3. HISTORY(DIGITAL SIGNATURE)
In 1976, Whitfield Diffie and Martin Hellman first described the notion of a digital
signature scheme, although they only conjectured that such schemes existed based on
functions that are trapdoor one-way permutations. Soon afterwards, Ronald Rivest, Adi
Shamir, and Len Adleman invented the RSA algorithm, which could be used to produce
primitive digital signatures (although only as a proof-of-concept – "plain" RSA
signatures are not secure). The first widely marketed software package to offer digital
signature was Lotus Notes 1.0, released in 1989, which used the RSA algorithm.
Other digital signature schemes were soon developed after RSA, the earliest being
Lamport signatures, Merkle signatures (also known as "Merkle trees" or simply "Hash
trees"), and Rabin signatures.
In 1984, Shafi Goldwasser, Silvio Micali, and Ronald Rivest became the first to rigorously
define the security requirements of digital signature schemes.
9/18/2018 CREATED BY SOHAM KANSODARIA 3
4. THEORY(DIGITAL SIGNATURE)
A digital signature is a mathematical technique used to validate the authenticity and integrity
of a message, software or digital document.
Digital signature is a cryptographic value that is calculated from the data and a secret key
known only by the signer.
Digital signatures can be used by Directory Server to maintain integrity of information. If
encryption and message digests are applied to the information being sent, the recipient can
determine that the information was not tampered with during transit.
The digital equivalent of a handwritten signature or stamped seal, but offering far more
inherent security, a digital signature is intended to solve the problem of tampering and
impersonation in digital communications. Digital signatures can provide the added assurances
of evidence to origin, identity and status of an electronic document, transaction or message,
as well as acknowledging informed consent by the signer.
In some countries, including the United States, Algeria, Turkey, India Brazil, Indonesia, Mexico
Saudi Arabia, Uruguay, Switzerland and the countries of the European Union, electronic
signatures have legal significance.9/18/2018 CREATED BY SOHAM KANSODARIA 4
6. DIAGRAM WORKING(DIGITAL
SIGNATURE)
In figure1, the original data and the digital signature, which is basically a one-
way hash (of the original data) that has been encrypted with the signer's private
key. To validate the integrity of the data, the receiving software first uses the
signer’s public key to decrypt the hash. It then uses the same hashing algorithm
that generated the original hash to generate a new one-way hash of the same
data. (Information about the hashing algorithm used is sent with the digital
signature, although this isn’t shown in the figure.) Finally, the receiving software
compares the new hash against the original hash. If the two hashes match, the
data has not changed since it was signed. If they don’t match, the data may
have been tampered with since it was signed, or the signature may have been
created with a private key that doesn’t correspond to the public key presented
by the signer.
If the two hashes match, the recipient can be certain that the public key used to
decrypt the digital signature corresponds to the private key used to create the
digital signature. Confirming the identity of the signer, however, also requires
some way of confirming that the public key really belongs to a particular person
or other entity.9/18/2018 CREATED BY SOHAM KANSODARIA 6
7. DIAGRAM TERMS(DIGITAL SIGNATURE)
One Way Hash
Tamper detection and related authentication techniques rely on a mathematical function
called a one-way hash. This function is also called a message digest. A one-way hash is a
number of fixed length with the following characteristics:
The value of the hash is unique for the hashed data. Any change in the data, even deleting or altering a
single character, results in a different value.
The content of the hashed data cannot, for all practical purposes, be deduced from the hash — which is why
it is called one-way.
9/18/2018 CREATED BY SOHAM KANSODARIA 7
8. WORKING(DIGITAL SIGNATURE)
Digital signatures are based on public key cryptography, also known as
asymmetric cryptography. Using a public key algorithm such as RSA, one can
generate two keys that are mathematically linked: one private and one public.
To create a digital signature, signing software (such as an email program)
creates a one-way hash of the electronic data to be signed. The private key is
then used to encrypt the hash. The encrypted hash -- along with other
information, such as the hashing algorithm -- is the digital signature. The
reason for encrypting the hash instead of the entire message or document is
that a hash function can convert an arbitrary input into a fixed length value,
which is usually much shorter. This saves time since hashing is much faster
than signing.
The value of the hash is unique to the hashed data. Any change in the data,
even changing or deleting a single character, results in a different value. This
attribute enables others to validate the integrity of the data by using the
signer's public key to decrypt the hash.
9/18/2018 CREATED BY SOHAM KANSODARIA 8
9. WORKING(DIGITAL SIGNATURE)
If the decrypted hash matches a second computed hash of the same data, it
proves that the data hasn't changed since it was signed. If the two hashes
don't match, the data has either been tampered with in some way (integrity)
or the signature was created with a private key that doesn't correspond to
the public key presented by the signer (authentication).
A digital signature can be used with any kind of message -- whether it is
encrypted or not -- simply so the receiver can be sure of the sender's identity
and that the message arrived intact. Digital signatures make it difficult for the
signer to deny having signed something (non-repudiation) -- assuming their
private key has not been compromised -- as the digital signature is unique to
both the document and the signer, and it binds them together. A digital
certificate, an electronic document that contains the digital signature of the
certificate-issuing authority, binds together a public key with an identity and
can be used to verify a public key belongs to a particular person or entity.
9/18/2018 CREATED BY SOHAM KANSODARIA 9
10. ALGORITHM(DIGITAL SIGNATURE)
The Digital Signature Algorithm (DSA), developed by the National Institute of
Standards and Technology, is one of many examples of a signing algorithm.
Key Generation:
Parameter generation
Per-user keys
9/18/2018 CREATED BY SOHAM KANSODARIA 10
Signing
Let H be the hashing function and m the message:
Verifying
11. SIGNIFICANCE/IMPORTANCE(DIGIT
AL SIGNATURE)
The significance of a digital signature is comparable to the significance of a
handwritten signature. Once you have signed some data, it is difficult to deny doing
so later — assuming that the private key has not been compromised or out of the
owner’s control. This quality of digital signatures provides a high degree of non-
repudiation — that is, digital signatures make it difficult for the signer to deny having
signed the data. In some situations, a digital signature may be as legally binding as a
handwritten signature.
Apart from ability to provide non-repudiation of message, the digital signature also
provides message authentication and data integrity. Let us briefly see how this is
achieved by the digital signature −
Message authentication − When the verifier validates the digital signature using
public key of a sender, he is assured that signature has been created only by sender
who possess the corresponding secret private key and no one else.
9/18/2018 CREATED BY SOHAM KANSODARIA 11
12. SIGNIFICANCE/IMPORTANCE(DIGIT
AL SIGNATURE)
Data Integrity − In case an attacker has access to the data and modifies it,
the digital signature verification at receiver end fails. The hash of modified
data and the output provided by the verification algorithm will not match.
Hence, receiver can safely deny the message assuming that data integrity
been breached.
Non-repudiation − Since it is assumed that only the signer has the
knowledge of the signature key, he can only create unique signature on a
given data. Thus the receiver can present data and the digital signature to a
third party as evidence if any dispute arises in the future.
9/18/2018 CREATED BY SOHAM KANSODARIA 12
13. ATTACKS(DIGITAL SIGNATURE)
Key-only attack
The attacker is only given the public verification key.
Known message attack
The attacker is given valid signatures for a variety of messages known by the
attacker but not chosen by the attacker.
Adaptive chosen message attack
The attacker first learns signatures on arbitrary messages of the attacker's choice.
9/18/2018 CREATED BY SOHAM KANSODARIA 13
14. FORGERY(DIGITAL SIGNATURE)
What is forgery?
digital signature forgery is the ability to create a pair consisting of a message, m , and
a signature (or MAC), σ , that is valid for m, where m has not been signed in the past
by the legitimate signer.
Existential Forgery
It is the creation (by an adversary) of any message/signature pair (m,σ), where σ was
not produced by the legitimate signer.
Selective Forgery
Selective forgery is the creation (by an adversary) of a message/signature pair (m,σ)
where m has been chosen by the adversary prior to the attack.
Universal forgery
Universal forgery is the creation (by an adversary) of a valid signature, σ , for any
given message, m.9/18/2018 CREATED BY SOHAM KANSODARIA 14
15. TYPES(DIGITAL SIGNATURE)
Different document processing platforms support and allow the creation of
different types of digital signatures.
Adobe supports
Certified digital signatures
Approval digital signatures
Microsoft Word supports
Visible digital signatures
Non-visible digital signatures
For more detail click here
9/18/2018 CREATED BY SOHAM KANSODARIA 15
16. USAGE(DIGITAL SIGNATURE)
Everyone can benefit from replacing paper-based workflows with digital
signatures. Below are just a few examples of the industries who have
adopted digital signatures to shorten project timelines, save on costs,
and automate document workflows.(reference)
Architecture, Engineering, Construction,Healthcare, Life
Sciences,Financial Services, Insurance and many more
Nowadays many companies are uses digital signatures for efilling,
etender and eprocurement websites click here
For more uses on digital signatures click here
9/18/2018 CREATED BY SOHAM KANSODARIA 16