Digital Signatures
Download
Report
Transcript Digital Signatures
DIGITAL SIGNATURES
By Umair Sadiq
WHAT IS A DIGITAL SIGNATURE?
A signature to validate any electronic data.
Its not modified
It belongs to signatory
Signatory cannot repudiate
PICTORIAL OVERVIEW
VARIOUS ALGORITHMS
RSA
DSA (US Federal Govt Standard)
Elliptic Curve DSA
ElGamal (based on computing discrete
logarithm),
Pointcheval-Stern (a variant of ElGamal)
Note: Unlocking the key requires solution to a
mathematically hard problem like factoring the
product of large primes or computing discrete
logarithms
A SIMPLIFIED SCENARIO
Encryption, (e,n)
Decryption, (d,n)
code msg e mod n
msg code d mod n
msg
msg
(mod n)
e d
ed (n)
POTENTIAL THREATS AND SOLUTIONS
Man-in-the-middle-attack
a person intercepts and modifies messages in both
direction and uses its own generated set of keys
digital certificates are used to authenticate keys
Timing attacks
with the knowledge of hardware and decipher time
becomes possible to deduce the key
it is rectified by combining decryption with a random
computation
CONCLUSION
Where digital signature provide a safe way to
authenticate electronic piece of information, it is
important to use an algorithm that has been put
to rigorous testing and has proven its validity
over a period of time.
REFERENCES
http://csrc.nist.gov/publications/fips/fips1862/fips186-2-change1.pdf
http://www.abanet.org/scitech/ec/isc/dsgtutorial.html
http://gdp.globus.org/gt4tutorial/multiplehtml/ch09s03.html