1 / 22

TrustPort Public Key Infrastructure

TrustPort Public Key Infrastructure. Security of electronic communications Using asymmetric cryptography Electronic signature, digital certificate Using public key infrastructure TrustPort public key infrastructure solutions TrustPort eSign Pro. Table of contents. Three main aspects

adele-puckett
Download Presentation

TrustPort Public Key Infrastructure

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TrustPort Public Key Infrastructure

  2. Security of electronic communications Using asymmetric cryptography Electronic signature, digital certificate Using public key infrastructure TrustPort public key infrastructure solutions TrustPort eSign Pro Table of contents

  3. Three main aspects Integrity of transferred data Authentication of the sender Confidentiality of transferred data Perils of unsecured communications Data tempering on the way from the sender to the recipient The real sender pretending to be someone else Unwanted disclosure of confidential data Security of electronic communications

  4. Making the communications secure Data encryption Electronic signing Security of electronic communications

  5. Symmetric cryptography Based on a secret key Perfect for local data encryption Problematic distribution of the secret key Asymmetric cryptography Based on a private key and a public key Designed for remote data exchange Easy distribution of the public key New issues to be solved Making the communications secure

  6. Anyone can encrypt and send data using public key Recipient only can decrypt data using private key Using asymmetric cryptography for encryption encryption decryption Data Encrypted data Decrypteddata Recipient‘s public key Recipient‘s private key

  7. The keys are mathematically related Data encrypted by public key can be decrypted only by the owner of the private key Data encrypted by private key can be decrypted by anyone using public key The private key cannot be reverse engineered from the public key The key pair explained Bigrandomnumber Key generation algorithm Public key Private key

  8. Using asymmetric cryptography for signing sender‘s private key hash algorithm Data Hashvalue Encrypted hash value = electronic signature encryption Data

  9. Hash values are identical … signature is valid Hash values are different … signature is not valid Verification of electronic signature sender‘s public key Decryptedhashvalue decryption Encrypted hash value = electronic signature comparison Data Hashvalue hash algorithm

  10. Authentication of the sender no other person can create a valid signature of a document in the name of the sender Securing integrity of the data the signed document cannot be modified without making the signature invalid Indisputability of the sender the sender cannot deny the document was sent by him or her Advantages of electronic signature

  11. The credibility is based on the asymmetric encryption algorithm used. bit length of the encryption keys used. secure storage of the private keys. Credibility of the electronic signature

  12. A certificate is binding together a personal identity with a public key. Certificate parts Identification of the holder Serial number Identification of certification authority Validity period Public key of the holder Digital certificate

  13. accepts requests for certificates, verifies the identity of the applicants, issues digital certificates guarantees the credibility of digital certificates maintains a certificate revocation list each certificate has a limited validity period a certificate may be revoked even before the end of validity period on verification of an electronic signature, the certification authority checks the list of all revoked certificates Accredited certification authority is a certification authority recognized by the state. It can issue qualified digital certificates, applicable for legally binding communications with the public administration. Certification authority without accreditation can be used for internal purposes of a business or an institution. Registration and certification authority

  14. Public key infrastructure explained Certification authority Verification authority Certificate, public key Requestis OK Registration authority Signatureis OK Certificate, privatekey Signature Request Sender Recipient Signature Data message

  15. web applications mail clients office applications content management systems … TrustPort Public Key Infrastructure, built on long tradition of development and experience in the field of electronic signature The use of public key infrastructure

  16. Asymmetric encryption algorithms in use RSA (512 to 4096 bit), DSA (1024 bits), Elliptic curves (112 to 256 bits), Diffie-Hellman Symmetric encryption algorithms in use RC2 (40 to 128 bits), CAST128 (64, 80, 128 bits), BlowFish (64 to 448 bits), DES (56 bits), 3DES (168 bits), Rijndael (128, 192, 256 bits), TwoFish (128, 256 bits) Hash algorithms in use SHA1, SHA256, SHA384, SHA512, MD5, RIPEMD 160 Further specifications LDAP support, electronic signing and verification of PDF files, PDF encryption based on password and certificate, PDF timestamping TrustPort Public Key Infrastructure

  17. Solutions for end users TrustPort eSign Pro(encrypting and signing files, verification of electronic signatures, timestamping files, safe storage of private keys and personal certificates) Solutions for businesses TrustPort Certification Authority(issuance and revocation of certificates, handling certificate requests, the core can run multiple certification authorities) TrustPort Timestamp Authority(issuance of time stamps, detection of exact time from independent sources, can be used in combination with the previous product) Solutions based on TrustPort Public Key Infrastructure

  18. TrustPort PKI SDK enables development of applications using public key infrastructure easy import and export of certificates, certificate revocation lists, encryption keys safe storage of private keys and personal certificates on the hard drive on chip cards and flash tokens multitude of symmetric, asymmetric and hash algorithms extensive support of cards and tokens from different manufacturers optional modules miniCA, miniTSA certification and timestamp authorities for internal corporate use Solutions based on TrustPort Public Key Infrastructure

  19. TrustPort eSign Pro TrustPort eSign Pro • Specific endpoint solution • Signs electronic documents • Encrypts documents reliably • Enables time stamping Complete PDF support • PDF signing • PDF encryption • PDF time stamping

  20. TrustPort eSign Pro • Recommended system requirements: • Pentium 200 MHz or higher, • Windows 2000 or higher, • 64 MB RAM • 20 MB HDD • Supported systems: • Microsoft Windows 7 • Microsoft Windows Vista • Microsoft Windows XP • Microsoft Windows 2000 • Microsoft Windows Server 2003 • Microsoft Windows Server 2008

  21. TrustPort eSign Pro

  22. Thank you for your attention!

More Related