Digital Signatures - PowerPoint PPT Presentation

1 / 17
About This Presentation
Title:

Digital Signatures

Description:

... contents of message in a manner provable to a disinterested third party ('judge') Sender cannot deny having sent message (service is 'nonrepudiation' ... – PowerPoint PPT presentation

Number of Views:30
Avg rating:3.0/5.0
Slides: 18
Provided by: matt298
Category:

less

Transcript and Presenter's Notes

Title: Digital Signatures


1
Digital Signatures
  • CSSE 490 Computer Security
  • Mark Ardis, Rose-Hulman Institute
  • April 12, 2004

2
Digital Signature
  • Construct that authenticated origin, contents of
    message in a manner provable to a disinterested
    third party (judge)
  • Sender cannot deny having sent message (service
    is nonrepudiation)
  • Limited to technical proofs
  • Inability to deny ones cryptographic key was
    used to sign
  • One could claim the cryptographic key was stolen
    or compromised
  • Legal proofs, etc., probably required not dealt
    with here

3
Shared Key
  • Alice, Bob share key k
  • Alice sends m m k to Bob
  • Is this a digital signature?

4
Classical Digital Signatures
  • Require trusted third party
  • Alice, Bob each share keys with trusted party
    Cathy
  • To resolve dispute, judge gets m kAlice , m
    kBob , and has Cathy decipher them if messages
    matched, contract was signed

m kAlice
Bob
Alice
m kAlice
Bob
Cathy
m kBob
Cathy
Bob
5
Public Key Digital Signatures
  • Alices keys are dAlice, eAlice
  • Alice sends Bob
  • m m dAlice
  • In case of dispute, judge computes
  • m dAlice eAlice
  • and if it is m, Alice signed message
  • Shes the only one who knows dAlice!

6
RSA Digital Signatures
  • Use private key to encipher message
  • Protocol for use is critical
  • Key points
  • Never sign random documents, and when signing,
    always sign hash and never document
  • Mathematical properties can be turned against
    signer
  • Sign message first, then encipher
  • Changing public keys causes forgery

7
Properties of modulo arithmetic 1/3
  • P1 ((a mod p)(b mod p)) mod p (ab) mod
    p
  • Proof
  • a jpx, b kpy for x,y lt p
  • ab (jpx) (kpy)
  • (...)p xy
  • (ab) mod p (xy) mod p

8
Properties of modulo arithmetic 2/3
  • P2 a mod p b mod p ?
  • aZ mod p bZ mod p
  • Proof
  • a jpx, b kpx for x lt p
  • aZ (jpx)Z (...)pxz
  • bZ (kpx)Z (...)pxz

9
Properties of modulo arithmetic 3/3
  • P3 fz gz (f g)z
  • Therefore
  • ((a mod p)z (b mod p)z) mod p
  • ((a mod p) (b mod p))z mod p
  • (a b)z mod p

10
Attack 1
  • Want to claim agreement on m
  • Find m1, m2 such that
  • m1 m2 mod nB m mod nB
  • Obtain signed versions of m1, m2
  • a1 m1dB mod nB
  • a2 m2dB mod nB
  • Produce a1 a2 mod nB mdB mod nB

11
Attack 2
  • Suppose Alice sends a signed message by
    enciphering first, then signing
  • c (meB mod nB)dA mod nA
  • Bob finds another public key reB, such that Mr
    m
  • c (MreB mod nB)dA mod nA

12
Storing Keys
  • Multi-user or networked systems attackers may
    defeat access control mechanisms
  • Encipher file containing key
  • Attacker can monitor keystrokes to decipher files
  • Key will be resident in memory that attacker may
    be able to read
  • Use physical devices like smart card
  • Key never enters system
  • Card can be stolen, so have 2 devices combine
    bits to make single key

13
Key Escrow
  • Key escrow system allows authorized third party
    to recover key
  • Useful when keys belong to roles, such as system
    operator, rather than individuals
  • Business recovery of backup keys
  • Law enforcement recovery of keys that authorized
    parties require access to
  • Goal provide this without weakening cryptosystem
  • Very controversial

14
Components
  • User security component
  • Does the encipherment, decipherment
  • Supports the key escrow component
  • Key escrow component
  • Manages storage, use of data recovery keys
  • Data recovery component
  • Does key recovery

15
Key Revocation
  • Certificates invalidated before expiration
  • Usually due to compromised key
  • May be due to change in circumstance (e.g.,
    someone leaving company)
  • Problems
  • Entity revoking certificate authorized to do so
  • Revocation information circulates to everyone
    fast enough
  • Network delays, infrastructure problems may delay
    information

16
CRLs
  • Certificate revocation list lists certificates
    that are revoked
  • PGP signers can revoke signatures owners can
    revoke certificates, or allow others to do so

17
Key Points
  • Key management critical to effective use of
    cryptosystems
  • Different levels of keys (session vs.
    interchange)
  • Keys need infrastructure to identify holders,
    allow revoking
  • Key escrowing complicates infrastructure
  • Digital signatures provide integrity of origin
    and content
  • Much easier with public key cryptosystems than
    with classical cryptosystems
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Digital Signatures" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!