0% found this document useful (0 votes)
22 views25 pages

INS - Lecture12 - Digital Signature

Digital signatures validate the source and integrity of messages, ensuring authentication, non-repudiation, and integrity. They are created by encrypting a message digest with the sender's private key and can be verified using the sender's public key. The document outlines the requirements, properties, and operation of digital signatures, along with specific digital signature schemes like ElGamal and Schnorr.

Uploaded by

telacet362
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
22 views25 pages

INS - Lecture12 - Digital Signature

Digital signatures validate the source and integrity of messages, ensuring authentication, non-repudiation, and integrity. They are created by encrypting a message digest with the sender's private key and can be verified using the sender's public key. The document outlines the requirements, properties, and operation of digital signatures, along with specific digital signature schemes like ElGamal and Schnorr.

Uploaded by

telacet362
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 25

Information Security

Digital Signatures

Lecture 12
Dr. Amir Mehmood
Digital Signatures

Digital Signatures are used to


“Sign” messages to validate the
source and integrity of the
contents.

2
Digital Signature Properties

© 2017 Pearson Education, Ltd., All rights reserved.


Attacks

© 2017 Pearson Education, Ltd., All rights reserved.


Forgeries

© 2017 Pearson Education, Ltd., All rights reserved.


Digital Signature Requirements
 The signature must be a bit pattern that depends
on the message being signed
 The signature must use some information unique
to the sender to prevent both forgery and denial
 It must be relatively easy to produce the digital
signature
 It must be relatively easy to recognize and verify
the digital signature
 It must be computationally infeasible to forge a
digital signature, either by constructing a new
message for an existing digital signature or by
constructing a fraudulent digital signature for a
given message
 It must be practical to retain a copy of the digital
signature in storage

© 2017 Pearson Education, Ltd., All rights reserved.


What is a digital signature?
A digital signature is a kind of ID. You
can use it on the Internet to identify
yourself in a secure manner. This is
extremely useful in areas such as
electronic commerce. For instance,
when making a credit card purchase on
the Internet, you can use your digital
signature to "sign" that purchase. This
helps to ensure that only you can make
purchases with your credit card number.
7
What is a digital signature?
 The term direct digital signature refers to a digital signature
scheme that involves only the communicating parties (source,
destination). It is assumed that the destination knows the
public key of the source.
 A digital signature is a mathematical scheme for
verifying the authenticity of digital messages or
documents. A digital signature serves three purposes:
 Authentication: A digital signature gives a recipient
reason to believe that the message was created by a
known sender.

8
What is a digital signature?
Non-repudiation: With digital
signature, signer cannot successfully
claim he/she did not sign a message.
Integrity: A digital signature ensures
that the message was not altered in
transit.

9
Digital Signature
 Operation is similar to that of the
MAC
 The hash value of a message is
encrypted with a user’s private key
 Anyone who knows the user’s public
key can verify the integrity of the
message
 An attacker who wishes to alter the
message would need to know the
user’s private key
 Implications of digital signatures go
beyond just message authentication
© 2017 Pearson Education, Ltd., All rights reserved.
Message Authentication Using Plain
Encryption (Recall)

11
Message Encryption (Recall)

12
Message Authentication Code (MAC) (Recall)

13
© 2017 Pearson Education, Ltd., All rights reserved.
How is a Digital Signature
Produced?
Very briefly, a typical digital signature
works like this:
 A signature in the form of a code is
generated by applying an algorithm and
the sender's private key to message
contents.
 The recipient verifies the signature by
decrypting it using the sender's public
key.

16
The Idea
Goal - guarantee that message must
have originated with certain entity
Idea - encrypt with private key,
decrypt with public key
Only owner of the private key could
have generated original message

17
Steps in making a digital
signature
 Joe runs a one-way hash function to create a fixed
length message digest from the message to be sent
 Joe encrypts the message digest with his private
key to create a digital signature.
 Joe sends the signature and the message to Alice
 Alice decrypts the signature with Joe’s public key to
reveal the message digest
 Alice then applies the same one-way function to the
message she received from Joe to produce a
message digest
 Alice compares the message digest she created
with the message digest sent by Joe. If they
compare the integrity of the messages is verified.

18
Steps in making a digital
signature

19
Steps in making a digital
signature

20
ELGAMAL DIGITAL SIGNATURE SCHEME

21
ELGAMAL DIGITAL SIGNATURE SCHEME

22
ELGAMAL DIGITAL SIGNATURE SCHEME

23
SCHNORR DIGITAL SIGNATURE SCHEME

24
SCHNORR DIGITAL SIGNATURE SCHEME

25

You might also like