1 / 34

DIGITAL SIGNATURES

DIGITAL SIGNATURES . Fred Piper & Mert Özarar. Codes & Ciphers Ltd 12 Duncan Road Richmond Surrey TW9 2JD. Information Security Group Royal Holloway, University of London Egham, Surrey TW20 0EX. Outline. Brief Introduction to Cryptography Public Key Systems

blaze
Download Presentation

DIGITAL SIGNATURES

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DIGITAL SIGNATURES Fred Piper & Mert Özarar Codes & Ciphers Ltd 12 Duncan Road Richmond Surrey TW9 2JD Information Security Group Royal Holloway, University of London Egham, Surrey TW20 0EX

  2. Outline • Brief Introduction to Cryptography • Public Key Systems • Basic Principles of Digital Signatures • Public Key Algorithms • Signing Processes • Arbitrated Signatures • Odds and Ends NOTE: We will not cover all the sections Digital Signatures

  3. The Essence of Security • Recognition of those you know • Introduction to those you don’t know • Written signature • Private conversation Digital Signatures

  4. The Challenge • Transplant these basic social mechanisms to the telecommunications and/or business environment. Digital Signatures

  5. The Security Issues • Sender • Am I happy that the whole world sees this ? • Am I prepared to pay to stop them ? • Am I allowed to stop them ? • Recipient • Do I have confidence in : • the originator • the message contents and message stream • no future repudiation. • Network Manager • Do I allow this user on to the network ? • How do I control their privileges ? Digital Signatures

  6. Cryptography is used to provide: 1. Secrecy 2. Data Integrity 3. User Verification 4. Non-Repudiation Digital Signatures

  7. Cipher System cryptogram c Key k(E) Key k(D) message m message m Enciphering Algorithm Deciphering Algorithm Interceptor Digital Signatures

  8. The Attacker’s Perspective Unknown Key k(D) Known c Wants m Deciphering Algorithm Note: k(E) is not needed unless it helps determine k(D) Digital Signatures

  9. Two Types of Cipher System • Conventional or Symmetric • k(D) easily obtained from k(E) • Public or Asymmetric • Computationally infeasible to determine k(D) from k(E) Digital Signatures

  10. THE SECURITY OF THE SYSTEM IS DEPENDENT ON THE SECURITY OF THE KEYS Digital Signatures

  11. Public Key Systems • Original Concept • For a public key system an enciphering algorithm is agreed and each would-be receiver publishes the key which anyone may use to send a message to him. • Thus for a public key system to be secure it must not be possible to deduce the message from a knowledge of the cryptogram and the enciphering key. Once such a system is set up, a directory of all receivers plus their enciphering keys is published. However, the only person to know any given receiver’s deciphering key is the receiver himself. Digital Signatures

  12. Public Key Systems • For a public key system, encipherment must be a ‘one-way function’ which has a ‘trapdoor’. The trapdoor must be a secret known only to the receiver. • A ‘one-way function’ is one which is easy to perform but very difficult to reverse. A ‘trapdoor’ is a trick or another function which makes it easy to reverse the function Digital Signatures

  13. Some Mathematical One-Way Functions 1. Multiplication of two large primes. 2. Exponentiation modulo n ( n = pq ). 3.x  ax in GF(2n) or GF(p). 4.k  Ek(m) for fixed m where Ek is encryption in a symmetric key system which is secure against known plaintext attacks. 5.x a.x where x is an n-bit binary vector and a is a fixed n-tuple of integers. Thus a.xis an integer. Digital Signatures

  14. Public Key Cryptosystems • Enable secure communications without exchanging secret keys • Enable 3rd party authentication ( digital signature ) • Use number theoretic techniques • Introduce a whole new set of problems • Are extremely ingenious. Digital Signatures

  15. Digital Signatures • According to ISO, the term Digital Signature is used: ‘to indicate a particular authentication technique used to establish the origin of a message in order to settle disputes of what message (if any) was sent’. Digital Signatures

  16. Digital Signatures A signature on a message is some data that • validates a message and verifies its origin • a receiver can keep as evidence • a third party can use to resolve disputes. It depends on • the message • a secret parameter only available to the sender • It should be • easy to compute • (by one person only) • easy to verify • difficult to forge Digital Signatures

  17. Digital Signature • Cryptographic checksum • Identifies sender • Provides integrity check for data • Can be checked by third party Digital Signatures

  18. Hand-Written Signatures • Intrinsic to signer • Same on all documents • Physically attached to message • Beware plastic cards. Digital Signatures • Use of secret parameter • Message dependent. Digital Signatures

  19. Principle of Digital Signatures • There is a (secret) number which: • Only one person can use • Is used to identify that person • ‘Anyone’ can verify that it has been used NB: Anyone who knows the value of a number can use that number. Digital Signatures

  20. Attacks on Digital Signature Schemes To impersonate A, I must either • obtain A’s private key • substitute my public key for A’s NB: Similar attacks if A is receiving secret data encrypted with A’s public key Digital Signatures

  21. Obtaining a Private Key • Mathematical attacks • Physical attacks NB: It may be sufficient to obtain a device which contains the key. Knowledge of actual value is not needed. Digital Signatures

  22. Certification Authority AIM : To guarantee the authenticity of public keys. METHOD : The Certification Authority guarantees the authenticity by signing a certificate containing user’s identity and public key with its secret key. REQUIREMENT : All users must have an authentic copy of the Certification Authority’s public key. Digital Signatures

  23. Certification Process Verifies credentials Creates Certificate Centre Distribution Owner Generates Key Set Presents Public Key and credentials Receives (and checks) Certificate Digital Signatures

  24. How Does it Work? The CA certifies that Fred Piper’s public key is……….. • The Certificate can accompany all Fred’s messages • The recipient must directly or indirectly: • Trust the CA • Validate the certificate Electronically signed by the CA Digital Signatures

  25. User Authentication Certificates • Ownership of certificate does not establish identity • Need protocols establishing use of corresponding secret keys Digital Signatures

  26. WARNING • Identity Theft • You ‘are’ your private key • You ‘are’ the private key corresponding to the public key in your certificiate Digital Signatures

  27. Certification Authorities • Problems/Questions • Who generates users’ keys? • How is identity established? • How can certificates be cancelled? • Any others? Digital Signatures

  28. Fundamental Requirement Internal infrastructure to support secure technological implementation Digital Signatures

  29. Is everything OK? Announcement in Microsoft Security Bulletin MS01-017 “VeriSign Inc recently advised Microsoft that on January 29-30 2001 it issued two VeriSign Class 3 code-signing digital certificates to an individual who fraudulently claimed to be a Microsoft employee.” Digital Signatures

  30. How to Create a Digital Signature Using RSA MESSAGE HASHING FUNCTION HASH OF MESSAGE Sign using Private Key SIGNATURE - SIGNED HASH OF MESSAGE Digital Signatures

  31. How to Verify a Digital Signature Using RSA Message Signature Re-hash the Received Message Message with Appended Signature Verify the Received Signature Message Signature Hashing Function Verify using Public Key HASH OF MESSAGE HASH OF MESSAGE If hashes are equal, signature is authentic Digital Signatures

  32. Requirements for Hash Function h (H1) condenses message M of arbitrary length into a fixed length ‘digest’ h(M) (H2) is one-way (H3) is collision free - it is computationally infeasible to construct messages M, M' with h(M) = h(M') H3 implies a restriction on the size of h(M). Digital Signatures

  33. Diffie Hellman Key Establishment Protocol General Idea: Use Public System A and B exchange public keys: PA and PB There is a publicly known function f which has 2 numbers as input and one number as output. A computes f (SA, PB) where SA is A’s private key B computes f (SB, PA) where SB is B’s private key f is chosen so that f (SA, PB) = f (SB, PA) So A and B now share a (secret) number Digital Signatures

  34. D-H Man in the Middle Attack A B Fraudster F The Fraudster has agreed keys with both A and B Aand B believe they have agreed a common key Digital Signatures

More Related