Nitin Khandelwal

8/8/2019 Nitin Khandelwal

1/21

SEMINAR

ONDIGITAL SINGNATURE

PRESENTED BY

NITIN KHANDELWALElectronics & CommunicationShriram College of Engg. And Management.


2/21

Outline

yIntroductionyWhat is Digital Signature ?yKinds of Digital SignatureyExampley

Importance of Digital Signature


3/21

Introduction

Most powerful single tool that users canuse to secure the internet.

Helps in making larger security requirements.

A Process Strongly associated with thepublic key encryption.


4/21

Outline

yIntroductionyWhat is Digital Signature ?yKinds of Digital SignatureyPractical Exampley



5/21

DIGITAL SIGNATURE

Not Simply type of name or image of ahandwritten signature

Based on Public And Private Key encryption

Associated with a Digital Documents


6/21

Outline




7/21

Kinds of Digital Signature

Private key cryptography- For signing

Public key cryptography- For verifying signature


8/21

Outline




9/21

Bob's public keyBob's private key

Bobs Co-workers

Anyone can get Bob's Public

Key, but Bob keeps his Private

Key to himself

Pat Doug Susan

Practical Example: Bob is a Character

contd..


10/21

Bob's Public key is available to anyone who needs it, but he keeps hisPrivate Key to himself. Keys are used to encrypt information.Encrypting information means "scrambling it up", so that only a

person with the appropriate key can make it readable again. Eitherone of Bob's two keys can encrypt data, and the other key candecrypt that data.

Susan (shown below) can encrypt a message using Bob's Public Key.Bob uses his Private Key to decrypt the message. Any of Bob'scoworkers might have access to the message Susan encrypted, butwithout Bob's Private Key, the data is worthless.

Contd


11/21

"Hey Bob, how about

lunch at Taco Bell. Ihear they have free

refills!"

HNFmsEm6UnBejhhyC

GKOKJUxhiygSBCEiCYIh/Hn3xgKyLK1UCFH

DC/A

HNFmsEm6UnBejhhy

CKOKJUxhiygSBEiCYI

h/Hn3xgKyLK1UCFH

DC/A

"Hey Bob, how about

lunch at Taco Bell. I

hear they have free

refills!"

With his private key and the right software, Bob can put digitalsignatures on documents and other data. A digital signature is a"stamp" Bob places on the data which is unique to Bob, and is verydifficult to forge. In addition, the signature assures that any changesmade to the data that has been signed can not go undetected.

Contd..


12/21

Bob's software then encrypts the message digest with hisprivate key. The result is the digital signature.

To sign a document, Bob's software will crunch down thedata into just a few lines by a process called "hashing".These few lines are called a message digest. (It is notpossible to change a message digest back into theoriginal data from which it was created.)

contd.


13/21

Finally, Bob's software appends the digital signature to document.

All of the data that was hashed has been signed.

Bob now passes the document on to Pat.

Contd..


14/21

First, Pat's software decrypts the signature (using Bob'spublic key) changing it back into a message digest. If thisworked, then it proves that Bob signed the document,

because only Bob has his private key. Pat's software thenhashes the document data into a message digest. If themessage digest is the same as the message digestcreated when the signature was decrypted, then Patknows that the signed data has not been changed.

Contd..

Plot complication...


15/21

Doug (our disgruntled employee) wishes to deceivePat. Doug makes sure that Pat receives a signedmessage and a public key that appears to belong to

Bob. Unbeknownst to Pat, Doug deceitfully sent a keypair he created using Bob's name. Short of receivingBob's public key from him in person, how can Pat besure that Bob's public key is authentic?

It just so happens that Susan works at the company'scertificate authority center. Susan can create a digitalcertificate for Bob simply by signing Bob's public key as well assome information about Bob.

Contd..


16/21

Bob Info:

NameDepartment

Cubical Number

Certificate Info:

Expiration Date

Serial Number

Bob's Public Key:

Now Bob's co-workers can check Bob's trusted certificate tomake sure that his public key truly belongs to him. In fact, noone at Bob's company accepts a signature for which there doesnot exist a certificate generated by Susan.

Contd..


17/21

Let's say that Bob sends a signed document to Pat. To verify thesignature on the document, Pat's software first uses Susan's (thecertificate authority's) public key to check the signature on Bob's

certificate. Successful de-encryption of the certificate provesthat Susan created it.

Pat's software then takes Bob's public key from the certificateand uses it to check Bob's signature. If Bob's public key de-encrypts the signature successfully, then Pat is assured that thesignature was created using Bob's private key, for Susan hascertified the matching public key. And of course, if thesignature is valid, then we know that Doug didn't try to changethe signed content.


18/21

Outline

yIntroductionyWhat is Digital Signature ?yKinds of Digital SignatureyPractical ExampleyImportance of Digital Signature


19/21


To protect privacy and confidentiality.

The Leaders save time and Money

Digital Signature is expensive, But it pays for itself.


20/21

Any Queries?


21/21

T H A N K S

Nitin Khandelwal

Documents

Transcript of Nitin Khandelwal