What is Digital Signature Building confidentiality and trust
What is Digital Signature Building confidentiality and trust into networked transactions. Kishankant Yadav www. signyourdoc. com 9571333822
Encryption It is a technique of converting plain text into ciphertext and reconverting it into plain text.
Basic Techniques of Encryption • Transposition Cipher • Substitution Cipher • Product Cipher
Basic Techniques of Encryption- Transposition Cipher Encrypts by changing the order of characters in the text. • e. g. : Replace 1 st character with 6 th • 2 nd with 7 th • 3 rd with 8 th • 4 th with 9 th • 5 th with 10 th and so on
Basic Techniques of Encryption- Transposition Cipher WE WILL ATTACK ON BHAI ON SUNDAY TRANSPOSE LL ATWE WI ON BHTACK SUNDAAI ONY
Basic Techniques of Encryption- Substitution Cipher Encrypts by replacing the characters in the text with characters in a “Key” on the basis of some rule. e. g. : • Key is “MANISH” and Rule is Replace all • A in the text with M • B with A • C with N • D with I • E with S • F with H • G with A and so on
Basic Techniques of Encryption- Substitution Cipher INDORE IS A GOOD CITY SUBSTITUTE DKILQS DR M BLLI NDTY
Basic Techniques of Encryption- Product Cipher Combination of Transposition and Substitution • Take a Key • replace the characters in the text with characters in the Key. • Transpose the result.
Basic Techniques of Encryption- Product Cipher INDORE IS A GOOD CITY SUBSTITUTE DKILQS DR M BLLI NDTY TRANSPOSE S DR DKILQI NDTM BLLY
Elements of Encryption Plain text Decryption method Encryption key Cipher text Plain text Decryption Key • Encryption Algorithm (function used to encrypt or decrypt) • Encryption keys (information used to cipher)
Good Encryption System: Features • Short Key • Strong Algorithm • High work factor • Low error propagation
Encryption Building confidentiality and trust into networked transactions. CHANGING THE WAY OF DOING BUSINESS
Using Encryption A MATTER OF TRUST • Building Trust: Direct trust relationship
Some every day transactions: Credit Card Why do we place trust in these transactions? • Authentication • Confidentiality Notarized Document • Integrity • Non-repudiation Contract Medical Records
Ways of Encryption Two ways of encryption Symmetric Key or Private Key Encryption Asymmetric Key or Public Key Encryption (abbreviated as PKI)
Symmetric Cryptosystem Also called private key infrastructure Four score and seven years ago, our forefathers brought forth the proposition Cleartext Message DES | RC 4 sdfklj 98 a 475$5 6 jhgv 98456 vjnf 84576 FGHH 78 l fkghj 506#6 lkjg 4#$5; lkn; t 7; lsk%0 Cipher Text DES | RC 4 Four score and seven years ago, our forefathers brought forth the proposition Cleartext Message
Symmetric Cryptosystem Also called private key infrastructure Original Message Encrypted Message • Similar key is used for encryption and decryption • Both parties should know the same key Encrypted Message Original Message Secured transmission of encryption key to other person is a problem.
Asymmetric Cryptosystem 8 Also called Public Key Infrastructure (PKI) 8 Improvement over Private Key System 8 Provides all elements expected from a secure transaction : • Authentication • Confidentiality • Integrity • Non-repudiation 8 Accordingly generates : • Signed message • Secret message • Signed and Secret message
Public Key System One half of a key pair is used to encrypt, the other half is used to decrypt. Encryption Recipient’s Public Key Decryption Recipient’s Private Key
Public Key Infrastructure(PKI) Basic Methodology Ü Uses a pair of keys. Ü One part of pair is used for encryption Ü Another part is used for decryption Ü One part is kept private (called private key of a person) and another is made public (called public key of a person) Ü Any key (public or private) can be used for encryption and then another is used for decryption Ü Same key can not be used for encryption and decryption both. There has to be combination of both keys.
Public Key Infrastructure(PKI) How messages are generated Encryption Original Message Encrypted Message Ü Message is encrypted by sender with Receiver’s public key and Receiver’s public key Receiver’s private key Encrypted Message Original Message To generate a secret message Ü It is decrypted by receiver with his private key. Decryption It ensures : • Confidentiality • Integrity
Public Key Infrastructure(PKI) How messages are generated Encryption Original Message Encrypted Message To generate a signed message Ü Message is encrypted by sender with Sender’s private key and Sender’s private key Sender’s public key Encrypted Message Original Message Ü It is decrypted by receiver with Sender’s public key. Decryption It ensures : • Authentication • Non Repudiation
Asymmetric Cryptosystem Original Message How messages are generated To generate a signed and secret message : Encrypted Message I Sender’s private key Original Message Receiver’s public key Encrypted Message I Sender’s public key Encrypted Message II Receiver’s private key It ensures : Confidentiality Message II Integrity Ü Message is first encrypted by sender with Sender’s private key. Ü This encrypted message is again encrypted with Receiver’s public key Ü It is decrypted by receiver first with his private key and then with sender’s public key. Authentication Non Repudiation
Digital Signatures Basic Methodology • Digital signatures are hash code of a document encrypted with sender’s private key. • For sending the message, first hash code of message is generated. • This hash code is encrypted using sender’s private key. • The message is sent along with encrypted hash code. • At other end, receiver decrypts hash code with sender’s public key. • He also on his own calculates hash code of the message received. • Two hash codes should tally. It ensures : Integrity Authentication Non Repudiation
Digital Signatures • In earlier process, message has been sent in clear text form thus confidentiality has not been achieved. • To overcome this problem, message and encrypted hash code may be encrypted by a symmetric key. • This symmetric key is also then encrypted with receiver’s public key. • All these i. e. Message and encrypted hash code which are now encrypted with symmetric key and symmetric key itself which is now encrypted with receiver’s public key, are sent to receiver. • Receiver first decrypt the symmetric key with his private key and then decrypt message and hash code with this symmetric key.
How does PKI work? Sender’s Digital Hash Code Private Key Signature Original Message Recipient’s Public Key Sender Encrypted Symmetric Key Original Message Symmetric Key Encrypted & Signed
How does PKI work? Recipient’s Private Key Encrypted Symmetric Key Recipient Symmetric Key Hash Algorithm Original Message Encrypted & Signed Digital Sender’s. Hash Code Signature Public Key Message verified
Digital Certificate A Digital Certificate is a digitally signed document that associates a public key with a user. Certificate ties a participant to public key ID Number & Name Validity Period Public Key: Name: Prashant Mali private Number: 2564567 A Expires: 31 December 2022 Signed: CA’s Signature The authenticity of the certificate is guaranteed by the digital signature generated using the CA’s private key.
Key Lifecycle Management Key Generation Certificate Issuance or Certificate Validation Key Usage Key Expiry Key Update
Encryption Standard Data Encryption standard • A short key, strong algorithm system • Uses a 64 bit key, 56 bits for algorithm and 8 bits are parity RSA (Rivest, Shamir, Adalman) • Public key system. • Once private key is used to encrypt, it can be decrypted only using its public key and vice-versa.
Thank You Questions Contact: www. signyourdoc. com Kishan. kant 03@gmail. com Cell: 9571333822
- Slides: 31