Post on 10-Apr-2018
8/8/2019 Nitin Khandelwal
1/21
SEMINAR
ONDIGITAL SINGNATURE
PRESENTED BY
NITIN KHANDELWALElectronics & CommunicationShriram College of Engg. And Management.
8/8/2019 Nitin Khandelwal
2/21
Outline
yIntroductionyWhat is Digital Signature ?yKinds of Digital SignatureyExampley
Importance of Digital Signature
8/8/2019 Nitin Khandelwal
3/21
Introduction
Most powerful single tool that users canuse to secure the internet.
Helps in making larger security requirements.
A Process Strongly associated with thepublic key encryption.
8/8/2019 Nitin Khandelwal
4/21
Outline
yIntroductionyWhat is Digital Signature ?yKinds of Digital SignatureyPractical Exampley
Importance of Digital Signature
8/8/2019 Nitin Khandelwal
5/21
DIGITAL SIGNATURE
Not Simply type of name or image of ahandwritten signature
Based on Public And Private Key encryption
Associated with a Digital Documents
8/8/2019 Nitin Khandelwal
6/21
Outline
yIntroductionyWhat is Digital Signature ?yKinds of Digital SignatureyPractical Exampley
Importance of Digital Signature
8/8/2019 Nitin Khandelwal
7/21
Kinds of Digital Signature
Private key cryptography- For signing
Public key cryptography- For verifying signature
8/8/2019 Nitin Khandelwal
8/21
Outline
yIntroductionyWhat is Digital Signature ?yKinds of Digital SignatureyPractical Exampley
Importance of Digital Signature
8/8/2019 Nitin Khandelwal
9/21
Bob's public keyBob's private key
Bobs Co-workers
Anyone can get Bob's Public
Key, but Bob keeps his Private
Key to himself
Pat Doug Susan
Practical Example: Bob is a Character
contd..
8/8/2019 Nitin Khandelwal
10/21
Bob's Public key is available to anyone who needs it, but he keeps hisPrivate Key to himself. Keys are used to encrypt information.Encrypting information means "scrambling it up", so that only a
person with the appropriate key can make it readable again. Eitherone of Bob's two keys can encrypt data, and the other key candecrypt that data.
Susan (shown below) can encrypt a message using Bob's Public Key.Bob uses his Private Key to decrypt the message. Any of Bob'scoworkers might have access to the message Susan encrypted, butwithout Bob's Private Key, the data is worthless.
Contd
8/8/2019 Nitin Khandelwal
11/21
"Hey Bob, how about
lunch at Taco Bell. Ihear they have free
refills!"
HNFmsEm6UnBejhhyC
GKOKJUxhiygSBCEiCYIh/Hn3xgKyLK1UCFH
DC/A
HNFmsEm6UnBejhhy
CKOKJUxhiygSBEiCYI
h/Hn3xgKyLK1UCFH
DC/A
"Hey Bob, how about
lunch at Taco Bell. I
hear they have free
refills!"
With his private key and the right software, Bob can put digitalsignatures on documents and other data. A digital signature is a"stamp" Bob places on the data which is unique to Bob, and is verydifficult to forge. In addition, the signature assures that any changesmade to the data that has been signed can not go undetected.
Contd..
8/8/2019 Nitin Khandelwal
12/21
Bob's software then encrypts the message digest with hisprivate key. The result is the digital signature.
To sign a document, Bob's software will crunch down thedata into just a few lines by a process called "hashing".These few lines are called a message digest. (It is notpossible to change a message digest back into theoriginal data from which it was created.)
contd.
8/8/2019 Nitin Khandelwal
13/21
Finally, Bob's software appends the digital signature to document.
All of the data that was hashed has been signed.
Bob now passes the document on to Pat.
Contd..
8/8/2019 Nitin Khandelwal
14/21
First, Pat's software decrypts the signature (using Bob'spublic key) changing it back into a message digest. If thisworked, then it proves that Bob signed the document,
because only Bob has his private key. Pat's software thenhashes the document data into a message digest. If themessage digest is the same as the message digestcreated when the signature was decrypted, then Patknows that the signed data has not been changed.
Contd..
Plot complication...
8/8/2019 Nitin Khandelwal
15/21
Doug (our disgruntled employee) wishes to deceivePat. Doug makes sure that Pat receives a signedmessage and a public key that appears to belong to
Bob. Unbeknownst to Pat, Doug deceitfully sent a keypair he created using Bob's name. Short of receivingBob's public key from him in person, how can Pat besure that Bob's public key is authentic?
It just so happens that Susan works at the company'scertificate authority center. Susan can create a digitalcertificate for Bob simply by signing Bob's public key as well assome information about Bob.
Contd..
8/8/2019 Nitin Khandelwal
16/21
Bob Info:
NameDepartment
Cubical Number
Certificate Info:
Expiration Date
Serial Number
Bob's Public Key:
Now Bob's co-workers can check Bob's trusted certificate tomake sure that his public key truly belongs to him. In fact, noone at Bob's company accepts a signature for which there doesnot exist a certificate generated by Susan.
Contd..
8/8/2019 Nitin Khandelwal
17/21
Let's say that Bob sends a signed document to Pat. To verify thesignature on the document, Pat's software first uses Susan's (thecertificate authority's) public key to check the signature on Bob's
certificate. Successful de-encryption of the certificate provesthat Susan created it.
Pat's software then takes Bob's public key from the certificateand uses it to check Bob's signature. If Bob's public key de-encrypts the signature successfully, then Pat is assured that thesignature was created using Bob's private key, for Susan hascertified the matching public key. And of course, if thesignature is valid, then we know that Doug didn't try to changethe signed content.
8/8/2019 Nitin Khandelwal
18/21
Outline
yIntroductionyWhat is Digital Signature ?yKinds of Digital SignatureyPractical ExampleyImportance of Digital Signature
8/8/2019 Nitin Khandelwal
19/21
Importance of Digital Signature
To protect privacy and confidentiality.
The Leaders save time and Money
Digital Signature is expensive, But it pays for itself.
8/8/2019 Nitin Khandelwal
20/21
Any Queries?
8/8/2019 Nitin Khandelwal
21/21
T H A N K S