360870_634055934799150000
TRANSCRIPT
-
8/6/2019 360870_634055934799150000
1/21
Digital Signatures
-
8/6/2019 360870_634055934799150000
2/21
Why Digital Signatures?To pr ov ide Authenticity,Integrity and N o n-
repudiati o n t o electr o nicd o cumentsTo use the Internet as thesafe and secure medium f
ore-C o mmerce and e-
Gov ernance
-
8/6/2019 360870_634055934799150000
3/21
What is Digital Signature?
Hash value of a message whenencrypted with the private key of aperson is his digital signature on thate-Document
Digital Signature of a persontherefore varies from document todocument thus ensuring authenticityof each word of that document.
As the public key of the signer isknown, anybody can verify themessage and the digital signature
-
8/6/2019 360870_634055934799150000
4/21
Digital SignaturesE ach indi v idual generates his ow n key pair
[ Public key kn ow n t o e v ery o ne & Pri v ate key o nly t o the ow ner ]
Pri v ate Key U sed f o r making digital signature
Public Key U sed t o v erify the digital signature
-
8/6/2019 360870_634055934799150000
5/21
P aper signatures v/s Digital Signatures
ParameterParameter PaperPaper ElectronicElectronic
Authenticit Authenticit yy
May be forgedMay be forged Can not be copiedCan not be copied
IntegrityIntegrity SignatureSignatureindependent of independent of the document the document
SignatureSignaturedepends on thedepends on thecontents of thecontents of thedocument document
NonNon--repudiationrepudiation
a.a. HandwritingHandwritingexpert expert neededneeded
b.b. Error proneError prone
a.a. Any Anycomputercomputeruseruser
b.b. Error freeError free
V/s
-
8/6/2019 360870_634055934799150000
6/21
Private key protectionPrivate key protectionT he Private key generated isT he Private key generated isto be protected and keptto be protected and keptsecret. T he responsibility of secret. T he responsibility of the secrecy of the key liesthe secrecy of the key lies
with the owner.with the owner.
T he key is secured usingT he key is secured using
PIN Protected soft tokenPIN Protected soft token Smart CardsSmart Cards
HardwareT
okensHardwareT
okens
-
8/6/2019 360870_634055934799150000
7/21
EncryptionEncryptionC aesar C ipher
The shift is linear and equidistributed 3 changesI agree lcdjuhh
Key C ipher
The shift is linear (cyclic) 269
k.n.gupta 62 mewam3rzjba
i+3=l
Space=c [+3]
k+2=m
(dot)=e [+6]
n=w [+9]
Char 1 2 3 4 5 6 7 8 9a b c d e f g h i jb c d e f g h i j kc d e f g h i j k ld e f g h i j k l me f g h i j k l m nf g h i j k l m n og h i j k l m n o ph i j k l m n o p qi j k l m n o p q r
j k l m n o p q r sk l m n o p q r s tl m n o p q r s t um n o p q r s t u vn o p q r s t u v wo p q r s t u v w xp q r s t u v w x yq r s t u v w x y zr s t u v w x y z 0s t u v w x y z 0 1t u v w x y z 0 1 2u v w x y z 0 1 2 3v w x y z 0 1 2 3 4w x y z 0 1 2 3 4 5x y z 0 1 2 3 4 5 6y z 0 1 2 3 4 5 6 7z 0 1 2 3 4 5 6 7 80 1 2 3 4 5 6 7 8 91 2 3 4 5 6 7 8 9 .2 3 4 5 6 7 8 9 .3 4 5 6 7 8 9 . a4 5 6 7 8 9 . a b5 6 7 8 9 . a b c6 7 8 9 . a b c d7 8 9 . a b c d e8 9 . a b c d e f 9 . a b c d e f g
. (Dot) a b c d e f g hSpace a b c d e f g h i
-
8/6/2019 360870_634055934799150000
8/21
-
8/6/2019 360870_634055934799150000
9/21
E NCRYP T ION
M essage 2T he Internet kn ow s n o ge o graphical b o undaries.It has redefined time and space. Ad v ances inco mputer and telec o mmunicati o n techn o lo giesha v e led t o the expl o si v e gr ow th o f the Internet.T his in turn is affecting the meth o ds o f co mmunicati o n, wo rk, study, educati o n,interacti o n, leisure, health, g ov ernance, tradeand c o mmerce.E
ncryptedM
essage 2a520eecb61a770f947ca856cd675463f1c95a9a2b8d4e6a71f80830c87f5715f5f59334978dd7e97da0707b48a1138d77ced56feba2b467c398683c7dbeb86b854f120606a7ae1ed934f5703672adab0d7be66dccde1a763c736cb9001d0731d541106f50bb7e54240c40ba780b7a553bea570b99c9ab3df13d75f8ccfdddeaaf3a749fd1411
M essage 1Central t o the gr ow th o f e-c o mmerce and e-g ov ernance is the issue o f trust in electr o nicen v iro nment.
E ncrypted M essage 19a46894335be49f0b9cab28d755aaa9cd98571b275bbb0adb405e6931e856ca3e5e569edd135285482
D E CRYP T IONE ncrypted M essage 19a46894335be49f0b9cab28d755aaa9cd98571b275bbb0adb405e6931e856ca3e5e569edd135285482M essage 1Central t o the gr ow th o f e-c o mmerce and e-g ov ernance is the issue o f trust in electr o nicen v iro nment.
E ncrypted M essage 2a520eecb61a770f947ca856cd675463f1c95a9a2b8d4e6a71f80830c87f5715f5f59334978dd7e97da0707b48a1138d77ced56feba2b467c398683c7dbeb86b854f120606a7ae1ed934f5703672adab0d7be66dccde1a763c736cb9001d0731d541106f50bb7e54240c40ba780b7a553bea570b99c9ab3df13d75f8ccfdddeaaf3a749fd1411M
essage 2T he Internet kn ow s n o ge o graphical b o undaries. It hasredefined time and space. Ad v ances in c o mputer andtelec o mmunicati o n techn o lo gies ha v e led t o theexpl o si v e gr ow th o f the In ternet. T his in turn isaffecting the meth o ds o f co mmunicati o n, wo rk, study,educati o n, interacti o n, leisure, health, g ov ernance,trade and c o mmerce.
Same KeySYMM E TR IC
Different Keys[Keys o f a pair Public and Pri v ate]
ASYMM E TR IC[PKI]
-
8/6/2019 360870_634055934799150000
10/21
PIN protected soft tokensPIN protected soft tokensT he Private key is encryptedT he Private key is encryptedand kept on the Hard Disk in aand kept on the Hard Disk in afile, this file is passwordfile, this file is passwordprotected.protected.
T his forms the lowest level of T his forms the lowest level of security in protecting the key,security in protecting the key,asas T he key is highly reachable.T he key is highly reachable. PIN can be easily known orPIN can be easily known or
cracked.cracked.
Soft tokens are also notSoft tokens are also notpreferred becausepreferred because T he key becomes static andT he key becomes static and
machine dependent.machine dependent. T he key is in known fileT he key is in known file
format.format.
-
8/6/2019 360870_634055934799150000
11/21
Smart CardsSmart CardsT he Private key is generatedT he Private key is generatedin the crypto modulein the crypto moduleresiding in the smart card.residing in the smart card.T he key is kept in theT he key is kept in thememory of the smart card.memory of the smart card.T he key is highly secured asT he key is highly secured asit doesnt leave the card, theit doesnt leave the card, themessage digest is sentmessage digest is sentinside the card for signing,inside the card for signing,and the signatures leave theand the signatures leave the
card.card.T he card gives mobility toT he card gives mobility tothe key and signing can bethe key and signing can bedone on any system.done on any system. (Having(Havingsmart card reader)smart card reader)
-
8/6/2019 360870_634055934799150000
12/21
Public Key Infrastructure (PKI)Public Key Infrastructure (PKI)Some Trusted Agency is required which certifiesSome Trusted Agency is required which certifiesthe association of an individual with the key pair.the association of an individual with the key pair.
Certifying Authority (CA)Certifying Authority (CA)This association is done by issuing a certificateThis association is done by issuing a certificateto the user by the CAto the user by the CA
Public key certificate (PKC)Public key certificate (PKC)
All public key certificates are digitally signed by All public key certificates are digitally signed bythe CAthe CA
-
8/6/2019 360870_634055934799150000
13/21
Certifying AuthorityCertifying AuthorityMust be widely known and trustedMust be widely known and trusted
Must have well defined Identification process beforeissuing the certificate
Provides online access to all the certificates issuedProvides online access to the list of certificatesrevoked
Displays online the license issued by the ControllerDisplays online approved Certification PracticeStatement (CPS)
Must adhere to IT Act/Rules/Regulations andGuidelines
Must
be
widely
-
8/6/2019 360870_634055934799150000
14/21
ID RBT CertificatePaper E lectr o nic
-
8/6/2019 360870_634055934799150000
15/21
Trust PathTrust Path
Co ntr o ller is the Roo t certifying auth o rityresp o nsible f o r regulating CertifyingAuth o rities (CAs)
Co ntr o ller certifies the ass o ciati o n o f CAw ith his public keyCertifying Auth o rity (CA) is the trusted
auth o rity resp o nsible f o r creating o r
certifying identities.CA certifies the ass o ciati o n o f an
indi v idual w ith his public key
-
8/6/2019 360870_634055934799150000
16/21
Applicati o ns in Judiciary1. Instant p o sting o f judgment o n the w eb.2. Secured electr o nic c o mmunicati o ns
w ithin judiciary3. Authentic archi v ing o f Judicial rec o rds4. Submissi o n o f affida v its
5. Giv
ing certified co
pieso
f the Judgment
-
8/6/2019 360870_634055934799150000
17/21
-
8/6/2019 360870_634055934799150000
18/21
Applications in Telecommunications Applications in Telecommunications (contd.)(contd.)
B.B. InternalInternal
Intra/Inter offices authenticIntra/Inter offices authenticcommunicationscommunicationsOBs, approvals, Instructions, requestsOBs, approvals, Instructions, requests
Procurement of materialProcurement of material
Calling/Receiving bids, Purchase orders,Calling/Receiving bids, Purchase orders,Payment instructionsPayment instructionsNetwork Management functionsNetwork Management functions
Change of configuration, Blocking/unblockingChange of configuration, Blocking/unblockingroutesroutes
-
8/6/2019 360870_634055934799150000
19/21
Public Key CryptographyEncryption Technologies
DocumentDocumentDocumentDocument DocumentDocumentDocumentDocumentEncryptedEncrypted
DocumentDocument
EncryptedEncrypted
DocumentDocument
EncryptedEncrypted
DocumentDocument
EncryptedEncrypted
DocumentDocument
Public Key of B
Confidentiality
Private Key of B
-
8/6/2019 360870_634055934799150000
20/21
SummaryE ach indi v idual has a pair o f keysPublic key o f each indi v idual is certifiedby a CA (Certifying Auth o rity)
Public keys o f CAs are certified by theCo ntr o llerPublic key o f the C o ntr o ller is self certified
Public keys o f e v ery o ne are kn ow n t o allco ncerned and are als o a v ailable o n thew ebCertificati o n Practice Statement isdisplayed o n the w eb site
-
8/6/2019 360870_634055934799150000
21/21
Th ank YouTh ank You