SlideShare une entreprise Scribd logo

Presentation on digital signatures & digital certificates

V
Vivaka Nand

digital signatures & digital certificates

Ingénierie
1  sur  32
Télécharger pour lire hors ligne
DIGITAL SIGNATURE & DIGITAL CERTIFICATE Vivek Anand Jetani (D-15-TE-64) Dawood University of Engineering & Technology Karachi
What is Digital Signature?What is Digital Signature?  Digital signature technique is based on public key cryptography with a difference.  In public key cryptography a pair of keys are used, one public key and one private key. The public key is often used for message encryption , and the private key is often used for decrypting the message.  However in case of digital signature message is encrypted with the private key and decrypted with the public key.  Only a specific person with the corresponding private key can encrypt the message or in other words sign the message. However any party who has the signatory’s public key can encrypt the message, in other words can verify the message.
3
4 How to Use?How to Use?
WHY DIGITAL SIGNATURE
 Authentication: Authentication means the act of proving who you say you are. Authentication means that you know who created and sent the message. Digital signature is used to authenticate the source of messages. It ensures the user of the sender.  Integrity: Integrity ensures that when a message is sent over a network, the data that arrives is the same as the data that was originally sent. Integrity is the assurance that the information is trustworthy and accurate. Digital signature ensures the integrity of message.  Non-repudiation: This is an important criteria of digital signature. As digital signature ensures the authentication of the message, so the sender can’t repudiate it later. At the same time it also ensures the identity of the receiver, so the receiver can’t repudiate it later. 6 WHY DIGITAL SIGNATURE
Why Digital Signature ? – Authenticate identity of sender – Ensure the original Content of Message – Non-Repudiation – Verifiability by independent, public or third party
Digital Signature
How digital Signature works? User A User B Use A’s private key to sign the document Transmit via the Internet User B received the document with signature attachedVerify the signature by A’s public key stored at the directory
Digital Signatures (1) Required Conditions: 1. Receiver can verify claimed identity of sender. 2. Sender cannot later repudiate(deny) contents of message. 3. Receiver cannot have concocted message himself.
 Uses secure hash algorithm  Condenses message to 160 bit  Key size 512-1024 bits  Proposed by NIST(National Institute of Standards and Technology) in 1991 DIGITAL SIGNATURE STANDARDS
 Trusted Third Party  An organization which issues public key certificates  Assures the identity of the parties to whom it issues certificates  Maintains online access to the public key certificates issued CERTIFYING AUTHORITY(CA)
Digital Certificates
What is Digital Certificate ? An attachment to an electronic message used for security purposes.
What are Digital Certificates? A digital certificate (DC) is a digital file that certifies the identity of an individual or institution, or even a router seeking access to computer- based information. It is issued by a Certification Authority (CA), and serves the same purpose as a driver’s license or a passport.
Digital Certificate
Digital Certificates • Digital Certificate is a data with digital signature from one trusted Certification Authority (CA). • This data contains: – Who owns this certificate – Who signed this certificate – The expired date – User name & email address
Who issues Digital Certificate? An individual wishing to send an encrypted message applies for a digital certificate from a Certificate Authority. The CA issues an encrypted digital certificate containing the applicant's public key and a variety of other identification information. The CA makes its own public key readily available through print publicity or perhaps on the Internet.
How it Works?  The recipient of an encrypted message uses the CA's public key to decode the digital certificate attached to the message, verifies it as issued by the CA and then obtains the sender's public key and identification information held within the certificate. With this information, the recipient can send an encrypted reply.
What are Certification Authorities? Certification Authorities are the digital world’s equivalent to passport offices. They issue digital certificates and validate holders’ identity and authority. They embed an individual or institution’s public key along with other identifying information into each digital certificate and then cryptographically sign it as a tamper- proof seal verifying the integrity of the data within it, and validating its use.
What is the Process of obtaining a certificate? 1.Subscriber (sender) generates a publicprivate key pair. Applies to CA for digital certificate with the public key. 2.CA verifies subscriber's identity and issues digital certificate containing the public key. 3.CA publishes certificate to public, on-line repository. 4.Subscriber signs message with private key and sends message to second party. 5.Receiving party verifies digital signature with sender's public key and requests verification of sender's digital certificate from CA's public repository. 6.Repository reports status of subscriber's certificate.
Bob’s public key Bob’s identifying information CA private key KB + certificate for Bob’s public key, signed by CA Digital signature (encrypt) KB + KCA - Bob’s public key Bob’s identifying information CA private key KB + certificate for Bob’s public key, signed by CA Digital signature (encrypt) KB + KCA What is the Process in obtaining aWhat is the Process in obtaining a certificate?certificate?
Types of Digital Certificates  There are four main types of digital certificates :-  Server Certificates  Personal Certificates  Organization Certificates  Developer Certificates
Server Certificates  Allows visitors to exchange personal information such as credit card numbers, free from the threat of interception or tampering.  Server Certificates are a must for building and designing e-commerce sites as confidential information is shared between clients, customers and vendors.
Personal Certificates  Personal Certificates allow one to authenticate a visitor’s identity and restrict access to specified content to particular visitors.  Personal Certificates are perfect for business to business communications such as offering suppliers and partners controlled access to special web sites for updating product availability, shipping dates and inventory management.
Organization & Developer Certificates  Organization Certificates are used by corporate entities to identify employees for secure e-mail and web-based transaction.  Developer Certificates prove authorship and retain integrity of distributed software programs e.g. installing a software on a computer system in most instances requires what is called a “serial key”
What Does a Digital Certificate Contain? It contains your name, a serial number, expiration date, a copy of the certificate- holder's public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. Some digital certificates conform to the X.509 standard.
Why are they Used? There are four(4) main uses: 1. Proving the Identity of the sender of a transaction 2. Non Repudiation – the owner of the certificate cannot deny partaking in the transaction 3. Encryption and checking the integrity of data - provide the receiver with the means to encode a reply. 4. Single Sign-On - It can be used to validate a user and log them into various computer systems without having to use a different password for each system
Public & Private Keys Public and Private Key pairs comprise of two uniquely related cryptographic keys. Public key is made accessible to everyone, whereas Private key remains confidential to its respective owner. Since both keys are mathematically related only the corresponding private key can decrypt their corresponding public key.
Where are Digital Certificates Used?  In a number of Internet applications that include:  1.Secure Socket Layer (SSL) developed by Netscape Communications Corporation  2. Secure Multipurpose Internet Mail Extensions (S/MIME) Standard for securing email and electronic data interchange (EDI).  3. Secure Electronic Transactions (SET) protocol for securing electronic payments  4. Internet Protocol Secure Standard (IPSec) for authenticating networking devices
Standards for Digital Certificate The most widely used standard for digital certificates is X.509
Thank You

Recommandé

Digital Signature
Digital SignatureDigital Signature
Digital Signaturesaurav5884
 
Digital certificates
Digital certificatesDigital certificates
Digital certificatesBuddhika Karunanayaka
 
Digital certificates
Digital certificatesDigital certificates
Digital certificatesSimmi Kamra
 
Digital signatures
Digital signaturesDigital signatures
Digital signaturesIshwar Dayal
 
Seminar ppt on digital signature
Seminar ppt on digital signatureSeminar ppt on digital signature
Seminar ppt on digital signaturejolly9293
 
Digital signature
Digital signatureDigital signature
Digital signaturePraseela R
 
Digital certificates & its importance
Digital certificates & its importanceDigital certificates & its importance
Digital certificates & its importancesvm
 
Digital Certificate
Digital CertificateDigital Certificate
Digital CertificateSumant Diwakar
 

Contenu connexe

Tendances

Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authorityKrutiShah114
 
DIGITAL SIGNATURE
DIGITAL SIGNATUREDIGITAL SIGNATURE
DIGITAL SIGNATUREravijain90
 
Digital certificates
Digital certificates Digital certificates
Digital certificates Sheetal Verma
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signaturesRohit Bhat
 
Digital certificates in e commerce
Digital certificates in e commerceDigital certificates in e commerce
Digital certificates in e commercemahesh tawade
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key InfrastructureTheo Gravity
 
Network security and cryptography
Network security and cryptographyNetwork security and cryptography
Network security and cryptographyPavithra renu
 
Public key infrastructure
Public key infrastructurePublic key infrastructure
Public key infrastructureAditya Nama
 
Digital Signatures
Digital SignaturesDigital Signatures
Digital SignaturesEhtisham Ali
 

Tendances (20)

Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authority
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Digital signature & certificate
Digital signature & certificateDigital signature & certificate
Digital signature & certificate
 
Digital Signature ppt
Digital Signature pptDigital Signature ppt
Digital Signature ppt
 
Digital signature
Digital signatureDigital signature
Digital signature
 
DIGITAL SIGNATURE
DIGITAL SIGNATUREDIGITAL SIGNATURE
DIGITAL SIGNATURE
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Digital certificates
Digital certificates Digital certificates
Digital certificates
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signatures
 
Digital certificates in e commerce
Digital certificates in e commerceDigital certificates in e commerce
Digital certificates in e commerce
 
Kerberos
KerberosKerberos
Kerberos
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key Infrastructure
 
Network security and cryptography
Network security and cryptographyNetwork security and cryptography
Network security and cryptography
 
Public key infrastructure
Public key infrastructurePublic key infrastructure
Public key infrastructure
 
Digital Signatures
Digital SignaturesDigital Signatures
Digital Signatures
 
Digital Signature.pptx
Digital Signature.pptxDigital Signature.pptx
Digital Signature.pptx
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 

Similaire à Presentation on digital signatures & digital certificates

Digital signature & PKI Infrastructure
Digital signature & PKI InfrastructureDigital signature & PKI Infrastructure
Digital signature & PKI InfrastructureShubham Sharma
 
Kumkum digital certificate
Kumkum digital certificateKumkum digital certificate
Kumkum digital certificateKumkum Sharma
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and ApplicationsSvetlin Nakov
 
Digital Signatdsbuisduifhudosffdosfure.pptx
Digital Signatdsbuisduifhudosffdosfure.pptxDigital Signatdsbuisduifhudosffdosfure.pptx
Digital Signatdsbuisduifhudosffdosfure.pptxMuthuvasanSR
 
Digital Signature in Indian Evidence act .pptx
Digital Signature in Indian Evidence act .pptxDigital Signature in Indian Evidence act .pptx
Digital Signature in Indian Evidence act .pptx9jz8vgkshv
 
Digital signature
Digital signatureDigital signature
Digital signatureAJAL A J
 
csedigitalsignatureppt-170420041737.pdf
csedigitalsignatureppt-170420041737.pdfcsedigitalsignatureppt-170420041737.pdf
csedigitalsignatureppt-170420041737.pdfMehediHasanShaon1
 
Seminar presentation on digital signature ppt
Seminar presentation on digital signature pptSeminar presentation on digital signature ppt
Seminar presentation on digital signature pptRavi Ranjan
 
digital signature ppt
digital signature pptdigital signature ppt
digital signature pptNitesh Dubey
 
Digital signature by mohsin iftikhar
Digital signature by mohsin iftikhar Digital signature by mohsin iftikhar
Digital signature by mohsin iftikhar Mohsin Ali
 
Mutual Authentication For Wireless Communication
Mutual Authentication For Wireless CommunicationMutual Authentication For Wireless Communication
Mutual Authentication For Wireless Communicationmanish kumar
 
Cryptograpy Exam
Cryptograpy ExamCryptograpy Exam
Cryptograpy ExamLisa Olive
 
Iaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured emailIaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured emailIaetsd Iaetsd
 
I would appreciate help with these 4 questions. Thank You.1) Expla.pdf
I would appreciate help with these 4 questions. Thank You.1) Expla.pdfI would appreciate help with these 4 questions. Thank You.1) Expla.pdf
I would appreciate help with these 4 questions. Thank You.1) Expla.pdfJUSTSTYLISH3B2MOHALI
 

Similaire à Presentation on digital signatures & digital certificates (20)

Digital signature & PKI Infrastructure
Digital signature & PKI InfrastructureDigital signature & PKI Infrastructure
Digital signature & PKI Infrastructure
 
Digital certificates
Digital certificatesDigital certificates
Digital certificates
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Kumkum digital certificate
Kumkum digital certificateKumkum digital certificate
Kumkum digital certificate
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and Applications
 
Digital Signatdsbuisduifhudosffdosfure.pptx
Digital Signatdsbuisduifhudosffdosfure.pptxDigital Signatdsbuisduifhudosffdosfure.pptx
Digital Signatdsbuisduifhudosffdosfure.pptx
 
Digital Signature in Indian Evidence act .pptx
Digital Signature in Indian Evidence act .pptxDigital Signature in Indian Evidence act .pptx
Digital Signature in Indian Evidence act .pptx
 
Digital signature
Digital signatureDigital signature
Digital signature
 
csedigitalsignatureppt-170420041737.pdf
csedigitalsignatureppt-170420041737.pdfcsedigitalsignatureppt-170420041737.pdf
csedigitalsignatureppt-170420041737.pdf
 
Seminar presentation on digital signature ppt
Seminar presentation on digital signature pptSeminar presentation on digital signature ppt
Seminar presentation on digital signature ppt
 
digital signature ppt
digital signature pptdigital signature ppt
digital signature ppt
 
Digital signature by mohsin iftikhar
Digital signature by mohsin iftikhar Digital signature by mohsin iftikhar
Digital signature by mohsin iftikhar
 
Digital_signature_ppt.pptx
Digital_signature_ppt.pptxDigital_signature_ppt.pptx
Digital_signature_ppt.pptx
 
E-Business security
E-Business security E-Business security
E-Business security
 
Mutual Authentication For Wireless Communication
Mutual Authentication For Wireless CommunicationMutual Authentication For Wireless Communication
Mutual Authentication For Wireless Communication
 
Cryptograpy Exam
Cryptograpy ExamCryptograpy Exam
Cryptograpy Exam
 
Iaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured emailIaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured email
 
The world of encryption
The world of encryptionThe world of encryption
The world of encryption
 
Digital Certificate Email usage
Digital Certificate Email usageDigital Certificate Email usage
Digital Certificate Email usage
 
I would appreciate help with these 4 questions. Thank You.1) Expla.pdf
I would appreciate help with these 4 questions. Thank You.1) Expla.pdfI would appreciate help with these 4 questions. Thank You.1) Expla.pdf
I would appreciate help with these 4 questions. Thank You.1) Expla.pdf
 

Dernier

Secure Key Crypto - Tech Paper JET Tech Labs
Secure Key Crypto - Tech Paper JET Tech LabsSecure Key Crypto - Tech Paper JET Tech Labs
Secure Key Crypto - Tech Paper JET Tech Labsamber724300
 
Python Programming for basic beginners.pptx
Python Programming for basic beginners.pptxPython Programming for basic beginners.pptx
Python Programming for basic beginners.pptxmohitesoham12
 
Cost estimation approach: FP to COCOMO scenario based question
Cost estimation approach: FP to COCOMO scenario based questionCost estimation approach: FP to COCOMO scenario based question
Cost estimation approach: FP to COCOMO scenario based questionSneha Padhiar
 
Module-1-(Building Acoustics) Noise Control (Unit-3). pdf
Module-1-(Building Acoustics) Noise Control (Unit-3). pdfModule-1-(Building Acoustics) Noise Control (Unit-3). pdf
Module-1-(Building Acoustics) Noise Control (Unit-3). pdfManish Kumar
 
Curve setting (Basic Mine Surveying)_MI10412MI.pptx
Curve setting (Basic Mine Surveying)_MI10412MI.pptxCurve setting (Basic Mine Surveying)_MI10412MI.pptx
Curve setting (Basic Mine Surveying)_MI10412MI.pptxRomil Mishra
 
multiple access in wireless communication
multiple access in wireless communicationmultiple access in wireless communication
multiple access in wireless communicationpanditadesh123
 
Structural Integrity Assessment Standards in Nigeria by Engr Nimot Muili
Structural Integrity Assessment Standards in Nigeria by Engr Nimot MuiliStructural Integrity Assessment Standards in Nigeria by Engr Nimot Muili
Structural Integrity Assessment Standards in Nigeria by Engr Nimot MuiliNimot Muili
 
Indian Tradition, Culture & Societies.pdf
Indian Tradition, Culture & Societies.pdfIndian Tradition, Culture & Societies.pdf
Indian Tradition, Culture & Societies.pdfalokitpathak01
 
Robotics Group 10 (Control Schemes) cse.pdf
Robotics Group 10 (Control Schemes) cse.pdfRobotics Group 10 (Control Schemes) cse.pdf
Robotics Group 10 (Control Schemes) cse.pdfsahilsajad201
 
Robotics-Asimov's Laws, Mechanical Subsystems, Robot Kinematics, Robot Dynami...
Robotics-Asimov's Laws, Mechanical Subsystems, Robot Kinematics, Robot Dynami...Robotics-Asimov's Laws, Mechanical Subsystems, Robot Kinematics, Robot Dynami...
Robotics-Asimov's Laws, Mechanical Subsystems, Robot Kinematics, Robot Dynami...Sumanth A
 
CS 3251 Programming in c all unit notes pdf
CS 3251 Programming in c all unit notes pdfCS 3251 Programming in c all unit notes pdf
CS 3251 Programming in c all unit notes pdfBalamuruganV28
 
AntColonyOptimizationManetNetworkAODV.pptx
AntColonyOptimizationManetNetworkAODV.pptxAntColonyOptimizationManetNetworkAODV.pptx
AntColonyOptimizationManetNetworkAODV.pptxLina Kadam
 
KCD Costa Rica 2024 - Nephio para parvulitos
KCD Costa Rica 2024 - Nephio para parvulitosKCD Costa Rica 2024 - Nephio para parvulitos
KCD Costa Rica 2024 - Nephio para parvulitosVictor Morales
 
Immutable Image-Based Operating Systems - EW2024.pdf
Immutable Image-Based Operating Systems - EW2024.pdfImmutable Image-Based Operating Systems - EW2024.pdf
Immutable Image-Based Operating Systems - EW2024.pdfDrew Moseley
 
Gravity concentration_MI20612MI_________
Gravity concentration_MI20612MI_________Gravity concentration_MI20612MI_________
Gravity concentration_MI20612MI_________Romil Mishra
 
Artificial Intelligence in Power System overview
Artificial Intelligence in Power System overviewArtificial Intelligence in Power System overview
Artificial Intelligence in Power System overviewsandhya757531
 
Module-1-Building Acoustics(Introduction)(Unit-1).pdf
Module-1-Building Acoustics(Introduction)(Unit-1).pdfModule-1-Building Acoustics(Introduction)(Unit-1).pdf
Module-1-Building Acoustics(Introduction)(Unit-1).pdfManish Kumar
 
High Voltage Engineering- OVER VOLTAGES IN ELECTRICAL POWER SYSTEMS
High Voltage Engineering- OVER VOLTAGES IN ELECTRICAL POWER SYSTEMSHigh Voltage Engineering- OVER VOLTAGES IN ELECTRICAL POWER SYSTEMS
High Voltage Engineering- OVER VOLTAGES IN ELECTRICAL POWER SYSTEMSsandhya757531
 
Uk-NO1 Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Exp...
Uk-NO1 Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Exp...Uk-NO1 Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Exp...
Uk-NO1 Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Exp...Amil baba
 

Dernier (20)

Secure Key Crypto - Tech Paper JET Tech Labs
Secure Key Crypto - Tech Paper JET Tech LabsSecure Key Crypto - Tech Paper JET Tech Labs
Secure Key Crypto - Tech Paper JET Tech Labs
 
Python Programming for basic beginners.pptx
Python Programming for basic beginners.pptxPython Programming for basic beginners.pptx
Python Programming for basic beginners.pptx
 
ASME-B31.4-2019-estandar para diseño de ductos
ASME-B31.4-2019-estandar para diseño de ductosASME-B31.4-2019-estandar para diseño de ductos
ASME-B31.4-2019-estandar para diseño de ductos
 
Cost estimation approach: FP to COCOMO scenario based question
Cost estimation approach: FP to COCOMO scenario based questionCost estimation approach: FP to COCOMO scenario based question
Cost estimation approach: FP to COCOMO scenario based question
 
Module-1-(Building Acoustics) Noise Control (Unit-3). pdf
Module-1-(Building Acoustics) Noise Control (Unit-3). pdfModule-1-(Building Acoustics) Noise Control (Unit-3). pdf
Module-1-(Building Acoustics) Noise Control (Unit-3). pdf
 
Curve setting (Basic Mine Surveying)_MI10412MI.pptx
Curve setting (Basic Mine Surveying)_MI10412MI.pptxCurve setting (Basic Mine Surveying)_MI10412MI.pptx
Curve setting (Basic Mine Surveying)_MI10412MI.pptx
 
multiple access in wireless communication
multiple access in wireless communicationmultiple access in wireless communication
multiple access in wireless communication
 
Structural Integrity Assessment Standards in Nigeria by Engr Nimot Muili
Structural Integrity Assessment Standards in Nigeria by Engr Nimot MuiliStructural Integrity Assessment Standards in Nigeria by Engr Nimot Muili
Structural Integrity Assessment Standards in Nigeria by Engr Nimot Muili
 
Indian Tradition, Culture & Societies.pdf
Indian Tradition, Culture & Societies.pdfIndian Tradition, Culture & Societies.pdf
Indian Tradition, Culture & Societies.pdf
 
Robotics Group 10 (Control Schemes) cse.pdf
Robotics Group 10 (Control Schemes) cse.pdfRobotics Group 10 (Control Schemes) cse.pdf
Robotics Group 10 (Control Schemes) cse.pdf
 
Robotics-Asimov's Laws, Mechanical Subsystems, Robot Kinematics, Robot Dynami...
Robotics-Asimov's Laws, Mechanical Subsystems, Robot Kinematics, Robot Dynami...Robotics-Asimov's Laws, Mechanical Subsystems, Robot Kinematics, Robot Dynami...
Robotics-Asimov's Laws, Mechanical Subsystems, Robot Kinematics, Robot Dynami...
 
CS 3251 Programming in c all unit notes pdf
CS 3251 Programming in c all unit notes pdfCS 3251 Programming in c all unit notes pdf
CS 3251 Programming in c all unit notes pdf
 
AntColonyOptimizationManetNetworkAODV.pptx
AntColonyOptimizationManetNetworkAODV.pptxAntColonyOptimizationManetNetworkAODV.pptx
AntColonyOptimizationManetNetworkAODV.pptx
 
KCD Costa Rica 2024 - Nephio para parvulitos
KCD Costa Rica 2024 - Nephio para parvulitosKCD Costa Rica 2024 - Nephio para parvulitos
KCD Costa Rica 2024 - Nephio para parvulitos
 
Immutable Image-Based Operating Systems - EW2024.pdf
Immutable Image-Based Operating Systems - EW2024.pdfImmutable Image-Based Operating Systems - EW2024.pdf
Immutable Image-Based Operating Systems - EW2024.pdf
 
Gravity concentration_MI20612MI_________
Gravity concentration_MI20612MI_________Gravity concentration_MI20612MI_________
Gravity concentration_MI20612MI_________
 
Artificial Intelligence in Power System overview
Artificial Intelligence in Power System overviewArtificial Intelligence in Power System overview
Artificial Intelligence in Power System overview
 
Module-1-Building Acoustics(Introduction)(Unit-1).pdf
Module-1-Building Acoustics(Introduction)(Unit-1).pdfModule-1-Building Acoustics(Introduction)(Unit-1).pdf
Module-1-Building Acoustics(Introduction)(Unit-1).pdf
 
High Voltage Engineering- OVER VOLTAGES IN ELECTRICAL POWER SYSTEMS
High Voltage Engineering- OVER VOLTAGES IN ELECTRICAL POWER SYSTEMSHigh Voltage Engineering- OVER VOLTAGES IN ELECTRICAL POWER SYSTEMS
High Voltage Engineering- OVER VOLTAGES IN ELECTRICAL POWER SYSTEMS
 
Uk-NO1 Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Exp...
Uk-NO1 Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Exp...Uk-NO1 Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Exp...
Uk-NO1 Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Exp...
 

Presentation on digital signatures & digital certificates

  • 1. DIGITAL SIGNATURE & DIGITAL CERTIFICATE Vivek Anand Jetani (D-15-TE-64) Dawood University of Engineering & Technology Karachi
  • 2. What is Digital Signature?What is Digital Signature?  Digital signature technique is based on public key cryptography with a difference.  In public key cryptography a pair of keys are used, one public key and one private key. The public key is often used for message encryption , and the private key is often used for decrypting the message.  However in case of digital signature message is encrypted with the private key and decrypted with the public key.  Only a specific person with the corresponding private key can encrypt the message or in other words sign the message. However any party who has the signatory’s public key can encrypt the message, in other words can verify the message.
  • 3. 3
  • 6.  Authentication: Authentication means the act of proving who you say you are. Authentication means that you know who created and sent the message. Digital signature is used to authenticate the source of messages. It ensures the user of the sender.  Integrity: Integrity ensures that when a message is sent over a network, the data that arrives is the same as the data that was originally sent. Integrity is the assurance that the information is trustworthy and accurate. Digital signature ensures the integrity of message.  Non-repudiation: This is an important criteria of digital signature. As digital signature ensures the authentication of the message, so the sender can’t repudiate it later. At the same time it also ensures the identity of the receiver, so the receiver can’t repudiate it later. 6 WHY DIGITAL SIGNATURE
  • 7. Why Digital Signature ? – Authenticate identity of sender – Ensure the original Content of Message – Non-Repudiation – Verifiability by independent, public or third party
  • 9. How digital Signature works? User A User B Use A’s private key to sign the document Transmit via the Internet User B received the document with signature attachedVerify the signature by A’s public key stored at the directory
  • 10. Digital Signatures (1) Required Conditions: 1. Receiver can verify claimed identity of sender. 2. Sender cannot later repudiate(deny) contents of message. 3. Receiver cannot have concocted message himself.
  • 11.  Uses secure hash algorithm  Condenses message to 160 bit  Key size 512-1024 bits  Proposed by NIST(National Institute of Standards and Technology) in 1991 DIGITAL SIGNATURE STANDARDS
  • 12.  Trusted Third Party  An organization which issues public key certificates  Assures the identity of the parties to whom it issues certificates  Maintains online access to the public key certificates issued CERTIFYING AUTHORITY(CA)
  • 14. What is Digital Certificate ? An attachment to an electronic message used for security purposes.
  • 15. What are Digital Certificates? A digital certificate (DC) is a digital file that certifies the identity of an individual or institution, or even a router seeking access to computer- based information. It is issued by a Certification Authority (CA), and serves the same purpose as a driver’s license or a passport.
  • 17. Digital Certificates • Digital Certificate is a data with digital signature from one trusted Certification Authority (CA). • This data contains: – Who owns this certificate – Who signed this certificate – The expired date – User name & email address
  • 18. Who issues Digital Certificate? An individual wishing to send an encrypted message applies for a digital certificate from a Certificate Authority. The CA issues an encrypted digital certificate containing the applicant's public key and a variety of other identification information. The CA makes its own public key readily available through print publicity or perhaps on the Internet.
  • 19. How it Works?  The recipient of an encrypted message uses the CA's public key to decode the digital certificate attached to the message, verifies it as issued by the CA and then obtains the sender's public key and identification information held within the certificate. With this information, the recipient can send an encrypted reply.
  • 20. What are Certification Authorities? Certification Authorities are the digital world’s equivalent to passport offices. They issue digital certificates and validate holders’ identity and authority. They embed an individual or institution’s public key along with other identifying information into each digital certificate and then cryptographically sign it as a tamper- proof seal verifying the integrity of the data within it, and validating its use.
  • 21. What is the Process of obtaining a certificate? 1.Subscriber (sender) generates a publicprivate key pair. Applies to CA for digital certificate with the public key. 2.CA verifies subscriber's identity and issues digital certificate containing the public key. 3.CA publishes certificate to public, on-line repository. 4.Subscriber signs message with private key and sends message to second party. 5.Receiving party verifies digital signature with sender's public key and requests verification of sender's digital certificate from CA's public repository. 6.Repository reports status of subscriber's certificate.
  • 22. Bob’s public key Bob’s identifying information CA private key KB + certificate for Bob’s public key, signed by CA Digital signature (encrypt) KB + KCA - Bob’s public key Bob’s identifying information CA private key KB + certificate for Bob’s public key, signed by CA Digital signature (encrypt) KB + KCA What is the Process in obtaining aWhat is the Process in obtaining a certificate?certificate?
  • 23. Types of Digital Certificates  There are four main types of digital certificates :-  Server Certificates  Personal Certificates  Organization Certificates  Developer Certificates
  • 24. Server Certificates  Allows visitors to exchange personal information such as credit card numbers, free from the threat of interception or tampering.  Server Certificates are a must for building and designing e-commerce sites as confidential information is shared between clients, customers and vendors.
  • 25. Personal Certificates  Personal Certificates allow one to authenticate a visitor’s identity and restrict access to specified content to particular visitors.  Personal Certificates are perfect for business to business communications such as offering suppliers and partners controlled access to special web sites for updating product availability, shipping dates and inventory management.
  • 26. Organization & Developer Certificates  Organization Certificates are used by corporate entities to identify employees for secure e-mail and web-based transaction.  Developer Certificates prove authorship and retain integrity of distributed software programs e.g. installing a software on a computer system in most instances requires what is called a “serial key”
  • 27. What Does a Digital Certificate Contain? It contains your name, a serial number, expiration date, a copy of the certificate- holder's public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. Some digital certificates conform to the X.509 standard.
  • 28. Why are they Used? There are four(4) main uses: 1. Proving the Identity of the sender of a transaction 2. Non Repudiation – the owner of the certificate cannot deny partaking in the transaction 3. Encryption and checking the integrity of data - provide the receiver with the means to encode a reply. 4. Single Sign-On - It can be used to validate a user and log them into various computer systems without having to use a different password for each system
  • 29. Public & Private Keys Public and Private Key pairs comprise of two uniquely related cryptographic keys. Public key is made accessible to everyone, whereas Private key remains confidential to its respective owner. Since both keys are mathematically related only the corresponding private key can decrypt their corresponding public key.
  • 30. Where are Digital Certificates Used?  In a number of Internet applications that include:  1.Secure Socket Layer (SSL) developed by Netscape Communications Corporation  2. Secure Multipurpose Internet Mail Extensions (S/MIME) Standard for securing email and electronic data interchange (EDI).  3. Secure Electronic Transactions (SET) protocol for securing electronic payments  4. Internet Protocol Secure Standard (IPSec) for authenticating networking devices
  • 31. Standards for Digital Certificate The most widely used standard for digital certificates is X.509