Digital Signatures Reference Pfleeger Charles P Security in

Definition of Digital Signatures • A digital signature is a protocol that produces the

Requirements of Digital Signatures • Unforgeable – If person P signs message M with

Additional Desirable Properties of Digital Signatures • Not Alterable – After being transmitted, M

Symmetric Key Digital Signatures • The secrecy of the key guarantees the authenticity of

Digital Signatures without Encryption • If secrecy is not an issue, then a cryptographic

Preventing Reuse or Alteration • A time stamp (or sequence number) could be used

Asymmetric Digital Signatures • Public key systems can be used for digital signatures. •

Slides: 8

Download presentation

Digital Signatures Reference: Pfleeger , Charles P. , Security in Computing, 2 nd Edition, Prentice Hall, 1996. 12/12/2021 Ref: Pfleeger 96, Ch. 4 1

Definition of Digital Signatures • A digital signature is a protocol that produces the same effect as a real signature: it is a mark that only the sender can make, but other people can easily recognize as belonging to the sender. 12/12/2021 Ref: Pfleeger 96, Ch. 4 2

Requirements of Digital Signatures • Unforgeable – If person P signs message M with signature S(P, M), it is impossible for anyone else to produce the pair [M, S(P, M)]. • Authentic – If a person R receives the pair [M, S(P, M)] purportedly from P, R can check that the signature is really from P. 12/12/2021 Ref: Pfleeger 96, Ch. 4 3

Additional Desirable Properties of Digital Signatures • Not Alterable – After being transmitted, M cannot be changed by S, R, or an interceptor. • Not Reusable – A previous message presented will be instantly detected by R. 12/12/2021 Ref: Pfleeger 96, Ch. 4 4

Symmetric Key Digital Signatures • The secrecy of the key guarantees the authenticity of the message. • Does not prevent forgery, and cannot prevent against repudiation (denial of sending the message). • Thus an arbiter is needed to prevent forgery. 12/12/2021 Ref: Pfleeger 96, Ch. 4 5

Digital Signatures without Encryption • If secrecy is not an issue, then a cryptographic sealing function can be used as a signature. • The sealing function is a mathematical function of every bit of its input. • A hash could be used as a sealing function. 12/12/2021 Ref: Pfleeger 96, Ch. 4 6

Preventing Reuse or Alteration • A time stamp (or sequence number) could be used to prevent reuse. • The time stamp could also become part of every block of a block cipher, to prevent alteration of a piece of an encrypted message. 12/12/2021 Ref: Pfleeger 96, Ch. 4 7

Asymmetric Digital Signatures • Public key systems can be used for digital signatures. • A sender could encrypt a message using their private key. • The encrypted message could be read by anyone using the sender’s public key. • The message could not be decrypted using someone else’s public key. 12/12/2021 Ref: Pfleeger 96, Ch. 4 8