PRESENTED BY :

* ANKUSH MARMAT
* ARJITA JAIN
* EESHA SINGH
* HARSHIT SHARMA
 INTRODUCTION
A digital signature or digital signature scheme is a type of
asymmetric cryptography used to simulate the security properties of a
handwritten signature on paper. Digital signature schemes consist of
at least three algorithms: a key generation algorithm, a signature
algorithm, and a verification algorithm. A signature provides
authentication of a "message". Messages may be anything, from
electronic mail to a contract, or even a message sent in a more
complicated cryptographic protocol.
 
Digital signatures are often used to implement electronic signatures,
a broader term that refers to any electronic data that carries the intent
of a signature, but not all electronic signatures use digital signatures.
In some countries, including the United States, and in the European
Union, electronic signatures have legal significance. However, laws
concerning electronic signatures do not always make clear their
applicability towards cryptographic digital signatures, leaving their
legal importance somewhat unspecified
 
 What is a Digital Signature Certificate
( DSC) ?

Digital Signature Certificate is your PASSPORT on the

Internet used to:
• Identify yourself
• Help the software application to authenticate you and:
• Help you to secure your data
• Give legal sanctity to the transaction
Physical Signature Digital Signature
Physical Signature is just a Digital Signature encompasses
writing on paper crucial parameters of
identification
Physical Signature can be It is IMPOSSIBLE to copy a
copied Digital signature

Physical Signature does not Digital Signature also enables

give privacy to content encryption and thus privacy

Physical Signature cannot Digital Signature protects the

protect the content content
DIGITAL SIGNATURE
CERTIFICATES
SIGN IN
VERIFICATION
ENCRYPTION
DECRYPTION
 Types of digital certificates
Identity Certificates
Accreditation Certificates
Authorisation & Permission Certificates
 Identity Certificates
An Identity Certificate is one that contains a signature
verification key combined with sufficient information to
identify (hopefully uniquely) the keyholder. This type of
certificate is much subtler than might first be imagined
and will be considered in more detail later.
 
 Accreditation Certificates
This is a certificate that identifies the keyholder as a member of
a specified group or organisation without necessarily identifying
them. For example, such a certificate couldindicate that the
keyholder is a medical doctor or a lawyer. In many
circumstances, aparticular signature is needed to authorise a
transaction but the identity of the keyholder is not relevant. For
example, pharmacists might need to ensure that
medicalprescriptions are signed by doctors but they do not
need to know the specific identities of the doctors involved.
Here the certificate states in effect that the keyholder, whoever
they are, has ‘permission to write medical prescriptions’.
Accreditation certificates can also be viewed as authorisation
(or permission) certificates.
 Authorisation & Permission
Certificates
In these forms of certificate, the certificate signing authority
delegates some form of authority to the key being signed. For
example, a bank will issue an authorization certificate to its
customers saying that the key in this certificate can be used to
authorize the withdrawal of money from account number
271828.
In banking an identity certificate might be used to set up an
account but the authorisation certificate for the account will
not itself contain identity data. To identify the owner of a
certificate a bank will typically look up the link between
account numbers and owners in its internal databases. Placing
such information in an authorisation certificate is actually
undesirable since it could expose the bank or its customers to
additional risks.
 Implementation of Digital
Signature Using RSA Algorithm
The RSA algorithm can be used for both public key
encryption and digital signatures. Its security is based on
the difficulty of factoring large integers.
Digital Certificates are implemented as per the following
phases:

1. Key Generation Algorithm.

2. Encryption.
3. Decryption.
4. Digital Signing.
5. Signature Verification.
Diagramatic Representation
 An Overview of how Digital
Signature Works

Let us consider a person named Bob whose has been

given two keys. One of Bob's keys is called a Public
Key, the other is called a Private Key.
 (Bob's public key)

Bob

(Bob's private key)

Anyone can get bob’s Public

Bob's Co-workers: key, but Bob’s keeps his
private key to himself

A B C
 HNFmsEm6Un
"Hey Bob, how BejhhyCGKOK
about lunch at Taco JUxhiygSBCEiC
Bell. I hear they 0QYIh/Hn3xgiK
have free refills!" BcyLK1UcYiY
lxx2lCFHDC/A

HNFmsEm6Un
"Hey Bob, how
BejhhyCGKOK
about lunch at
JUxhiygSBCEiC
Taco Bell. I hear
0QYIh/Hn3xgiK
they have free
BcyLK1UcYiY
refills!"
lxx2lCFHDC/A
To sign a document, Bob's software will crunch down the data into just a few
lines by a process called "hashing". These few lines are called a message digest.
(It is not possible to change a message digest back into the original data from
which it was created.)

Bobs Software then encrypts the message digest with his

private key. The result is the digital signature
Finally, Bob's software appends the digital signature to document. All
of the data that was hashed has been signed.
 Bob now passes the document on to Pat.

First, Pat's software decrypts the signature (using Bob's public key) changing it
back into a message digest. If this worked, then it proves that Bob signed the
document, because only Bob has his private key. Pat's software then hashes the
document data into a message digest. If the message digest is the same as the
message digest created when the signature was decrypted, then Pat knows that
the signed data has not been changed.
Plot complication...
Doug (our disgruntled employee) wishes to deceive Pat. Doug makes sure that Pat
receives a signed message and a public key that appears to belong to Bob.
Unbeknownst to Pat, Doug deceitfully sent a key pair he created using Bob's
name. Short of receiving Bob's public key from him in person, how can Pat be sure
that Bob's public key is authentic?
 Benefits of digital signatures
Below are some common reasons for applying a digital signature to
communications:
Authentication
Although messages may often include information about the entity sending a
message, that information may not be accurate. Digital signatures can be used to
authenticate the source of messages. When ownership of a digital signature secret
key is bound to a specific user, a valid signature shows that the message was sent
by that user. The importance of high confidence in sender authenticity is especially
obvious in a financial context. For example, suppose a bank's branch office sends
instructions to the central office requesting a change in the balance of an account.
If the central office is not convinced that such a message is truly sent from an
authorized source, acting on such a request could be a grave mistake.
 
 
Integrity

In many scenarios, the sender and receiver of a message may have a need
for confidence that the message has not been altered during transmission.
Although encryption hides the contents of a message, it may be possible to
change an encrypted message without understanding it. (Some encryption
algorithms, known as nonmalleable ones, prevent this, but others do not.)
However, if a message is digitally signed, any change in the message will
invalidate the signature. Furthermore, there is no efficient way to modify a
message and its signature to produce a new message with a valid
signature, because this is still considered to be computationally infeasible
by most cryptographic hash functions (see collision resistance).
 Drawbacks of digital signatures
Despite their usefulness, digital signatures alone do not solve the
following problems:

Association of digital signatures and trusted time stamping

Digital signature algorithms and protocols do not inherently provide
certainty about the date and time at which the underlying document was
signed. The signer might have included a time stamp with the signature, or
the document itself might have a date mentioned on it. Regardless of the
document's contents, a reader cannot be certain the signer did not, for
example, backdate the date or time of the signature. Such misuse can be
made impracticable by using trusted time stamping in addition to digital
signatures.
 CONCLUSION
 
A digital signature, is the result of encrypting some digital information
with a private key. Thus, a digital signature contains the information it is
attesting to (in encrypted form) and will be different for each different set
of information.

Within the field of public key cryptography encrypting information with a

private key is known as signing for one reason only; because use of the
private key to encrypt the information, rather than the public key,
facilitates the authentication of that information (as handwritten
signatures do), rather than the establishment of confidentiality (as
encrypting it with the recipient's public key would do).