Digital Signature Jisha George A Assistant Professor Department

Digital Signature Jisha George A. Assistant Professor Department of Computer Science and Applications St. Mary’s College Thrissur

DEFINITION v A digital code (generated and authenticated by public key encryption) which is attached to an electronically transmitted document to verify its contents and the sender's identity. Digital Signature, Jisha George A, St. Mary’s College

Public Key Cryptography and its Demerits Public Key Cryptogragraphy- v The sender is assigned 2 keys- one public and one private. v Original message is encrypted using the public key. v The recipient of the message requires the private key to decrypt the message and can determine whether the message has been altered or not. Demerits- v This method guarantees the integrity of the data. But not guarantee the identity of the sender. Digital Signature, Jisha George A, St. Mary’s College

Digital Signature- Merits v Digital Signature is the solution for authenticity in various fields v Provide data integrity- allowing the data to remain in the same state which it was transmitted Digital Signature, Jisha George A, St. Mary’s College

Digital Signatures Involves 2 Processes Digital signature creation (performed by Digital signature verification (performed the signer) by the receiver) Digital Signature, Jisha George A, St. Mary’s College

Digital Signature Creation v In order to compute the digital signature a one way hashing algorithm may be used to first calculate a message digest. v Message Digest is a unique number that can only be calculated from the contents of the original message. v Once message digest is calculated the sender’s private key is used to encrypt the message digest ENCRYPTED MESSAGE DIGEST IS KNOWN AS DIGITAL SIGNATURE Digital Signature, Jisha George A, St. Mary’s College

Digital Signature Verification v Process of checking the digital signature by reference to the original message and given public key v Determine whether the digital signature was created for that same message using the private key corresponding to the referenced public key v Verification of the digital signature is accomplished by computing a new hash result of the original message by means of the same hash function used to create the digital signature Digital Signature, Jisha George A, St. Mary’s College

Digital Signature Verification continues… Then, using the public key and the new hash result, the verifier checks: (i) whether the digital signature was created using the corresponding Private Key and (ii) whether the newly computed hash result matches the original hash result which was transformed into the digital signature during the signing process Digital Signature, Jisha George A, St. Mary’s College

Certification Authority v Performs the task of managing the key pairs. v Issues a certificate which links an individual or entity to its public key and in some cases to private key v Offer grades of certificate Digital Signature, Jisha George A, St. Mary’s College

When and Where A Digital Signature is Used? v Signer Authentication : Digital Signature identify the authenticity of a sender since a public and private key pair is associated with an identified signer v Message Authentication : Digital Signature Verification reveals any tampering of the message v Affirmative Act : Creating a digital signature requires the signer to use the signer's private key and the signer is consummating a transaction with legal consequences v Assurance : The processes of creating and verifying a digital signature assures the signer’s identity Digital Signature, Jisha George A, St. Mary’s College

REFERENCE v E Commerce , An Indian Perspective by P. T. Joseph v Computer Networking , A top Down Approach by Kurose|Rose Digital Signature, Jisha George A, St. Mary’s College