Sunday, 20 December 2020

OS: Digital Signatures

 

Digital Signature:

Encryption example


o   In this example the message is only signed and not encrypted.

1) Alice signs a message with her private key.

2) Bob can verify that Alice sent the message and that the message has not been modified.

o   digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents.

o   A valid digital signature, where the prerequisites are satisfied, gives a recipient very strong reason to believe that the message was created by a known sender (authentication), and that the message was not altered in transit.

o   Digital signatures are commonly used for software distribution, financial transactions, contract management software, and in other cases where it is important to detect forgery or tampering.

o   Digital signatures are often used to implement electronic signatures, which include any electronic data that carries the intent of a signature, but not all electronic signatures use digital signatures.

o   Digital signatures employ asymmetric cryptography. In many instances they provide a layer of validation and security to messages sent through a non-secure channel.

o   Digital signatures are equivalent to traditional handwritten signatures in many respects, but properly implemented digital signatures are more difficult to forge than the handwritten type.

o   Digital signatures can also provide non-repudiation, meaning that the signer cannot successfully claim they did not sign a message, while also claiming their private key remains secret.

o   Further, some non-repudiation schemes offer a time stamp for the digital signature, so that even if the private key is exposed, the signature is valid.

o   A digital signature scheme typically consists of 3 algorithms;

·         key generation algorithm that selects a private key uniformly at random from a set of possible private keys. The algorithm outputs the private key and a corresponding public key.

·         signing algorithm that, given a message and a private key, produces a signature.

·         signature verifying algorithm that, given the message, public key and signature, either accepts or rejects the message's claim to authenticity.


o    Two main properties are required. First, the authenticity of a signature generated from a fixed message and fixed private key can be verified by using the corresponding public key.

o    Secondly, it should be computationally infeasible to generate a valid signature for a party without knowing that party's private key.

o    A digital signature is an authentication mechanism that enables the creator of the message to attach a code that acts as a signature. The Digital Signature Algorithm (DSA), developed by the National Institute of Standards and Technology, is one of many examples of a signing algorithm.

Below are some common reasons for applying a digital signature to communications:

Authentication

Digital signatures can be used to authenticate the source of messages. When ownership of a digital signature secret key is bound to a specific user, a valid signature shows that the message was sent by that user.

Integrity

In many scenarios, the sender and receiver of a message may have a need for confidence that the message has not been altered during transmission. However, if a message is digitally signed, any change in the message after signature invalidates the signature. Furthermore, there is no efficient way to modify a message and its signature to produce a new message with a valid signature, because this is still considered to be computationally infeasible by most cryptographic hash functions.

Non-repudiation

By this property, an entity that has signed some information cannot at a later time deny having signed it. Similarly, access to the public key only does not enable a fraudulent party to fake a valid signature.

No comments:

Post a Comment