is actually a kind of cipher for
example.
Substitution ciphers were good enough for nearly two thousand years but they eventually failed
in the face of improving technology. The Enigma cipher used by the German military during
World War II is a substitution cipher and it was broken long before the days of computers, both
by the Poles and more famously the British. Dont, however, dismiss substitution ciphers. If you
just want to deter prying eyes a substitution cipher using multiple substitutions and several
different substitutions schemes offers a reasonable level of encryption for virtually no
computational effort. (This is the way Enigma works and after all, it did take Alan Turing to break
it).
Random substitution
There is a form of substitution cipher that does offer excellent security. By making randomsubstitutions, the patterns that make other substitution ciphers vulnerable are eliminated. The
simplest form of random substitution is to break a message into blocks of 4 bytes (4 ASCII
characters) and add a pseudo-random number to each block. To recover the plaintext (the input
message) subtract the same series of pseudo-random numbers from the ciphertext (the
encrypted message). The key is simply the seed value for the pseudo-random number
generator.
This form of encryption is widely used (the file encryption options offered by word processors
often use this method) as its simple, highly reliable and will defeat all but the most determined
and skillful attackers.
Symmetric cryptosystems: DES and AESIf, however, you need higher levels of security there are plenty of alternatives. Block ciphers
break the message into fixed-length blocks, then each block of plaintext is converted into a
block of ciphertext using a sequence of arithmetic operations and/or substitutions. The best
known of these is DES (the Data Encryption Standard), developed by the National Institute of
Standards and Technology in the US.
DES uses 64-bit blocks with a 64-bit key (although only 56 bits are significant; the other 8 are
parity bits). The bits within a block are shuffled and XORed with the key in a sequence of 16
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
31/82
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
32/82
PREPARED BY ARUN PRATAP SINGH 31
31
reversed to recover the original message? Nonetheless, thats exactly how it is. Given a pa ir of
keys, a message encrypted with one can only be decrypted with the other and vice-versa.
There are a number of asymmetric key systems but the best known and most widely used is
RSA, named for its (three) co-inventors. Originally patented, the patent expired in September
2000 and the algorithm is now in the public domain. The Secure Sockets Layer used for securecommunications on the Internet uses RSA (the https protocol is simply http over SSL).
Unfortunately, nothing in life is free, and so it is with asymmetric cryptosystems. Since d can be
computed from e given p and q, and p and q are the factors of N, they must be chosen so large
that N cannot be factorised in any reasonable time. As computer power has grown so too has
the ability to compute the factors of very large numbers. Current hardware means key lengths
should be 1024 bits for complete security.
Raising such very large numbers to very large exponents is computationally much more
demanding than the bit shifting and XOR'ing of symmetric cryptosystems such as DES, so
asymmetric encryption is really only practical for short messages. A common workaround when
encrypting long messages is to use RSA to encrypt a short preamble containing a DES or AES
key selected at random, then send the main body of the message encrypted with that key. A
recipient with the corresponding private key can decrypt the preamble and use the key it
contains to decipher the rest of the message. Modern web browsers use exactly this method to
conduct secure communications.
Digital signatures
An increasingly important use for asymmetric encryption is digital signing. A digital signature is
the reverse of public key encryption. Just like an ordinary signature it is used to prove the
identity of the sender of a message. This can happen in several ways. The simplest is to send a
random message as both plaintext and ciphertext. The recipient deciphers the ciphertextversion using the published public key and if the two versions match it proves the sender was in
possession of the private key.
One drawback of this form of signature is that it only verifies itself, not any message to which it
is attached. An alternative form uses a redundancy or hash function to create a message digest
from a message in order to verify the source and reliability of the message. Suppose A and B
(the Alice and Bob so beloved of cryptographers) want to exchange messages. A encrypts a
message using Bs public key and appends the hashed value of the message encrypted with
her own private key. On receiving the message B deciphers it using his private key, and also
deciphers the accompanying message digest using As public key. If it matches the hash value
he computes from the message he received, he can conclude that:
(a) The message originated from A (the only person who could have encrypted the digest
correctly) and
(b) The message has not been altered in transit.
The RSA algorithm has become the standard for digital signature applications and the company
founded by the co-inventors of RSA, RSA Data Security Inc, has developed (and published) a
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
33/82
PREPARED BY ARUN PRATAP SINGH 32
32
number of improvements on this basic scheme. Digital signatures on the Web are based on
RSA, as is the popular PGPPretty Good Privacypackage.
In detail :
SYMMETRIC KEY ENCRYPTION:
Symmetric-key cryptography is sometimes called secret-key cryptography. The most popular
symmetric-key system is the Data Encryption Standard (DES).
In the simpler types of cryptography, the same key is used to encrypt and decrypt information.
This key is sometimes called a symmetric key.
Everybody who is supposed to be able to read the information must have the key. The problem
with this sort of code is that the key has to be given to them over a secure line. If you're able to
give a key securely, why not send the whole message securely?
Thinking of the key as the key to a room may help explain this better. Everybody who should haveaccess to the room is given a copy of the key. Anybody who has that key can go in, put new
information in, take old information out, and lock the room again when they leave. Without the
key, you can't enter the room. Furthermore, if you send somebody a copy of the key by way of
the Post Office, somebody working at the Post Office could intercept this key, make a copy of it,
and then send it along. This would allow them to access this same locked room, and do the same
things with it. Now, think of sending the key over the Internet. That key could be intercepted by
anybody between you and the other machine, letting them read everything you locked up with
that key, even letting them modify it.
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
34/82
PREPARED BY ARUN PRATAP SINGH 33
33
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
35/82
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
36/82
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
37/82
PREPARED BY ARUN PRATAP SINGH 36
36
Or we can say that Public-key cryptography, also known as asymmetric cryptography, is a
class of cryptographic algorithms which require two separate keys, one of which
is secret(orprivate) and one of which ispublic. Although different, the two parts of this key pair
are mathematically linked. The public key is used to encrypt plaintext or to verify a digital
signature;whereas the private key is used to decryptciphertext or to create a digital signature.The term "asymmetric" stems from the use of different keys to perform these opposite functions,
each the inverse of the otheras contrasted with conventional ("symmetric") cryptography which
relies on the same key to perform both.
Public-key algorithms are based on mathematical problems which currently admit no efficient
solution that are inherent in certain integer factorization, discrete logarithm, and elliptic
curve relationships. It is computationally easy for a user to generate their own public and private
key-pair and to use them for encryption and decryption. The strength lies in the fact that it is
"impossible" (computationally unfeasible) for a properly generated private key to be determined
from its corresponding public key. Thus the public key may be published without compromisingsecurity, whereas the private key must not be revealed to anyone not authorized to read
messages or perform digital signatures. Public key algorithms, unlikesymmetric key algorithms,
do notrequire asecure initialexchange of one (or more)secret keys between the parties.
Message authentication involves processing a message with a private key to produce a digital
signature.Thereafter anyone can verify this signature by processing the signature value with the
signer's corresponding public key and comparing that result with the message. Success confirms
the message is unmodified since it was signed, and presuming the signer's private key has
remained secret to the signer that the signer, and no one else, intentionally performed the
signature operation. In practice, typically only a hash or digest of the message, and not themessage itself, is encrypted as the signature.
Public-key algorithms are fundamental security ingredients in cryptosystems, applications and
protocols. They underpin such Internet standards as Transport Layer Security (TLS), PGP,
andGPG.Some public key algorithms providekey distribution and secrecy (e.g.,DiffieHellman
key exchange), some provide digital signatures (e.g., Digital Signature Algorithm), and some
provide both (e.g.,RSA).
Public-key cryptography finds application in, amongst others, the IT security disciplineinformation
security.Information security (IS) is concerned with all aspects of protecting electronic information
assets against security threats.[1]Public-key cryptography is used as a method of assuring the
confidentiality, authenticity andnon-repudiability of electronic communications and data storage.
http://en.wikipedia.org/wiki/Cryptographyhttp://en.wikipedia.org/wiki/Algorithmhttp://en.wikipedia.org/wiki/Cryptographic_keyhttp://en.wikipedia.org/wiki/Encrypthttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Ciphertexthttp://en.wikipedia.org/wiki/Integer_factorizationhttp://en.wikipedia.org/wiki/Discrete_logarithmhttp://en.wikipedia.org/wiki/Elliptic_curve_cryptographyhttp://en.wikipedia.org/wiki/Elliptic_curve_cryptographyhttp://en.wikipedia.org/wiki/Symmetric_key_algorithmshttp://en.wikipedia.org/wiki/Secure_channelhttp://en.wikipedia.org/wiki/Key_exchangehttp://en.wikipedia.org/wiki/Secret_keyhttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Cryptographic_hash_functionhttp://en.wikipedia.org/wiki/Cryptosystemhttp://en.wikipedia.org/wiki/Transport_Layer_Securityhttp://en.wikipedia.org/wiki/Pretty_Good_Privacyhttp://en.wikipedia.org/wiki/GNU_Privacy_Guardhttp://en.wikipedia.org/wiki/Key_distributionhttp://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchangehttp://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchangehttp://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchangehttp://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchangehttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Digital_Signature_Algorithmhttp://en.wikipedia.org/wiki/RSA_(algorithm)http://en.wikipedia.org/wiki/Information_securityhttp://en.wikipedia.org/wiki/Information_securityhttp://en.wikipedia.org/wiki/Public-key_cryptography#cite_note-1http://en.wikipedia.org/wiki/Public-key_cryptography#cite_note-1http://en.wikipedia.org/wiki/Public-key_cryptography#cite_note-1http://en.wikipedia.org/wiki/Non-repudiationhttp://en.wikipedia.org/wiki/Non-repudiationhttp://en.wikipedia.org/wiki/Public-key_cryptography#cite_note-1http://en.wikipedia.org/wiki/Information_securityhttp://en.wikipedia.org/wiki/Information_securityhttp://en.wikipedia.org/wiki/RSA_(algorithm)http://en.wikipedia.org/wiki/Digital_Signature_Algorithmhttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchangehttp://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchangehttp://en.wikipedia.org/wiki/Key_distributionhttp://en.wikipedia.org/wiki/GNU_Privacy_Guardhttp://en.wikipedia.org/wiki/Pretty_Good_Privacyhttp://en.wikipedia.org/wiki/Transport_Layer_Securityhttp://en.wikipedia.org/wiki/Cryptosystemhttp://en.wikipedia.org/wiki/Cryptographic_hash_functionhttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Secret_keyhttp://en.wikipedia.org/wiki/Key_exchangehttp://en.wikipedia.org/wiki/Secure_channelhttp://en.wikipedia.org/wiki/Symmetric_key_algorithmshttp://en.wikipedia.org/wiki/Elliptic_curve_cryptographyhttp://en.wikipedia.org/wiki/Elliptic_curve_cryptographyhttp://en.wikipedia.org/wiki/Discrete_logarithmhttp://en.wikipedia.org/wiki/Integer_factorizationhttp://en.wikipedia.org/wiki/Ciphertexthttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Encrypthttp://en.wikipedia.org/wiki/Cryptographic_keyhttp://en.wikipedia.org/wiki/Algorithmhttp://en.wikipedia.org/wiki/Cryptography -
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
38/82
PREPARED BY ARUN PRATAP SINGH 37
37
In an asymmetric key encryption scheme, anyone can encrypt messages using the public key, but only the holder of
the paired private key can decrypt. Security depends on the secrecy of the private key.
In theDiffieHellman key exchangescheme, each party generates a public/private key pair and distributes the public
key. After obtaining an authentic copy of each other's public keys,Alice and Bobcan compute a shared secret offline.
The shared secret can be used, for instance, as the key for asymmetric cipher.
http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchangehttp://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchangehttp://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchangehttp://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchangehttp://en.wikipedia.org/wiki/Alice_and_Bobhttp://en.wikipedia.org/wiki/Symmetric-key_algorithmhttp://en.wikipedia.org/wiki/Symmetric-key_algorithmhttp://en.wikipedia.org/wiki/Alice_and_Bobhttp://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange -
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
39/82
PREPARED BY ARUN PRATAP SINGH 38
38
Asymmetric key crypto graphy u ses two separate keys: one private and on e public.
General idea of asymmetric-key crypto system :
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
40/82
PREPARED BY ARUN PRATAP SINGH 39
39
Public-key cryptography is often used to secure electronic communication over an opennetworked environment such as the internet. Open networked environments are susceptible to a
variety of communication security problems such asman-in-the-middle attacks and other security
threats. Sending a secure communication means that the communication being sent must not be
readable during transit (preserving confidentiality), the communication must not be modified
during transit (preserving the integrity of the communication) and to enforcenon-repudiation or
non-denial of the sending of the communication. Combining public-key cryptography with an
Enveloped Public Key Encryption (EPKE) method, allows for the secure sending of a
communication over an open networked environment.
The distinguishing technique used in public-key cryptography is the use of asymmetric keyalgorithms, where thekey used toencrypt a message is not the same as the key used todecrypt it.
Each user has a pair ofcryptographic keysa public encryption keyand a private decryption
key. Similarly, a key pair used for digital signatures consists of a private signing key and
a public verification key. The public key is widely distributed, while the private key is known only
to its proprietor. The keys are related mathematically, but the parameters are chosen so that
calculating the private key from the public key is either impossible or prohibitively expensive.
In contrast,symmetric-key algorithmsvariations of which have been used for thousands of years
use a singlesecret key, which must be shared and kept private by both the sender and the
receiver, for both encryption and decryption. To use a symmetric encryption scheme, the sender
and receiver must securely share a key in advance.
Because symmetric key algorithms are nearly always much less computationally intensive than
asymmetric ones, it is common to exchange a key using akey-exchange algorithm,then transmit
data using that key and a symmetric key algorithm.PGP and theSSL/TLS family of schemes use
this procedure, and are thus calledhybrid cryptosystems.
http://en.wikipedia.org/wiki/Man-in-the-middle_attackhttp://en.wikipedia.org/wiki/Non-repudiationhttp://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Encryptionhttp://en.wikipedia.org/wiki/Decryptionhttp://en.wikipedia.org/wiki/Cryptographic_keyhttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Symmetric-key_algorithmhttp://en.wikipedia.org/wiki/Key-exchange_algorithmhttp://en.wikipedia.org/wiki/Pretty_Good_Privacyhttp://en.wikipedia.org/wiki/Transport_Layer_Securityhttp://en.wikipedia.org/wiki/Hybrid_cryptosystemhttp://en.wikipedia.org/wiki/Hybrid_cryptosystemhttp://en.wikipedia.org/wiki/Hybrid_cryptosystemhttp://en.wikipedia.org/wiki/Hybrid_cryptosystemhttp://en.wikipedia.org/wiki/Transport_Layer_Securityhttp://en.wikipedia.org/wiki/Pretty_Good_Privacyhttp://en.wikipedia.org/wiki/Key-exchange_algorithmhttp://en.wikipedia.org/wiki/Symmetric-key_algorithmhttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Cryptographic_keyhttp://en.wikipedia.org/wiki/Decryptionhttp://en.wikipedia.org/wiki/Encryptionhttp://en.wikipedia.org/wiki/Key_(cryptography)http://en.wikipedia.org/wiki/Non-repudiationhttp://en.wikipedia.org/wiki/Man-in-the-middle_attack -
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
41/82
PREPARED BY ARUN PRATAP SINGH 40
40
There are two main uses for public-key cryptography:
Public-key encryption, in which a message is encrypted with a recipient's public key. The
message cannot be decrypted by anyone who does not possess the matching private key,
who is thus presumed to be the owner of that key and the person associated with the public
key. This is used in an attempt to ensureconfidentiality.
Digital signatures, in which a message is signed with the sender's private key and can be
verified by anyone who has access to the sender's public key. This verification proves that
the sender had access to the private key, and therefore is likely to be the person associated
with the public key. This also ensures that the message has not been tampered, as any
manipulation of the message will result in changes to the encodedmessage digest,which
otherwise remains unchanged between the sender and receiver.
An analogy to public-key encryption is that of a lockedmail box with a mail slot. The mail slot is
exposed and accessible to the publicits location (the street address) is, in essence, the public
key. Anyone knowing the street address can go to the door and drop a written message through
the slot. However, only the person who possesses the key can open the mailbox and read the
message.
An analogy for digital signatures is the sealing of an envelope with a personal wax seal. The
message can be opened by anyone, but the presence of the unique seal authenticates the sender.
A central problem with the use of public-key cryptography is confidence/proof that a particular
public key is authentic, in that it is correct and belongs to the person or entity claimed, and has
not been tampered with or replaced by a malicious third party. The usual approach to this problemis to use apublic-key infrastructure (PKI), in which one or more third partiesknown ascertificate
authorities certify ownership of key pairs. PGP, in addition to being a certificate authority
structure, has used a scheme generally called the "web of trust", which decentralizes such
authentication of public keys by a central mechanism, and substitutes individual endorsements of
the link between user and public key. To date, no fully satisfactory solution to the "public key
authentication problem" has been found.
Forward Public Key Encryption
The goal of Forward Public Key Encryption (FPKE) encryption is to ensure that the communication
being sent is kept confidential during transit.
To send a message using FPKE, the sender of the message uses the public key of the receiver
to encrypt the contents of the message. The encrypted message is then transmitted electronically
to the receiver and the receiver can then use their own matching private key to decrypt the
message.
http://en.wikipedia.org/wiki/Confidentialityhttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Message_digesthttp://en.wikipedia.org/wiki/Letter_boxhttp://en.wikipedia.org/wiki/Seal_(device)http://en.wikipedia.org/wiki/Public_key_infrastructurehttp://en.wikipedia.org/wiki/Certificate_authorityhttp://en.wikipedia.org/wiki/Certificate_authorityhttp://en.wikipedia.org/wiki/Pretty_Good_Privacyhttp://en.wikipedia.org/wiki/Web_of_trusthttp://en.wikipedia.org/wiki/Web_of_trusthttp://en.wikipedia.org/wiki/Pretty_Good_Privacyhttp://en.wikipedia.org/wiki/Certificate_authorityhttp://en.wikipedia.org/wiki/Certificate_authorityhttp://en.wikipedia.org/wiki/Public_key_infrastructurehttp://en.wikipedia.org/wiki/Seal_(device)http://en.wikipedia.org/wiki/Letter_boxhttp://en.wikipedia.org/wiki/Message_digesthttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Confidentiality -
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
42/82
PREPARED BY ARUN PRATAP SINGH 41
41
The encryption process of using the receivers public key is useful for preserving the confidentiality
of the message as only the receiver has the matching private key to decrypt the message.
Therefore, the sender of the message cannot decrypt the message once it has been encrypted
using the receivers public key. However, FKPE does not address the problem of non-repudiation,
as the message could have been sent by anyone that has access to the receivers public key.
Inverse Public Key Encryption
The goal of Inverse Public Key Encryption (IPKE) is to ensure that the sender of the
communication that is being sent is known to the receiver and that the sender of the message
cannot refute that the message that they have sent was not sent by them. Therefore, the purpose
of IPKE is to ensure thenon-repudiation of the message being sent. This is useful in a practical
setting where a sender wishes to make an electronic purchase of shares and the receiver wants
to confirm that it was indeed the actual sender requesting the purchase and not someone else.
IPKE is also known as adigital signature.
To send a message using IPKE, the message is encrypted using the senders private key which
serves as the senders digital signature. The digitally "signed" and encrypted message is then sent
to the receiver who can then use the senders public key to decrypt the message and reveal the
original contents.
IPKE is useful for applying ones digital signature to a message thus enforcing non-repudiation
however, when the message is transmitted it is possible for the message to be intercepted by an
unauthorized person and the unauthorized person could then use the senders public key to
decrypt the contents of the message thus not enforcing the confidentiality of the message being
sent.Certification Authority
In order for Enveloped Public Key Encryption to be as secure as possible, there needs to be a
"gatekeeper" of public and private keys, or else anyone could publish their public key and
masquerade as the intended sender of a communication. This digital key "gatekeeper" is known
as acertification authority.A certification authority is a trusted third party that can issue public and
private keys thus certifying public keys.
Advantages
- Convenience:It solves the problem of distributing the key for encryption. Everyone publishes
their public keys and private keys are kept secret.
http://en.wikipedia.org/wiki/Non-repudiationhttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Certificate_authorityhttp://en.wikipedia.org/wiki/Certificate_authorityhttp://en.wikipedia.org/wiki/Digital_signaturehttp://en.wikipedia.org/wiki/Non-repudiation -
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
43/82
PREPARED BY ARUN PRATAP SINGH 42
42
- Provides for message authentication: Public key encryption allows the use of digital
signatures which enables the recipient of a message to verify that the message is truly from a
particular sender.
- Detection of tampering: The use of digital signatures in public key encryption allows the
receiver to detect if the message was altered in transit. A digitally signed message cannot be
modified without invalidating the signature.
- Provide for non-repudiation: Digitally signing a message is akin to physically signing a
document. It is an acknowledgement of the message and thus, the sender cannot deny it.
Disadvantages
- Public keys should/must be authenticated:No one can be absolutely sure that a public key
belongs to the person it specifies and so everyone must verify that their public keys belong tothem.
- Slow:Public key encryption is slow compared to symmetric encryption. Not feasible for use in
decrypting bulk messages.
- Uses up more computer resources: It requires a lot more computer supplies compared to
single-key encryption.
- Widespread security compromise is possible:If an attacker determines a person's private
key, his or her entire messages can be read.
- Loss of private key may be irreparable:The loss of a private key means that all received
messages cannot be decrypted.
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
44/82
PREPARED BY ARUN PRATAP SINGH 43
43
DATA ENCRYPTION STANDARD (DES) :
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
45/82
PREPARED BY ARUN PRATAP SINGH 44
44
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
46/82
PREPARED BY ARUN PRATAP SINGH 45
45
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
47/82
PREPARED BY ARUN PRATAP SINGH 46
46
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
48/82
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
49/82
PREPARED BY ARUN PRATAP SINGH 48
48
The overall Feistel structure of DES
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
50/82
PREPARED BY ARUN PRATAP SINGH 49
49
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
51/82
PREPARED BY ARUN PRATAP SINGH 50
50
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
52/82
PREPARED BY ARUN PRATAP SINGH 51
51
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
53/82
PREPARED BY ARUN PRATAP SINGH 52
52
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
54/82
PREPARED BY ARUN PRATAP SINGH 53
53
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
55/82
PREPARED BY ARUN PRATAP SINGH 54
54
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
56/82
PREPARED BY ARUN PRATAP SINGH 55
55
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
57/82
PREPARED BY ARUN PRATAP SINGH 56
56
RSA ALGORITHM :
RSA is one of the first practicablepublic-key cryptosystems and is widely used for secure data
transmission. In such acryptosystem,theencryption key is public and differs from thedecryption
key which is kept secret. In RSA, this asymmetry is based on the practical difficulty offactoring the
product of two large prime numbers, the factoring problem. RSA stands for Ron Rivest,Adi
Shamir andLeonard Adleman,who first publicly described the algorithm in 1977.Clifford Cocks,
an English mathematician, had developed an equivalent system in 1973, but it
wasn'tdeclassified until 1997.
A user of RSA creates and then publishes theproduct of two largeprime numbers,along with an
auxiliary value, as their public key. The prime factors must be kept secret. Anyone can use the
public key to encrypt a message, but with currently published methods, if the public key is large
enough, only someone with knowledge of the prime factors can feasibly decode the
http://en.wikipedia.org/wiki/Public-key_cryptographyhttp://en.wikipedia.org/wiki/Cryptosystemhttp://en.wikipedia.org/wiki/Encryption_keyhttp://en.wikipedia.org/wiki/Decryption_keyhttp://en.wikipedia.org/wiki/Decryption_keyhttp://en.wikipedia.org/wiki/Factorizationhttp://en.wikipedia.org/wiki/Prime_numberhttp://en.wikipedia.org/wiki/Factoring_problemhttp://en.wikipedia.org/wiki/Ron_Rivesthttp://en.wikipedia.org/wiki/Adi_Shamirhttp://en.wikipedia.org/wiki/Adi_Shamirhttp://en.wikipedia.org/wiki/Leonard_Adlemanhttp://en.wikipedia.org/wiki/Clifford_Cockshttp://en.wikipedia.org/wiki/Classified_informationhttp://en.wikipedia.org/wiki/Product_(mathematics)http://en.wikipedia.org/wiki/Prime_numberhttp://en.wikipedia.org/wiki/Prime_numberhttp://en.wikipedia.org/wiki/Product_(mathematics)http://en.wikipedia.org/wiki/Classified_informationhttp://en.wikipedia.org/wiki/Clifford_Cockshttp://en.wikipedia.org/wiki/Leonard_Adlemanhttp://en.wikipedia.org/wiki/Adi_Shamirhttp://en.wikipedia.org/wiki/Adi_Shamirhttp://en.wikipedia.org/wiki/Ron_Rivesthttp://en.wikipedia.org/wiki/Factoring_problemhttp://en.wikipedia.org/wiki/Prime_numberhttp://en.wikipedia.org/wiki/Factorizationhttp://en.wikipedia.org/wiki/Decryption_keyhttp://en.wikipedia.org/wiki/Decryption_keyhttp://en.wikipedia.org/wiki/Encryption_keyhttp://en.wikipedia.org/wiki/Cryptosystemhttp://en.wikipedia.org/wiki/Public-key_cryptography -
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
58/82
PREPARED BY ARUN PRATAP SINGH 57
57
message.[2] Breaking RSA encryption is known as the RSA problem. It is an open question
whether it is as hard as the factoring problem.
Comp lexity of operations in RSA
Encrypt ion , decrypt ion, and key generat ion in RSA
http://en.wikipedia.org/wiki/RSA_(cryptosystem)#cite_note-rsa-2http://en.wikipedia.org/wiki/RSA_(cryptosystem)#cite_note-rsa-2http://en.wikipedia.org/wiki/RSA_(cryptosystem)#cite_note-rsa-2http://en.wikipedia.org/wiki/Encryptionhttp://en.wikipedia.org/wiki/RSA_problemhttp://en.wikipedia.org/wiki/RSA_problemhttp://en.wikipedia.org/wiki/Encryptionhttp://en.wikipedia.org/wiki/RSA_(cryptosystem)#cite_note-rsa-2 -
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
59/82
PREPARED BY ARUN PRATAP SINGH 58
58
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
60/82
PREPARED BY ARUN PRATAP SINGH 59
59
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
61/82
PREPARED BY ARUN PRATAP SINGH 60
60
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
62/82
PREPARED BY ARUN PRATAP SINGH 61
61
Example :
Here is an example of RSA encryption and decryption. The parameters used here are artificially
small, but one can alsouse OpenSSL to generate and examine a real keypair.
1. Choose two distinct prime numbers, such as
and
2. Compute n=pqgiving
3. Compute thetotient of the product as (n) = (p1)(q1) giving
4. Choose any number 1 < e< 3120 that is coprime to 3120. Choosing a prime number
for eleaves us only to check that eis not a divisor of 3120.
Let5. Compute d, themodular multiplicative inverse of e(mod (n)) yielding
The public keyis (n= 3233, e= 17). For a paddedplaintext message m, the encryption function
is
The private keyis (n= 3233, d= 2753). For an encryptedciphertext c, the decryption function is
For instance, in order to encrypt m= 65, we calculate
To decrypt c= 2790, we calculate
Both of these calculations can be computed efficiently using the square-and-multiply
algorithm formodular exponentiation.In real-life situations the primes selected would be much
larger; in our example it would be trivial to factor n, 3233 (obtained from the freely available public
key) back to the primespand q. Given e, also from the public key, we could then compute dandso acquire the private key.
Practical implementations use theChinese remainder theorem to speed up the calculation using
modulus of factors (modpqusing modpand mod q).
The values dp, dqand qinv, which are part of the private key are computed as follows:
http://en.wikibooks.org/wiki/Transwiki:Generate_a_keypair_using_OpenSSLhttp://en.wikipedia.org/wiki/Totienthttp://en.wikipedia.org/wiki/Coprimehttp://en.wikipedia.org/wiki/Modular_multiplicative_inversehttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Ciphertexthttp://en.wikipedia.org/wiki/Square-and-multiply_algorithmhttp://en.wikipedia.org/wiki/Square-and-multiply_algorithmhttp://en.wikipedia.org/wiki/Modular_exponentiationhttp://en.wikipedia.org/wiki/Chinese_remainder_theoremhttp://en.wikipedia.org/wiki/Chinese_remainder_theoremhttp://en.wikipedia.org/wiki/Modular_exponentiationhttp://en.wikipedia.org/wiki/Square-and-multiply_algorithmhttp://en.wikipedia.org/wiki/Square-and-multiply_algorithmhttp://en.wikipedia.org/wiki/Ciphertexthttp://en.wikipedia.org/wiki/Plaintexthttp://en.wikipedia.org/wiki/Modular_multiplicative_inversehttp://en.wikipedia.org/wiki/Coprimehttp://en.wikipedia.org/wiki/Totienthttp://en.wikibooks.org/wiki/Transwiki:Generate_a_keypair_using_OpenSSL -
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
63/82
PREPARED BY ARUN PRATAP SINGH 62
62
Here is how dp, dqand qinvare used for efficient decryption. (Encryption is efficient by choice of
public exponent e)
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
64/82
PREPARED BY ARUN PRATAP SINGH 63
63
SECURE WEB DOCUMENTS :
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
65/82
PREPARED BY ARUN PRATAP SINGH 64
64
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
66/82
PREPARED BY ARUN PRATAP SINGH 65
65
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
67/82
PREPARED BY ARUN PRATAP SINGH 66
66
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
68/82
PREPARED BY ARUN PRATAP SINGH 67
67
Most of the data transfer in the current WWW is insecure. Clients simply connect to Web servers
and request the documents stored there. This approach is clearly vulnerable to man-in-the-middle
attacks, not to mention malicious caches. In such an attack scenario, an active attacker intercepts
the clients request, and answers with his own document. Although such attacks are infrequent,
that is probably as much due to the lack of determination on the part of the attackers as to the
inherent security of the underlying network architecture. Furthermore, due to the possibility of
such attacks, the security of an HTTP request is downgraded to the security of the weakest
network link/router on the request path. In the current WWW, the most common protection against
such attacks is through TLS (Transport Layer Security). TLS uses public-key cryptography to
authenticate servers and establish secure channels between servers and clients.
The main problem with TLS is that it requires servers to be trusted. The secure channel between
the client and server does not help at all if a malicious server sends bogus data over it. For this
reason, TLS allows documents to be replicated only on trusted servers, which greatly restricts the
set of acceptable hosts.
Turning back to our GlobeDoc objects, we can see that a mechanism like TLS is clearly not suited
for ensuring data integrity. As mentioned in Section 2, GlobeDoc objects dynamically place their
replicas on (possibly) untrusted object servers close to where their client requests are coming
from. Our assumption is that most of these servers are honest, but we need to consider the
possibility that some of them may try to replace the documents they host with fake data. Therefore,
we need a security mechanism that enforces the following three properties on the replicated state
of a GlobeDoc:
Authenticity - the document the client receives from a server has indeed been created by the
objects owner. No attacker or malicious server should be able to pass off one of their own
documents as being part of the object.
Freshness - the client is guaranteed to receive the most recent version of a document part of a
object. No attacker or malicious server should be able to pass off genuine but old versions of a
document and convince the client they are fresh.
Consistency - the client is guaranteed to receive a document, part of the object, that is consistent
to what she has requested. No attacker or malicious server should be able to replace the
requested document with another fresh document part of the same object.
DIGITAL SIGNATURE :
A digital signature is a mathematical scheme for demonstrating the authenticity of a digital
message or document. A valid digital signature gives a recipient reason to believe that themessage was created by a known sender, such that the sender cannot deny having sent the
message (authentication and non-repudiation)and that the message was not altered in transit
(integrity). Digital signatures are commonly used for software distribution, financial transactions,
and in other cases where it is important to detect forgery or tampering.
http://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Non-repudiationhttp://en.wikipedia.org/wiki/Data_integrityhttp://en.wikipedia.org/wiki/Data_integrityhttp://en.wikipedia.org/wiki/Non-repudiationhttp://en.wikipedia.org/wiki/Authentication -
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
69/82
PREPARED BY ARUN PRATAP SINGH 68
68
OR
A digital signature scheme typically consists of three algorithms:
A key generation algorithm that selects a private key uniformly at random from a set of
possible private keys. The algorithm outputs the private key and a correspondingpublic key.
A signingalgorithm that, given a message and a private key, produces a signature.
A signature verifying algorithm that, given a message, public key and a signature, either
accepts or rejects the message's claim to authenticity.
Two main properties are required. First, the authenticity of a signature generated from a fixedmessage and fixed private key can be verified by using the corresponding public key. Secondly,
it should be computationally infeasible to generate a valid signature for a party without knowing
that party's private key.
http://en.wikipedia.org/wiki/Key_generationhttp://en.wikipedia.org/wiki/Key_generationhttp://en.wikipedia.org/wiki/Uniform_distribution_(discrete)http://en.wikipedia.org/wiki/Uniform_distribution_(discrete)http://en.wikipedia.org/wiki/Key_generation -
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
70/82
PREPARED BY ARUN PRATAP SINGH 69
69
A diagram showing how a digital signature is applied and then verified.
Why Digital Signatures?
To provide Authenticity, Integrity and Non-repudiation to electronic documents
To use the Internet as the safe and secure medium for e-Commerce and e-Governance
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
71/82
PREPARED BY ARUN PRATAP SINGH 70
70
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
72/82
PREPARED BY ARUN PRATAP SINGH 71
71
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
73/82
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
74/82
PREPARED BY ARUN PRATAP SINGH 73
73
-
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
75/82
PREPARED BY ARUN PRATAP SINGH 74
74
Digital signatures are often used to implementelectronic signatures,a broader term that refers to
any electronic data that carries the intent of a signature, but not all electronic signatures use digital
signatures. In some countries, including the United States, India, Brazil, and members of
theEuropean Union,electronic signatures have legal significance.
Digital signatures employ a type ofasymmetric cryptography.For messages sent through a non
secure channel, a properly implemented digital signature gives the receiver reason to believe the
message was sent by the claimed sender. Digital signatures are equivalent to traditional
handwritten signatures in many respects, but properly implemented digital signatures are more
difficult to forge than the handwritten type. Digital signature schemes, in the sense used here, are
cryptographically based, and must be implemented properly to be effective. Digital signatures can
also providenon-repudiation,meaning that the signer cannot successfully claim they did not sign
a message, while also claiming theirprivate key remains secret; further, some non-repudiation
schemes offer a time stamp for the digital signature, so that even if the private key is exposed,
the signature is valid. Digitally signed messages may be anything representable as abit string:examples includeelectronic mail, contracts, or a message sent via some other cryptographic
protocol.
How they work :
To create RSA signature keys, generate an RSA key pair containing a modulus N that is the
product of two large primes, along with integers eand dsuch that e d1 (mod (N)), where is
theEuler phi-function.The signer's public key consists of Nand e, and the signer's secret key
contains d.
To sign a message m, the signer computes md(mod N). To verify, the receiver checks that
em(mod N).
As noted earlier, this basic scheme is not very secure. To prevent attacks, one can first apply
a cryptographic hash function to the message mand then apply the RSA algorithm described
above to the result. This approach can be proven secure in the so-calledrandom oracle model.
Most early signature schemes were of a similar type: they involve the use of a trapdoorpermutation,such as the RSA function, or in the case of the Rabin signature scheme, computing
square modulo composite n.A trapdoor permutation family is a family ofpermutations,specified
by a parameter, that is easy to compute in the forward direction, but is difficult to compute in the
reverse direction without already knowing the private key. However, for every parameter there is
a "trapdoor" (private key) which when known, easily decrypts the message. Trapdoor
permutations can be viewed as public-key encryption systems, where the parameter is the public
http://en.wikipedia.org/wiki/Electronic_signaturehttp://en.wikipedia.org/wiki/European_Unionhttp://en.wikipedia.org/wiki/Asymmetric_key_algorithmhttp://en.wikipedia.org/wiki/Non-repudiationhttp://en.wikipedia.org/wiki/Private_keyhttp://en.wikipedia.org/wiki/Bitstringhttp://en.wikipedia.org/wiki/Electronic_mailhttp://en.wikipedia.org/wiki/Contracthttp://en.wikipedia.org/wiki/Cryptographic_protocolhttp://en.wikipedia.org/wiki/Cryptographic_protocolhttp://en.wikipedia.org/wiki/Modular_arithmetichttp://en.wikipedia.org/wiki/Modular_arithmetichttp://en.wikipedia.org/wiki/Modular_arithmetichttp://en.wikipedia.org/wiki/Euler%27s_totient_functionhttp://en.wikipedia.org/wiki/Cryptographic_hash_functionhttp://en.wikipedia.org/wiki/Random_oracle_modelhttp://en.wikipedia.org/wiki/Random_oracle_modelhttp://en.wikipedia.org/wiki/Trapdoor_permutationhttp://en.wikipedia.org/wiki/Trapdoor_permutationhttp://en.wikipedia.org/wiki/Permutationhttp://en.wikipedia.org/wiki/Permutationhttp://en.wikipedia.org/wiki/Trapdoor_permutationhttp://en.wikipedia.org/wiki/Trapdoor_permutationhttp://en.wikipedia.org/wiki/Random_oracle_modelhttp://en.wikipedia.org/wiki/Cryptographic_hash_functionhttp://en.wikipedia.org/wiki/Euler%27s_totient_functionhttp://en.wikipedia.org/wiki/Modular_arithmetichttp://en.wikipedia.org/wiki/Cryptographic_protocolhttp://en.wikipedia.org/wiki/Cryptographic_protocolhttp://en.wikipedia.org/wiki/Contracthttp://en.wikipedia.org/wiki/Electronic_mailhttp://en.wikipedia.org/wiki/Bitstringhttp://en.wikipedia.org/wiki/Private_keyhttp://en.wikipedia.org/wiki/Non-repudiationhttp://en.wikipedia.org/wiki/Asymmetric_key_algorithmhttp://en.wikipedia.org/wiki/European_Unionhttp://en.wikipedia.org/wiki/Electronic_signature -
8/12/2019 Web Technology and Commerce Unit-5 by Arun Pratap Singh
76/82
PREPARED BY ARUN PRATAP SINGH 75
75
key and the trapdoor is the secret key, and where encrypting corresponds to computing the
forward direction of the permutation, while decrypting corresponds to the reverse direction.
Trapdoor permutations can also be viewed as digital signature schemes, where computing the
reverse direction with the secret key is thought of as signing, and computing the forward direction
is done to verify signatures. Because of this correspondence, digital signatures are oftendescribed as based on public-key cryptosystems, where signing is equivalent to decryption and
verification is equivalent to encryption, but this is not the only way digital signatures are computed.
Used directly, this type of signature scheme is vulnerable to a key-only existential forgery attack.
To create a forgery, the attacker picks a random signature and uses the verification procedure
to determine the message mcorresponding to that signature. In practice, however, this type of
signature is not used directly, but rather, the message to be signed is first hashed to produce a
short digest that is then signed. This forgery attack, then, only produces the hash function output
that corresponds to , but not a message that leads to that value, which does not lead to an
attack. In the random oracle model, this hash-then-sign form of signature is existentiallyunforgeable, even against achosen-plaintext attack.
There are several reasons to sign such a hash (or message digest) instead of the whole
document.
For efficiency: The signature will be much shorter and thus save time since hashing is
generally much faster than signing in practice.
For compatibility:Messages are typically bit strings, but some signature schemes operate
on other domains (such as, in the case of RSA, numbers modulo a composite number N). A
hash function can be used to convert an arbitrary input into the proper format. For integrity: Without the hash function, the text "to be signed" may have to be split
(separated) in blocks small enough for the signature scheme to act on them directly. However,
the receiver of the signed blocks is not able to recognize if all the blocks are present and in
the appropriate order.
Applications of digital signatures
As organizations move away from paper documents with ink signatures or authenticity stamps,
digital signatures can provide added assurances of the evidence to provenance, identity, and
status of an electronic document as well as acknowledging informed consent and approval by a
signatory. The United States Government Printing Office (GPO) publishes electronic versions of
the budget, public and private laws, and congressional bills with digital signatures. Universities
including Penn State, University of Chicago, and Stanford are publishing electronic student
transcripts with digital signatures.
Below are some common reasons for applying a digital signature to communications:
http://en.wikipedia.org/wiki/Cryptographic_hash_functionhttp://en.wikipedia.org/wiki/Full_domain_hashhttp://en.wikipedia.org/wiki/Chosen-plaintext_attackhttp://en.wikipedia.org/wiki/University_of_Chicagohttp://en.wikipedia.org/wiki/University_of_Chicagohttp://en.wikipedia.org/wiki/Chosen-plaintext_attackhttp://en.wikipedia.org/wiki/Full_domain_hashhttp://en.wikipedia.org/wiki/Cryptographi