Digital Signature
-
Upload
rahul-yadav -
Category
Education
-
view
654 -
download
6
description
Transcript of Digital Signature
THE INSTITUTE OF CHARTERED ACCOUNTANTS OF INDIA
RAHUL YADAV
BATCH COMMENCEMENT DATE: 2ND DECEMBER 2013 PROJECT TOPIC: EXPAIN DIGITAL SIGNATURE WITH EXAMPLES.
SUBMITTED BY: -
CRO0428146
ITT CENTRE NAME: BIKANER BRANCH OF CIRC OF ICAI
1
2
BIKANER BRANCH OF CIRC OF ICAI C-I009
BATCH NO.: Bikaner-12/13/81 CA. RAJIV AERON MISS SONALI JAIN BRANCH CHAIRMAN FACULTY MEMBER
THE INSTITUTE OF CHARTERED ACCOUNTANTS OF INDIA
3
This Is To Certify That MR. RAHUL YADAV Has Under Taken A Project On DIGITAL SIGNATURE WITH EXAMPLES . After Going Through The Report, We Wish To Record Our Satisfaction & Commend To MISS SONALI JAIN For The Effort Put In By Their In This Exercise.
CERTIFICATE
CA. RAJIV AERON MISS SONALI JAIN BRANCH CHAIRMAN FACULTY MEMBER
4
SUBMITTED BY RAHUL YADAV UNDER THE GUIDANCE OF MISS SONALI JAIN (I.T.T. FACULTY)
Submitted In Partial Fulfillment For The I.T. Training Conducted By Bikaner Branch Of I.C.A.I For The Course Of I.P.C.C.BATCH NO. BIKANER-12/13/81
REG. NO. BKN/13-14/1607
DIGITAL SIGNATURE WITH EXAMPLES
THE INSTITUTE OF CHARTERED ACCOUNTANTS OF INDIA
Acknowledgement
While coming on acknowledgement, it seems to me closing of long chapter of reminiscences which bloomed and gloomed at BRANCH CHAIRMEN CA Rajiv Aeron, BIKANER BRANCH OF CIRC OF ICAI, BIKANER.
This is my proud privilege to express my sincere and deep sense of gratitude my faculty member Ms. Sonali Jain for inspiration guidance, persistent involvement, scholarly suggestion and constructive critical supervision throughout the pursuit of present study.
And finally many thanks to all those friends who kept company and who directly or indirectly helped me in the completing of this project work.
RAHUL YADAV5Submitted By :- Rahul Yadav
ITT Reg. no. :- BKN/2013-14/1607
6Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607
Digital Signature
Introduction ….8-11 How they work ..13-15 What is D.S Technology .…16 Application ……17 Why use..Reason …18-23 WYSIWUS …..24 Public key Certificate …..25 Digital Certificate .….26 Why Digital Signature …..27 Paper vs Digital Signature ….28 Conclusion ….29 Bibliography …..30
INDEX
Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607 7
INTRODUCTIONA DIGITAL SIGNATURE is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, such that the sender cannot deny having sent the message(authentication and non-repudiation)and that the message was not altered in transit(integrity). Digital signatures are commonly used for software distribution, financial transactions, and in other cases where it is important to detectforgery or tampering.
Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607 8
Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607 9
Digital signatures are often used to implement electronic signatures, a broader term that refers to any electronic data that carries the intent of a signature, but not all electronic signatures use digital signatures. In some countries, including the United States, India, and members of the European Union, electronic signatures have legal significance. For messages sent through a non secure channel, a properly implemented digital signature gives the receiver reason to believe the message was sent by the claimed sender. Digital signatures are more difficult to forge than the handwritten type. Digital signatures can also provide non-repudiation, meaning that the signer cannot successfully claim they did not sign a message.
EXPLANATION
Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607 10
A digital signature scheme typically consists of three algorithms:-
A key generation algorithm that selects a private key uniformly at random from a set of possible private keys. The algorithm outputs the private key and a corresponding public key.
A signing algorithm that, given a message and a private key,
produces a signature.
A signature verifying algorithm that, given a message, public key and a signature, either accepts or rejects the message's claim to authenticity.
Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607 11
In 1976, Whitfield Diffie and Martin Hellman first described the notion of a digital signature scheme, although they only conjectured that such schemes existed.
Soon afterwards, Ronald Rivest, Adi Shamir, and Len Adleman invented the RSA algorithm, which could be used to produce primitive digital signatures. .
The first widely marketed software package to offer digital signature was Lotus Notes 1.0, released in1989, which used the RSA algorithm..
HISTORY
12Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607
Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607 13
BOB ALICE
PLAIN TEXTDear Alice– The MeetingWill be Held in Embassy .
Public key(e,n)Private key(d)
CIPHERTEXTQrne cliae– Gur zasder bh ke measy
Encr
yptio
n fu
nctio
n
ORIGINAL PLAIN TEXTDear Alice—The Meeting Will be Held in Embassy
Dec
rypti
on
func
tion
No Secret key is ever exchanged.
Alice does not need her own key to use the system.
14Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607
BOBALICE
I Hereby Give You A Raise.
I Hereby Give You A Raise192 2343 9102
I Hereby Give You A Raise.I Hereby Give You A Raise.
Public (e,n)Private (d)
Encrypt with the Private Key Attach to the end of the original message.
Decrypt with the Public Key Authenticate by Comparing to Plaintext Message
15Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607
BOB
I Hereby Give You A Raise.
I Hereby Give You A Raise192 2343
9102
I Hereby Give You A Raise.Haye ahge kae gakg.
ALICEEvil
Evil Faked
Public (e,n)
Signature does not Match Message=>
Message not Authenticated
16Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607
What is Digital Signature Technology…??Generating message’s digest (hash result)
Using Public Key to encrypt hash result
Result of the encryption: digital signature
Sender sendsmessage,digital signature andcertificate to receiver
Receiver wants to checkIntegrity :-Generating hash result, compare it to the sender’s hash result and decrypting the message with the sender’s public keyAuthenticity :-Can be checked by means of the certificate
17Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607
Some common reasons for ApplyingDigital Communication
Although messages may often include information about the entity sending a message, that information may not be accurate. Digital signatures can be used to authenticate the source of messages.
The importance of high confidence in sender authenticity is especially obvious in a financial context.
For example, suppose a bank's branch office sends instructions to the central office requesting a change in the balance of an account. If the central office is not convinced that such a message is truly sent from an authorized source, acting on such a request could be a grave mistake.
Authentication :-
18Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607
How do we do this if theDocument is Digital and Not Paper..?
19Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607
Has this Email Signed..?Graphic
file
This can be Forged easliy…!
20Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607
A True Signature: Is Authentic. Cannot be Forged. Cannot be Refused. Proves document has not been Altered. Cannot be Repudiated.
Digital Signature Which Do this for Electronic Document.
21Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607
In many scenarios, the sender and receiver of a message may have a need for confidence that the message has not been altered during transmission. Although encryption hides the contents of a message, it may be possible to change an encrypted message without understanding it.
However, if a message is digitally signed, any change in the message after signature invalidates the signature. Furthermore, there is no efficient way to modify a message and its signature to produce a new message with a valid signature.
22Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607
Non-repudiation, or more specifically non-repudiation of origin, is an important aspect of digital signatures. By this property, an entity that has signed some information Documents cannot at a later time deny having signed it.
. Checking revocation status requires an "online" check, e.g. checking Very roughly this is analogous to a vendor who receives credit-cards first checking online with the credit-card issuer to find if a given card has been reported lost or stolen.
Non-repudiation :-
23Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607
In order to be semantically interpreted, the bit string must be transformed into a form that is meaningful for humans and applications, and this is done through a combination of hardware and software based processes on a computer system.
WYSIWYS means that the semantic interpretation of a signed message cannot be changed. In particular this also means that a message cannot contain hidden information that the signer is unaware of, and that can be revealed after the signature has been applied.
WYSIWYS is a necessary requirement for the validity of digital signatures, but this requirement is difficult to guarantee because of the increasing complexity of modern computer systems.
24Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607
A public key certificate (also known as a digital certificate) is an electronic document that uses a digital signature to bind a public key with an identity — information such as the name of a person or an organization, their address, and so forth.
Public Key Certificate
In a typical public key infrastructure (PKI) scheme, the signature will be of a certificate authority (CA). There are Three Companies in INDIA which certified the Digital Signature:- 1). Infosys 2). Wipro 3). TCS
25
A Digital Certificate typically contains the:
Owner's public key
Owner's name
Expiration date of the public key
Name of the issuer (the CA that issued the
Digital Certificate)
Serial number of the Digital Certificate
Digital signature of the issuer Submitted By :- Rahul Yadav
ITT Reg. no. :- BKN/2013-14/1607
A Digital Certificate is issued by a Certification
Authority (CA) and signed with the CA's
private key.
26Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607
Why Digital Signature..? Authentication,
Integrity,
Low cost,
Eliminates the use of paper,
Faster Procedures,
Completely Secure.
27Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607
Paper SignatureVS.
Digital SignaturePARAMETER PAPER DIGITAL
Authenticity May be Forged. Can not be Forged.
Integrity Signature independent of the Document.
Signature depends on the contents of the documents.
Non- Repudiation a. Handwriting expert needed.b. Error prone.
a. Any computer user.b. Error free.
28Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607
ConclusionDigital signatures are a valuable technology
for every major corporation. Combined with RSAand PKI for certificate lifecycle management digital signatures can speed up business processes.
It as well supports any other security application based on digital certificates. For instance, Virtual Private Networks, e-mail encryption, and secure WWW portals can be realized with the digital certificates provided by RSA and PKI. The more applications a PKI is used for, the more economic it gets.
29Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607
BIBLIOGRAPHY
I T T MODULES
MISS SONALI JAIN
My Hard Work
My Efforts
My Creativity
30Submitted By :- Rahul Yadav ITT Reg. no. :- BKN/2013-14/1607