m
 


m

 
 

  


 

! 
WHAT IS DIGITAL SIGNATURE?

ë Authentication:

ë It is a technique which tries to verify that a

massage is coming from an authentic sender or
not.
ë In other words, it just verify the identity of
sender.
WHAT IS DIGITAL SIGNATURE?

ë Digital Signature:

ë Its not a simply typed name or image of an

handwritten signature.
ë It is the method used in the process of
authentication.
ë Based on public key encryption and decryption.
NEED OF DIGITAL SIGNATURE
ë To provide authenticity and integrity to
electronic document, i.e. to verify the person who
creates the document and to verify the originality
of the massage.

ë To use the internet as the safe and secure

medium for e-Commerce and e-Governance.

ë In many cases it is required by the law

÷ In legal contracts
÷ In deeds and wills
÷ In important project reports
TYhES OF DIGITAL SIGNATURE

ë When we send a document electronically, we

have two choices:
÷ Either we can sign the entire document
÷ Or we can sign a digest of the document

ë Signing the Whole Document

÷ hublic-key Encryption method is used to sign the
whole document.
hUBLIC-KEY ENCRYhTION

ë In hublic-Key encryption, there are two keys:

÷ hublic Key
÷ hrivate Key

ë Here, the public key encrypt the document and

private key is used to decrypt the document.

ë The public key is available to the public and the

private key is kept by each individual.
SIGNING THE DIGEST

ë Using a public-key to sign the entire message is

very inefficient if the message is too long.

ë Hence the solution is to let the sender sign a

digest (miniature) of the document.

ë These digests are created using Hash Function.

HASH FUNCTION

ë To create a digest of the message, we use Hash

Function.
÷ The Hash Function creates a fixed sized digest from a
variable length message.
ë The hash Function must have 2 properties to
satisfy:
1. Hashing is one way, i.e. the digest can only be
created from the message but not vice-versa.
2. Hashing is one-to-one function, i.e. there is a little
probability that two message can create the same
digest.
Key Management in Cryptography

ë What is key management?

ë Why are we talking about key management?

ë Key management techniques

ë Key management life cycle

What is key management?
ë Definition: Key management is the set of techniques and
procedures supporting the establishment and maintenance
of keying relationships between authorized parties.
ë A keying relationship is the state wherein communicating
entities share common data(keying material) to facilitate
cryptography techniques. This data may include public or
secret keys, initialization values, and additional non-secret
parameters.
Why are we talking about key management?
V Security policy
Security policy explicitly or implicitly defines the
threats a system is intended to address

Security policy may affect the stringency of

cryptographic requirements, depending on the
susceptibility of the environment in questions to
various types of attack.
Key Exchange Algorithms

ë Goal: Alice, Bob get shared key

÷ Key cannot be sent in clear
ë Attacker can listen in
ë Key can be sent enciphered, or derived from
exchanged data plus data not known to an
eavesdropper
÷ Alice, Bob may trust third party
÷ All cryptosystems, protocols publicly known
ë Only secret data is the keys, ancillary
information known only to Alice and Bob
needed to derive keys
ë Anything transmitted is assumed known to
attacker
Key management techniques
ë Key management
a) Symmetric-key encryption


 „
„„
„
 „
 
 „

„
„„ „
„„
 „

„„ „

Key management techniques
ë Techniques for distributing public keys
- Authentication trees
Authentication trees provide a method for making public data
available with verifiable authenticity, by using a tree structure
in
conjunction with a suitable hash function, and authenticating
the
root value.
- hublic-key certificates
hublic-key certificates are a vehicle by which public keys may be
stored,distributed or forwarded.
Key management techniques
b) public-key encryption


 „
„„ 
 „
„
 „


 
„ 

„„

 „
„

„ „


„
„

„ 
„

„ 

 

„
„

„ 
„ 

  

 „
„

„  „
 
14.4.1. Key Exchange Example




ë
 

_
 
 ë


 
 
 

ë
 ë




ë
 






ë 
Key management techniques
ë hublic-key vs. symmetric-key techniques
hrimary advantages offered by public-key vs. symmetric-
key techniques for applications related to key management
include:

1. simplified key management

2. on-line trusted server not required
3. enhanced functionality
Key management life cycle
1. user registration
2. user initialization
3. key generation
4. key installation
5. key registration
6. normal use
7. key backup
8. key update
9. archival
10. key de-registration and destruction
11. key recovery
12. key revocation
THANK
YOU