Digital Signatures NITK 17Oct2015

7/24/2019 Digital Signatures NITK 17Oct2015

1/90

Digital Signatures and Public Key

Infrastructure

1

Dr. Balaji Rajendran

([email protected])

Centre for Development of Advanced Computing (C-DAC)Bangalore

17th October 2015

NITK, Surathkal


2/90

Agenda

What & Why: Digital Signature?

What is Digital Signature Certificate?

Achieving Confidentiality

Certifying Authority & Trust Model

Certificate Issuance, Types, Classes

Certificate Life Cycle Management and Validation Methods

Risks and Precautions with DS

Policy and Legal Aspects of PKI

e-Sign An Instant & Online way of Digital Signing in India

PKI Applications in India

2


3/90

Understanding Signature

Hand-written Signature Definition & PurposeA persons name written in a distinctive way as a

form of identification in authorizing a cheque ordocument

A distinctive pattern, product, or characteristic bywhich someone or something can be identified


4/90

Characteristics of Hand Signature

A and S ig nature on a document is a unique pattern dependant on some secret known only to

the signer and

Independent of the content of the message being signed


5/90

Attacks on Hand-written Signatures

Attacks on IntegrityContent Alteration / Corruption !

Attacks on Identity

Impersonation

How is Identity verified?

Authentication Process of verifying who somebody isagainst his claim

Identity is established / proved through Authentication!


6/90

Electronic World


7/90

BankCustomer

Deposit 1,00,000

in Veerus Account

Deposit 1 in Veerus

Account and 99,999 in

Gabbars Account

Breach of Integrity

Attacks on Integrity


8/90

Gabbar

Im VeeruSend Me all Corporate

Correspondence

with abc.

Veeru

Jai

Breach of Authenticity

Attacks on Identity


9/90

Basic Elements of Trust

Privacy (Confidentiality): Ensuring that onlyauthorized persons read the Data/Message/Document

Authenticity: Ensuring that Data/Message/Document

is genuine Integrity : Ensuring that Data/Message/Document are

unaltered by any unauthorized person

Non-Repudiation: Ensuring that one cannot denytheir signature or origination of a message


10/90

Digital Signatures


11/90

What is a Digital Signature ?

A Digital signature of a message is a number (fingerprint)dependent on

a secret known only to the signer and

the content of the message being signed

Properties of Signatures

Verifiable

Provides Authentication

Provides Data Integrity

Provides Non-repudiation


12/90

Creating Digital Signature

Every individual is given a pair of keys

Pu blic key : known to everyone

Private k ey : known only to the owner

To dig i ta l ly s ign an electronic document the signer uses his/her

Private ke y

To verify a digital signature the verifier uses the signers Publ ickey


13/90

Asymmetric Key Cryptography

Keys in a Key pair are mathematically related to eachother

If one of the key in a key pair is used for Encryption (orDecryption) then the other key should be used for decryption

(or Encryption) Also known as Public Key Cryptography

Knowledge of the enc ryption k ey doesnt give youknowledge of the de cryption ke y

13

KnJGdDzGSIHDZuOE iWLI+4jxMqmqVfAKr2E

Public Key Private Key

X Computationally Infeasible

X


14/90

What is a key pair?

Private Key3082 010a 0282 0101 00b1 d311 e079 5543 0708 4ccb 0542 00e2 0d83463d e493 bab6 06d3 0d59 bd3e c1ce 4367 018a 21a8 ef bc ccd0 a2cc

b055 9653 8466 0500 da44 4980 d854 0aa5 2586 94ed 6356 f f 70 6ca3

a119 d278 be68 2a44 5e2f cf cc 185e 47bc 3ab1 463d 1ef 0 b92c 345f

8c7c 4c08 299d 4055 eb3c 7d83 deb5 f 0f 7 8a83 0ea1 4cb4 3aa5 b35f

5a22 97ec 199b c105 68f d e6b7 a991 942c e478 4824 1a25 193a eb95

9c39 0a8a cf 42 b2f 0 1cd5 5f f b 6bed 6856 7b39 2c72 38b0 ee93 a9d3

7b77 3ceb 7103 a938 4a16 6c89 2aca da33 1379 c255 8ced 9cbb f 2cb5b10 f 82e 6135 c629 4c2a d02a 63d1 6559 b4f 8 cdf 9 f 400 84b6 5742

859d 32a8 f 92a 54f b f f 78 41bc bd71 28f 4 bb90 bcf f 9634 04e3 459e

a146 2840 8102 0301 0001

Public Key3082 01e4 f 267 0142 0f 61 dd12 e089 5547 0f 08 4ccb 0542 00e2 0d83 463d

e493 bab6 0673 0d59 bf 3e c1ce 4367 012a 11a8 ef bc ccd0 a2cc b055 9653

8466 0500 da44 4980 d8b4 0aa5 2586 94ed 6356 f f 70 6ca3 a119 d278 be682a44 5e2f cf cc 185e 47bc 3ab1 463d 1df 0 b92c 345f 8c7c 4c08 299d 4055

eb3c 7d83 deb5 f 0f 7 8a83 0ea1 4cb4 3aa5 b35f 5a22 97ec 199b c105 68f d

e6b7 a991 942c e478 4824 1a25 193a eb95 9c39 0a8a cf 42 b250 1cd5 5f f b

6bed 6856 7b39 2c72 38b0 ee93 a9d3 7b77 3ceb 7103 a938 4a16 6c89 2aca

da33 1379 c255 8ced 9cbb f 2cb 5b10 f 82e 6135 c629 4c2a d02a 63d1 6559

b4f 8 cdf 9 f 400 84b6 5742 859d 32a8 f 92a 54f b f f 78 41bc bd71 28f 4 bb90

bcf f 9634 04de 45de af 46 2240 8410 02f 1 0001


15/90

RSA Algorithm in brief

Key Generation Steps Choose two large prime numbers p and q

Compute n and z such that n=p*q and z=(p-1)*(q-1)

Choose a number d relatively prime to z Compute e such that (e*d )= 1 mod z

Public Key (n, e)Private Key (n, d)


16/90

RSA Algorithm in brief

Encryption Message m, cipher c

C= me

mod n

where (n,e)receivers public key

Decryption

m=c d mod n

where (n,d) receivers private key


17/90

Public Key - Structure

HEADER

MODULUS

SEPERATOR

PUBLIC EXPONENT


18/90

Private Key - Structure

MODULUS

HEADER ALGORITHM VERSION PUBLIC EXPONENT

PRIVATECOMPONENT

PRIME 1

PRIME 2

EXPONENT 1

COEFFICIENT

EXPONENT 2

SEPERATOR


19/90


20/90

Digital Signing Step 1

This is an example of

how to create a

message digest and

how to digitally sign adocument using

Public Key

cryptography

Hash MessageDigest


21/90

Hash Function

A hash function is a cryptographic mechanism that

operates as one-way function

Creates a digital representation or "fingerprint

(Message Digest)

Fixed size output

Change to a message produces different digest

Examples : MD5 , Secure Hashing Algorithm (SHA)

21 21


22/90

Hash - Example

22

Hi Jai,I will be in the park at

3 pm

Veeru

B5EA1EC376E61DB2680D0312FC26D3773F384E43

Message

Hash Algorithm

Message Digest

Hi Jai,I will be in the park at

3 pm.

Veeru

86D19C25294FB0D3E4CF8A026823439064598009

Digests are Different


23/90

Hash One-way

23

Hi Jai,

I will be in the park at

3 pm

Veeru

B5EA1EC376E61DB2680D0312FC26D3773F384E43

X


24/90

MD5 and SHA

Hi Jai,

I will be in the

park at 3 pm

Veeru

cfa2ce53017030315f

de705b9382d9f4

Message

Message Digest

Hi Jai,

I will be in the

park at 3 pm

Veeru

1f695127f210144329ef98e6da4f4adb92c5f18

2

128 Bits 160 Bits

MD5 SHA-1

Hi Jai,

I will be in the

park at 3 pm

Veeru

2g5487f56r4etert654tr

c5d5e8d5ex5gttahy55e

224/256/384/512

SHA-2


25/90

A peep into the Hash Algo SHA

SHA-512 isword-oriented

Aword is defined as 64-bits

Each blockof message consists of sixteen 64-bit words

The message digest is only eight words of 64 bit each

64 Bits = Word; 16 Words = Block;


26/90

A peep into SHA-512

A B C D E F G H

16 words , each of 64 bits= 1024

bits8 words, each of 64 bits= 512 bitsMessage block

Message digest


27/90

SHA-512 Iterating over and over


28/90

SHA-512: Structure of One Round


29/90


Encrypt with

private key

Digital

Signature

Message

Digest


30/90


Append


how to create a

message digest and

how to digitally sign adocument using

Public Key

cryptography

Digital

Signature

DigitalSignature


31/90

Digital Signing Process


32/90

Digital Signature Verification

Hash

Decrypt withpublic key

MessageDigest


how to create a

message digest andhow to digitally sign a

document using

Public Key

cryptography

Message

Digest

Digital

Signature


33/90

Digital Signature Verification


34/90

Digital Signatures - Examples

Digital Signatures are numbers

They are content and signer dependent

I agreeefcc61c1c03db8d8ea8569545c073c814a0ed755

My place of birth is Gwalior.

fe1188eecd44ee23e13c4b6655edc8cd5cdb6f25

I am 62 years old.

0e6d7d56c4520756f59235b6ae981cdb5f9820a0

I am an Engineer.

ea0ae29b3b2c20fc018aaca45c3746a057b893e7

I am a Engineer.

01f1d8abd9c2e6130870842055d97d315dff1ea3

These are digital signatures of same person on different documents


35/90

Digital Signatures - Recap

EstablishesIdentity and Authenticity of the Signer

Integrity of the document

Non-Repudiation (inability to deny being signed)to a certain extent

General Conventions

Signing Private Key of the Signer

VerificationPublic Key of the Signer


36/90

Digital Signature Certificate(DSC)


37/90

Why do we need DSC?

To firmly establish the ownership of public key

To certify and provide a strong mechanism fornon-repudiation (to inability to deny)


38/90

What is Digital Signature Certificate(DSC)?

DSC is an electronic document used to prove ownership ofa public key. The certificate includes

Information about its owner's identity,

Information about the key,

The Digital Signature of an entity that has verified thecertificate's contents are correct.

Veeru Info:Name: Veeru

Department: AMD

Certificate Info:Serial No: 93 15 H0

Exp Date: dd mm yy

Veerus Public Key

Sign


39/90

Certifying Authority (CA) ?


40/90

Certifying Authority (CA)

Certifying authority is an entity which issues Digital Signature Certificate (DSC)

It is a trusted third party

CAs are the important components of Public Key Infrastructure (PKI)

Responsibilities of CA

Verify the credentials of the person requesting for the certificate (RAs

responsibility)

Issue certificates

Revoke certificate

Generate and upload CRL


41/90

Sample Certificate


42/90

Trust Model


43/90

Hierarchical Trust Model

For a Digital Signature to have legal validity in India, it mustderive its trust from the Root CA certificate

National Root CA (RCAI)

Licensed CA (Eg. NIC) Licensed CA (Eg. IDRBT) Licensed CA (Eg. nCode)

Subscribers

. . .

. . .SubscribersSubscribers


44/90

Licensed CAs in India

National Root CA (RCAI) operated by CCA Only issues CA certificates for licensed CAs

CAs licensed under the National Root CA

National Informatics Centre (https://nicca.nic.in)

eMudhra (www.e-mudhra.com)TCS (www.tcs-ca.tcs.co.in)

nCode Solutions CA(www.ncodesolutions.com)

SafeScrypt (www.safescrypt.com)

IDRBT CA (www.idbrtca.org.in)

C-DAC (http://esign.cdac.in) Only e-Sign

As of Jan, 2015 approx. 9 Million+ DSCs have been issued


45/90

Certificate Issuance Process


46/90

Make Online

Payment

Issue Crypto

Token

OtherIdentity

Information

X.509 v3 Cert

Certificate Issuance Process


47/90

Crypto Tokens

Contain a Cryptographic co-processorwith a USB interface

Key is generated inside the token.

Key is highly secured as it doesnt leave

the token

Highly portable and Machine-

independent

FIPS 140-2 compliant; Tamper-resistant;


48/90

Certificate Classes


49/90

Classes of Certificates

3 Classes of CertificatesClass 1 Certificate Issued to Individuals

Assurance Level: Certificate will confirm Users nameand Email address

Suggested Usage: Signing certificate primarily be usedfor signing personal emails and encryption certificate isto be used for encrypting digital emails andSSL certificate to establish secure communication

through SSL


50/90


Class 2 Certificate Issued for both business personnel and private

individuals use

Assurance Level: Conforms the details submitted inthe form including photograph and documentary

proof

Suggested Usage: Signing certificate may also be usedfor digital signing, code signing, authentication for VPNclient, Web form signing, user authentication, Smart Card

Logon, Single sign-on and signing involved in e-procurement / e-governance applications, in addition toClass-I usage


51/90


Class 3 Certificate

Issued to Individuals and Organizations

Assurance Level: Highest level of Assurance; Provesexistence of name of the organization, and assures

applicants identity authorized to act on behalf of the

organization.

Suggested Usage: Signing certificate may also be used fordigital signing for discharging his/her duties as per official

designation and encryption certificate to be used forencryption requirement as per his/her official capacity


52/90

Types of Certificates


53/90

Types of Certificates

Signing Certificate (DSC)

Issued to a person for signing of electronicdocuments

Encryption Certificate

Issued to a person for the purpose of Encryption;

SSL Certificate

Issued to a Internet domain name (Web Servers,

Email Servers etc)


54/90

Achieving Secrecy


55/90

Message Public key

Encrypted Message

Eavesdropper

A

Message

BEncrypt Decrypt

Private key

Achieving Secrecy through Asymmetric

Key Encryption

A t i E ti & D ti


56/90

Asymmetric Encryption & Decryption

Hi Veeru

I am Jai

Hi VeeruI am Jai

Encryptor Decryptor

Jai

Veerus Public

KeyVeerus

Private Key

#$23R*7e

Encrypted Message

Veeru

Message MessageGabbar


57/90

Achieving PAIN !

How to achieve Privacy, Authenticity, Integrityand Non-repudiation all together in atransaction


58/90

Signcryption

Why do you need Signcryption ?

The intended receiver alone should know thecontents of the message

Secrecy / Confidentiality / Privacy

The receiver should be sure that The message has come from the claimed sender only

Authentication

The message has not been tampered

Integrity

Signer has used a valid and trustable certificate

Non-Repudiation


59/90

General Conventions

Encryption Public Key of the Receiver

Decryption Private Key of the Receiver


Verification Public key of the Signer


60/90

File Formats with Extensions Description

.CER Contains only Public Key

.CRT Contains only Public Key

.DER Contains only Public Key

.P12 Contains Public and Private Key

.PFX Contains Public and Private Key

.PEM, .KEY, .JKS Contains Public and Private Key

.CSR Certificate Signing Request

.CRL Certificate Revocation List

Certificate Extensions


61/90

Certificate Lifecycle Management

A Digital Signature Certificate cannot be used for ever!

Typical Life cycle scenario of Digital Certificates

Use until renewal

Certificates are to be reissued regularly on expiry of validity (typically

2 years) Use until re-keying

If keys had to be changed

Use until revocation

If Certificate was revoked, typically when keys are compromised orCA discovers that certificate was issued improperly based on falsedocuments


62/90

CRL Certification Revocation List

A list containing the serial number of thosecertificates that have been revoked

Why they have been revoked?

If keys are compromised and users reports to theCA

If CA discovers, false information being used toobtain the certificate

Who maintains CRLs ?

Typically the CAs maintain the CRL


63/90

CRL Certification Revocation List

How frequently the CRL is updated ?

Generally twice a day; based on CAs policies

Is there any automated system in place foraccessing the CRL?

OCSP


64/90

Certificate Validation Methods

Validating a certificate is typically carried out by PKIenabled application

The validation process performs following checks

Digital signature of the issuer (CA)

Trust (Public Key verification) till root levelTime (Validity of the certificate)

Revocation (CRL verification)

Format

d f C !


65/90

A word of Caution!

Keep your Digital Security Tokens Safe!

Report loss of tokens immediately and seek forrevocation from the CA

If you have any doubts that private key has been

compromised, inform the CARemember that risks are inherent in any system!

Any Security system is only as safe as the weakest link inthe security chain!

Di i f PKI


66/90

Dimensions of PKI

PKI Public Key Infrastructure ecosystem is an intersection of: Cryptography (Math) Cryptographers/Researchers Technology & Implementation PKI System Developer Policy & Law PKI System & Users


67/90

e-Sign / e-Hastakshar : An OnlineElectronic Signature Service

Si / H k h


68/90

e-Sign/e-Hastakshar

e-Hastakshar offers on-line platform to citizens for instant signing of their

documents securely in a legally acceptable form, under the Indian IT Act

C-DAC through its e-Sign/e-Hastakshar initiative enables citizens with

valid Aadhaar ID and registered mobile number to carryout digital signing of

their documents on-line. DSC offered by C-DAC CA through eSign service to the applicant is for one-

time signing usage and shall be of class Aadhaar-eKYC OTP.

C-DAC utilizes the service of Unique Identification Authority of India (UIDAI)

for on-line e-authentication and Aadhaar eKYC Service.

As a provider of DSC and eSign services, C-DAC plays the role of a Certifying

Authority (CA) under the Controller of Certifying Authorities (CCA)

Si A hi


69/90

e-Sign Architecture

S k h ld i Si S i


70/90

Stakeholders in e-Sign Service

Si O i


71/90

e-Sign Overview

Si A h i i E


72/90

e-Sign Authentication Ecosystem

Si O ti l S i


73/90

e-Sign Operational Scenario

Two Options forOperating e-Sign Services1) Directly Connecting

to ESP

2) Using a Gateway Service Provider

C tifi t A L l


74/90

Certificate Assurance Levels

Following classes of Certificates are issued.Aadhaar-eKYC OTP:

This class of certificates shall be issued for individualsuse based on OTP authentication of subscriber through

Aadhaar e-KYC.

Aadhaar-eKYC Biometric (FP/Iris):

This class of certificate shall be issued based on biometricauthentication of subscriber through Aadhaar e-KYC

service.

B fit f Si


75/90

Benefits of e-Sign

No need of Hardware Tokens

No Physical Verification of user is required Instead of manual verification process, eSign utilizes Aadhaar

based e-Authentication (an online service)

Multiple ways to authenticate a user eSign facilitates authentication based on One-Time Password

(through registered mobile as in Aadhaar database) orBiometric (fingerprint or iris-scan). C-DAC currently uses Aadhaar-OTP based service for Authentication

Privacy is preservedAs only the thumbprint (i.e. hash) of the document is

obtained for digital signature, instead of whole document

U C f Si n S i


76/90

Use Case of e-Sign Services


77/90

Indian IT Act From the perspectiveof Digital Signatures and PKI

Objectives of Indian IT Act


78/90

Objectives of Indian IT Act

To grant legal recognition to records maintainedin electronic form

To prescribe methods for authenticatingelectronic records

To establish a hierarchical trust model with aroot CA at the top - CCA to regulate the CAs

To define computer system and computer

network misuse and make it legally actionable

IT Act 2000


79/90

IT Act 2000

IT Act 2000 made changes in the Law ofEvidence, and providesLegal recognition for electronic records and

electronic signatures, which paves the way for

Legal recognition for transactions carried out byelectronic communication Acceptance of electronic filing of documents with the

government agencies Changes in the IPC and the Indian Evidence Act 1872

were made accordingly IT Act 2000 has extra-territorial jurisdiction to cover any

offense or contravention committed outside India

Reg lation of Certif ing A thorities


80/90

Regulation of Certifying Authorities

Under the Indian Law, section 35 of the IT(Amendment) Act, 2000 deals with certificationand certifying authorities

The IT act mandates a hierarchical Trust Model

The IT Act provides the Controller forCertifying Authorities (CCA) to license andregulate the working of CA.

The CCA operates RCAI for certifying (signing)the public keys of CAs using it private key

Legal Validity of e Sign


81/90

Legal Validity of e-Sign

eSign process involves consumer consent, DSC generation,

Digital Signature creation and affixing and DSC acceptance in

accordance with provisions of Information Technology Act.

The Electronic Signatures facilitated through e-Sign Service are

legally valid provided the e-Sign signature framework is operatedunder the provisions of Second Schedule of the Information

Technology Act and Guidelines issued by the CCA.

Please referElectronic Signature or Electronic Authentication Techniqueand Procedure Rules, 2015 e-Authentication technique using Aadhaar e-

KYC services.


82/90

Present Digital Signature

& PKI Implementations

in India

PKI bl d A li i


83/90

PKI enabled Applications1 e-Invoice

(B2C)

2 e-Tax Filing(G2C)

3 e-Customs (G2B)

4 e-Passport (G2C) - Presently in India, the Ministry of External Affairs hasstarted issuing e-Passports in Karnataka state with thefingerprints and the digital photo of applicant

5 e-Governance Bhoomi (G2C)a PKI enabled registration and Land Records Services offered byGovt. of Karnataka to the people. All the land records and

certificates issued are digitally signed by the respective officer6 e-Payment (B2B) - In India, currently between banks fund transfers are

done using PKI enabled applications whereas between customersand vendors such as online shopping vendor the payment is donethrough SSL thereby requiring the vendor to hold DSC )

PKI bl d A li i


84/90

PKI enabled Applications

7 e-Billing (B2C) -The electronic delivery and presentation of financial

statement, bills, invoices, and related information sent by a

company to its customers)

8 e-Procurement G2B , B2B

9 e-Insurance

Service

(B2C) - Presently the users are getting the E-Premium

Receipts etc. which is digitally signed by the provider

10 Treasury

Operations

(G2C) Kh a ja na e II of Govt. of Karnataka uses Digital

Signatures to automate and speed up the treasury operations

Other Implementations


85/90

Other Implementations

DGFT - Clearance of goods are now initiatedby exporters through push of a button and intheir offices;

Previously it used to take days; and requests are now

cleared within 6 hours Indian Patent office has implemented e-filing of

patents and allows only use of Class-3Certificates

Around 30% of e-filing of patents is happening now,among the total filings.

Summary


86/90

Summary

PKI is an ecosystem comprising of Technology, Policyand Implementations

Digital Signatures provideAuthenticity, Integrity, and Non-Repudiation for electronic documents & transactions

Asymmetric Key system enables Confidentiality

General Conventions


Verification Public Key of the Signer

Encryption Public Key of the Receiver

Decryption Private Key of the Receiver

C l i


87/90

Conclusion

PKI and Digital Signatures have beentransforming the way traditional transactionshappen

PKI Ecosystem has the potential to usher

Transparency

Accountability

Time, Cost & Effort-savings

Speed of execution and to be an integral part of

Digital India and bring in Digital Identity

R f


88/90

References

Cryptography and Network security Principles and Practice by William Stallings Applied Cryptography: Protocols, Algorithms, and Source Code in C by Bruce Schneier

Handbook of Applied Cryptography, by Alfred Menezes and Paul Van Oorschot

Ryder, Rodney D, Guide to Cyber Laws, 3rd Edition, Wadhwa & Company, New Delhi

Digital Certificates: What are they?: http://campustechnology.com/articles/39190_2 Digital Signature & Encryption: http://www.productivity501.com/digital-signatures-

encryption/4710/

FAQ on Digital Signatures and PKI in India - http://www.cca.gov.in/cca/?q=faq-page

Controller of Certifying Authorities www.cca.gov.in

e-Sign: http://www.cca.gov.in/cca/?q=eSign.html

88

C DAC A i i i i PKI D i
http://www.cca.gov.in/http://www.cca.gov.in/


89/90

C-DAC Activities in PKI Domain

PKI Knowledge Dissemination ProgramAn effort to spread awareness and build

competencies in the domain across the country

PKI Body of Knowledge

To develop a BoK with inputs from various sectionsof users

Researchers Algorithms and new directions in PKI

Developers PKI Administration and implementationissues

Policy Makers - Laws

End Users and Applications


90/90

Thank [email protected]

Digital Signatures NITK 17Oct2015

Documents

Transcript of Digital Signatures NITK 17Oct2015