Você está na página 1de 7

DIGITAL SIGNATURE

--application of image processing

K SANTOSH CSE III YEAR


NIZAM INSTITUTE OF ENGG & TECH

N NAGA REVANTH CSE III YEAR


NIZAM INSTITUTE OF ENGG & TECH

Email:santu.karnati@gmail.com Contact No:9912524238 ABSTRACT In todays computer-centric world, it is quite difficult to access through any confidential stuff for either the govt. or any common man without any hesitation. But can the work be stopped in the terror of the information being understood by unauthorised and unintended? Immediate answer we hear is a big NO. Then, is there any way to continue our work without having any disturbances in between? YES, there arises the concept of cryptography, which is the science of information security. The four main objectives of cryptography are security, privacy, confidential and authenticity. There are many ways of applying cryptography and one of the many is Digital signature which is also known as advanced electronic signature. The person who is signing a document can see his signature is an ordinary signature whereas his signature is invisible is digital signature. This is a basic difference between an ordinary signature and a digital signature. This paper presents you an overview of the digital signature concept.

Email:nagarevanth@yahoo.com Contact No: 9949576202

1.INTRODUCTION Cryptography, to most people, is concerned with keeping communications private. The underlying principle of cryptography in any form is the transformation of data (plaintext) into some indecipherable form (ciphertext) Encryption - and the corresponding transformation back into understandable form - decryption. Cryptography is used to achieve number of processes useful in the electronic world. Authentication provides the means of ensuring the identity of a user; a digital timestamp bound to information can establish when it was created; the digital signature itself can be used to prove who sent a document, and prevent the originator repudiating ownership. Digital signatures are often used to implement electronic signatures, a broader term that refers to any electronic data that carries the intent of a signature], but not all electronic signatures use digital signatures. In some countries, including

the United States, and in the European Union, electronic signatures have legal significance. 2.DIGITAL SIGNATUREDEFINITION A digital signature or digital signature scheme is a type of asymmetric cryptography used to simulate the security properties of a signature in digital, rather than written, form. Digital signature schemes normally give two algorithms, one for signing which involves the user's secret or private key, and one for verifying signatures which involves the user's public key. The output of the signature process is called the "digital signature." Digital signatures, like written signatures, are used to provide authentication of the associated input, usually called a "message." Messages may be anything, from electronic mail to a contract, or even a message sent in a more complicated cryptographic protocol. Digital signatures are used to create public key infrastructure (PKI) schemes in which a user's public key is tied to a user by a digital identity certificate issued by a certificate authority. PKI schemes attempt to unbreakably bind user information (name, address, phone number, etc.) to a public key, so that public keys can be used as a form of identification.

3.WHY DIGITAL SIGNATURE? Below are some common reasons for applying a digital signature to communications: 3-1.Authentication Although messages may often include information about the entity sending a message, that information may not be accurate. Digital signatures can be used to authenticate the source of messages. When ownership of a digital signature secret key is bound to a specific user, a valid signature shows that the message was sent by that user. The importance of high confidence in sender authenticity is especially obvious in a financial context. 3-2.Integrity In many scenarios, the sender and receiver of a message may have a need for confidence that the message has not been altered during transmission. Although encryption hides the contents of a message, it may be possible to change an encrypted message without understanding it. However, if a message is digitally signed, any change in the message will invalidate the signature. Furthermore, there is no efficient way to modify a message and its signature to produce a new message with a valid signature, because this is still considered to be computationally infeasible by most cryptographic hash functions. 4.HOW DIGITAL SIGNATURE WORKS? Using Bob and Alice, we can illustrate how standard electronic signatures are applied and verified.


Money

Public key Encryption algorithm

Money K-M (m)

)
Simple digital signature

Step 1: Getting a Private and Public Key In order to electronically sign documents with standard electronic signatures, Bob needs to obtain a Private and Public Key a one-time setup/operation. The Private Key, as the name implies, is not shared and is used only by the signer to sign documents. The Public Key is openly available and used by those that need to validate the signers electronic signature.

signature is unique to both the document and the user. Finally, the electronic signature is appended to the document.

Step 2: Signing an Electronic Document From Bobs perspective, the signing operation can be as simple as a click of a button. But several things are happening with that one click: 1. Initiate the signing process Depending on the software used, Bob needs to initiate the signing process (e.g. clicking a Sign button on the softwares toolbar). 2. Create an electronic signature - A unique digital fingerprint of the document (sometimes called Message Digest or Document Hash) is created using a mathematical algorithm (such as SHA-1). Even the slightest difference between two documents would create a different digital fingerprint of the document. 3. Append the signature to the document The hash result and the users digital certificate (which includes his Public Key) are combined into an electronic signature (by using the users Private Key to encrypt the document hash). The resulting

Step 3: Validating the Electronic Signature Bob sends the signed document to Alice. Alice uses Bobs public key (which is included in the signature within the Digital Certificate) to authenticate Bobs signature and to ensure that no changes were made to the signed document after it was signed. Alice: 1. Initiates the validation process Depending on the software used, Alice needs to initiate the signing process (e.g. clicking a Validate Signature menu option button on the softwares toolbar). 2. Decrypts Bobs signature using his Public Key and gets the original document (the document fingerprint). 3. Compares Bobs document fingerprint with her calculated one Alices software then calculated the document hash of the received documents and compared it with the original document hash (from the previous step). If they are the same, the signed document has not been altered.

There is another factor still missing from this description. How can Alice know whether Bob is indeed the same person she intends to conduct business with, or even that it is really Bob? Bob needs to be certified by a trusted third party that knows him and can verify that he is indeed who he claims to be. These trusted third parties are called Certificate Authorities (CA). They issue certificates to ensure the authenticity of the signer. Certificates can be compared to passports issued by countries to their citizens for world travel. When a traveler arrives at a foreign country, there is no practical way to authenticate the travelers identity. Instead, the immigration policy is to trust the passport issuer (in PKI terminology: the CA) and use the passport to authenticate its holder in the same way that Alice uses the CAs certificate for authenticating Bobs identity. 5.DIGITAL SIGNATURE ALGORITHM A digital signature scheme typically consists of three algorithms: A key generation algorithm G that randomly produces a "key pair" (PK,

SK) for the signer. PK is the verifying key, which is to be public, and SK is the signing key, to be kept private. A signing algorithm S, that on input of a message m and a signing key SK, produces a signature . A signature verifying algorithm V, that on input a message m, a verifying key PK, and a signature , either accepts or rejects. Two main properties are required. First, signatures computed honestly should always verify. That is, V should accept (m, PK, S (m, SK)) where SK is the secret key related to PK, for any message m. Secondly, it should be hard for any adversary, knowing only PK, to create valid signature(s). Some other digital signature algorithms Full Domain Hash, RSA-PSS etc., based on RSA, DSA, ECDSA, Undeniable signature Rabin signature algorithm Point cheval-Stern signature algorithm 6. DRAWBACKS OF DIGITAL SIGNATURE: 6-1. Association of digital signatures and trusted time stamping. Digital signature algorithms and protocols do not inherently provide certainty about the date and time at which the underlying document was signed. The signer might, or might not, have included a time stamp with the signature, or the document itself might have a date mentioned on it, but a later reader cannot be certain the signer did not, for instance, backdate the date or time of the signature. Such misuse can be made impracticable by using trusted time stamping in addition to digital signatures.

unreliable for many PCs and operating systems. 6-2.Non-repudiation In a cryptographic context, the word repudiation refers to any act of disclaiming responsibility for a message. A message's recipient may insist the sender attach a signature in order to make later repudiation more difficult, since the recipient can show the signed message to a third party to reinforce a claim as to its signatories and integrity. However, loss of control over a user's private key will mean that all digital signatures using that key, and so ostensibly 'from' that user, are suspect. It is aggravated by the fact there is no trusted time stamp, so new documents key cannot be separated from old ones, further complicating signature key invalidation. Certificate Authorities. Usually maintain a public repository of public-key so the association user-key is certified and signatures cannot be repudiated. 7. ADDITIONAL SECURITY PRECAUTIONS 7-1.Putting the private key on a smart card All public key / private key cryptosystems depend entirely on keeping the private key secret. A private key can be stored on a user's computer, and protected by, for instance, a local password, but this has two disadvantages: the user can only sign documents on that particular computer and the security of the private key completely depends on the security of the computer, which is notoriously

A credit card with smart card capabilities. The 3 by 5 mm chip embedded in the card is shown enlarged in the insert. Smart cards attempt to combine portability with the power to compute modern cryptographic algorithms.

A more secure alternative is to store the private key on a smart card. If the smart card is stolen, the thief will still need the PIN code to generate a digital signature. This reduces the security of the scheme to that of the PIN system, but is nevertheless more secure than are many PCs. 7-2.Using smart card readers with a separate keyboard Entering a PIN code to activate the smart card, commonly requires a numeric keypad. Some card readers have their own numeric keypad. This is safer than using a card reader integrated into a PC, and then entering the PIN using that computer's keyboard. The computer might be running a keystroke logger (by its owner/operators intention or otherwise -- due to a virus, for instance) so that the PIN code becomes compromised. 8.THE CURRENT STATE OF USELEGAL & PRACTICAL

Digital signature schemes all have several prior requirements without which no such signature can mean anything, whatever the cryptographic theory or legal provision. First, quality algorithms. Some publickey algorithms are known to be insecure, practicable attacks against them having been discovered. Second, quality implementations. An implementation of a good algorithm (or protocol) with mistake(s) will not work. Third, the private key must remain actually secret; if it becomes known to any other party, that party can produce perfect digital signatures of anything whatsoever. Fourth, distribution of public keys must be done in such a way that the public key claimed to belong to, say, Bob actually belongs to Bob, and vice versa. This is commonly done using a public key infrastructure and the public key user association is attested by the operator of the PKI (called a certificate authority). For 'open' PKIs in which anyone can request such an attestation (universally embodied in a cryptographically protected identity certificate), the possibility of mistaken attestation is non trivial. Commercial PKI operators have suffered several publicly known problems. Such mistakes could lead to falsely signed, and thus wrongly attributed, documents. 'Closed' PKI systems are more expensive, but less easily subverted in this way. Fifth, users (and their software) must carry out the signature protocol properly. 9. CERTIFICATION AUTHORITIES For public key systems to work, there need to be trusted mechanisms that associate a public key with the individual to which it has been assigned.

This requires the creation of Certification Authorities that certify public keys as belonging to certain individuals. Certification authorities sign public key certificates with their own private key, so that key has to be trusted. This leads to the concept of certificate hierarchies.It is an example of a trusted third party. Only if all of these conditions are met will a digital signature actually be any evidence of who sent the message, and therefore of their assent to its contents. Legal enactment cannot change this reality of the existing engineering possibilities, though some such have not reflected this actuality. 10. CONCLUSION So digital signature thus helps cryptography to prove itself. Cryptography and digital signature form a useful pair. We have seen that digital signatures utilising the public key cryptography system have every potential to achieve the same level of legal recognition as handwritten signatures. However, the main obstacle at present is in the functional element of non-repudiation. Assistance is required from the law to help it attain the functional element of non-repudiation. Once non-repudiation has been achieved, then and only then, can electronic commerce be expected to be successfully taken up. Let us use this technology for constructive purposes rather than destructive purposes. 11. REFERENCES [1] The History of Lotus Notes, accessed April 27, 2007. [2] Modern Cryptography: Theory & Practice", Wenbo Mao, Prentice Hall Professional.

[3] Yozons digital signature reference.

Você também pode gostar