Beruflich Dokumente
Kultur Dokumente
of Electronic Signature
and Electronic Records
Authenticity
Suppose A sends to B a
digitally signed message, how
would B make sure that it is
the message indeed originated
from A? How to authenticate
that the message was from A
only, and not from A1 or A2
11
Fundamental requirements
electronic
communications
transactions are
of
or
(ii)
message's integrity, the
recipient must be able to determine
whether or not the message received
has been modified en route or is
incomplete and
(iii) non-repudiation, the ability to
ensure that the sender cannot falsely
deny sending the message., nor falsely
deny the contents of the message.
13
The
terms
software
and
hardware are used as both nouns
and adjectives. For example, you
can say: "The problem lies in the
software," meaning that there is
a problem with the program or
data, not with the computer
itself. You can also say: "It's a
software problem."
17
Software is
categories:
often
divided
into
two
* System
Software:
Includes
the
operating system and all the utilities that
enable the computer to function.
* Application
Software:
Includes
programs that do real work for users. For
example, word processors, spreadsheets,
and database management systems fall
under the category of applications
software.
19
22
An intermediary is a link
between an originator and an
addressee. An Internet Service
Provider (ISP) is one such
intermediary. It is like a virtual
post office. It receives, stores or
transmits electronic messages
through its mail servers on behalf
of another person (originator
and / or addressee).
23
Limitations
Whether technological evidence is
a threat to the right to a fair trial
or the right against incrimination as
guaranteed
by
the
Indian
Constitution?
What
are
the
statistical
probabilities
of
technological
evidence going wrong?
25
Caution is appropriate,
unreasonable doubt is
not.
Daniel Koshland, Editor
Science Magazine
26
There must be a
unique balance between
scientific evidence and
human evidence.
27
Authenticity
V/s
Integrity
Nonrepudiation
Paper
Digital
May be forged
Can not be
copied
Signature
independent of
the document
Signature
depends on the
contents of the
document
Handwriting
expert
needed
Error prone
Any
computer
user
Error free
31
Purpose
V/s
Evidence
Signer
Identification
Paper
Digital
To
authenticate
the message as
originating
from purported
signer
To authenticate
the message as
originating from
purported signer
distinctive,
attributable to
the signer only
distinctive,
attributable to
the signer only
Notary
/witnesses
Trusted Third
Party (CA)
32
Digital
Signature
technology requires key
pair (private key for
encryption and public key
for decryption) and a hash
function (algorithm).
35
Plain Text
Encryption
Decryption
Plain Text
Cipher Text
36
A cryptographic algorithm, or
cipher, is a mathematical
function used in the encryption
and decryption process. This
mathematical function works in
combination with a key a very
large number to encrypt the
plaintext (the original message).
39
The
fundamental
objective
of
cryptography is information security.
Simply put, it is to ensure the
following:
Confidentiality is used to keep the
content of information secret from
unauthorized persons. This is achieved
through symmetric and asymmetric
encryption.
Data
integrity
addresses
the
unauthorized alteration of data. This is
addressed by hash functions.
41
Authentication
is
related
to
identification. This function applies
to both entities and information
itself. This is achieved through
digital signature certificates and
digital signatures.
Non-repudiation prevents someone
from denying previous commitments
or actions. This is achieved through
digital signature certificates and
digital signatures.
42
Symmetric Cryptography
Asymmetric Cryptography
43
Symmetric Cryptography
When a single secret key is used to
maintain communication between the
sender and the receiver, it is referred
to as a symmetric cryptography or
private-key cryptographic system.
Here, both encryption and decryption
use the same key.
44
Symmetric Cryptography
K1 = K2
Encryption Key(K1)
Plain Text
Encryption
Decryption Key(K2)
Decryption
Plain Text
Cipher Text
45
An
example
of
symmetric
cryptography is the automated
teller machine (ATM) at a Bank.
When a person uses an ATM, he
gains access to his account by
entering a personal identification
number (PIN). That is the person is
authenticating himself to the Bank.
The PIN is a shared secret
between the Bank and the person.
46
Key Management
Encryption:
and
Conventional
The
persistent
problem
conventional
encryption
is
distribution:
with
key
Asymmetric Cryptography
For both the processes of
encryption and decryption two
different keys are used.
It is referred to as a
asymmetric
cryptography
or
public-key cryptographic system.
49
Asymmetric Cryptography
Public key cryptography is an asymmetric
scheme that uses a pair of keys: a public key,
which encrypts data, and a corresponding
private key, or secret key for decryption.
Each user has a key pair given to him. The public
key is published to the world while the private
key is kept secret. Anyone with a copy of the
public key can then encrypt information that
only the person having the corresponding private
key can read.
50
Asymmetric Cryptography
K1 = K2
Encryption Key(K1)
Plain Text
Encryption
Decryption Key(K2)
Decryption
Plain Text
Cipher Text
51
ENCRYPTION
DECRYPTION
Message 1
Encrypted Message 1
Encrypted Message 1
Message 1
Central to the growth of e-commerce and egovernance is the issue of trust in electronic
environment.
9a46894335be49f0b9cab28d755aaa9cd98571b
275bbb0adb405e6931e856ca3e5e569edd13528
5482
9a46894335be49f0b9cab28d755aaa9cd985
71b275bbb0adb405e6931e856ca3e5e569ed
d135285482
Central to the growth of e-commerce and egovernance is the issue of trust in electronic
environment.
Message 2
Same Key
SYMMETRIC
Encrypted Message 2
a520eecb61a770f947ca856cd675463f1c95a
9a2b8d4e6a71f80830c87f5715f5f59334978
dd7e97da0707b48a1138d77ced56feba2b46
7c398683c7dbeb86b854f120606a7ae1ed93
4f5703672adab0d7be66dccde1a763c736cb
9001d0731d541106f50bb7e54240c40ba780
[Keys of a pair Public and Private]
b7a553bea570b99c9ab3df13d75f8ccfdddea
af3a749fd1411
Different Keys
ASYMMETRIC
[PKI]
Encrypted Message 2
a520eecb61a770f947ca856cd675463f1c95a9a2b
8d4e6a71f80830c87f5715f5f59334978dd7e97da
0707b48a1138d77ced56feba2b467c398683c7db
eb86b854f120606a7ae1ed934f5703672adab0d7
be66dccde1a763c736cb9001d0731d541106f50b
b7e54240c40ba780b7a553bea570b99c9ab3df13
d75f8ccfdddeaaf3a749fd1411
Message 2
52
Hash Function
[compression
function,
contraction
function, message digest, finger print,
cryptographic checksum, message integrity
check, and manipulation detection code ]
Hash
Function
Message
(Any Length)
HASH
Hash Function
A one-way hash function takes variablelength input say, a message of any length
and produces a fixed-length output; say,
160-bits. The hash function ensures that,
if the information is changed in any way
even by just one bit an entirely different
output value is produced. The table below
shows some sample output values using
SHA (Standard Hash Algorithm).
55
For example,
Satish
c75491c89395de9fa4ed29affda0e4d29cbad290
SATISH 33fef490220a0e6dee2f16c5a8f78ce491741adc
satish
4c391643f247937bee14c0bcca9ffb985fc0d0ba
56
Signed Messages
Message
Message
Calculated
Calculated
Hash
Hash
Message
Message
++
signature
signature
Message
Message
++
Signature
Signature
if
COMPARE
COMPARE
Hash
Hash
Sign
e
Mess d
ag e
SIGN
SIGNhash
hash
With
Senders
With Senders
Private
Privatekey
key
Sender
OK
Signatures
verified
Hash
Hash
Receiver
Decrypt
Decrypt
Signature
Signature
With
WithSenders
Senders
Public
PublicKey
Key
58
Message 1
Hash Value 1
7a08f27d5282b673fbb97cd028a7451292c052c8
Digital Signature 1
bab3dbfba30eedc0c52dacfc144df4d9c6508502
A dot is added
at the end of
the message
Message 2
Hash Value 2
b3cafe1ea21f290ad8be71b510297d038b68a7f9
Digital Signature 2
5335ba87f67cfc65d7ea2d7dced44ea3dc16282c
Message 3
Adding a
space
between bit
and digest
Hash Value 3
cd7db886d5e0e63d48c6c4358c86aa3d6e2afe86
Digital Signature 3
71892180a9af4dd59ceb285eda5cfc3e9b72aaf8
59
Keys:
A key is a value that works with a
cryptographic algorithm to produce a specific
cipher text. Keys are basically very, very,
very big numbers. Key size is measured in
bits. In public key cryptography, the bigger
the key, the more secure the cipher text.
However, public key size and conventional
cryptographys symmetric key size are totally
unrelated.
The algorithms used for each type of
cryptography are very different and are very
difficult to compare.
60
Public Key
Infrastructure and
Certifying Authorities
(With Relevant Rules)
62
Step 4-
68
Rule 4.
Signature.
Creation
of
Digital
Section
2(1)(p)
Digital
Signature means authentication
of any electronic record by a
subscriber by means of an
electronic method or procedure in
accordance with the provisions of
Section 3.
74
(3)
Any person by the use of
a public key of the subscriber can
verify the electronic record.
(4) The private key and the
public key are unique to the
subscriber and constitute a
functioning key pair.
77
Illustration
Mr. Sen writes a message as under:
Dear Mr. Gupta,
Mr. S Sen
Figure 1 : Conventionally signed message
82
85
(d) any
alteration
to
the
information
made
after
its
authentication
by
electronic
signature is detectable; and
(e) it fulfils such other conditions
which may be prescribed.
90
Provided
that
no
electronic
signature
or
authentication
technique shall be specified in the
Second Schedule unless such
signature or technique is reliable.
(5) Every
notification
issued
under sub-section (4) shall be laid
before each House of Parliament.
93
for
Whoever
knowingly
creates,
publishes
or
otherwise
makes
available
a
Digital
Signature
Certificate for any fraudulent or
unlawful purpose shall be punished
with imprisonment for a term, which
may extend to two years, or with
fine, which may extend to one lakh
rupees, or with both.
103