1 / 9

Digital Signatures

Digital Signatures. Written Signatures / Paper Documents. Provide “proof” of identification Legal basis – contracts, etc. Ceremonial – signing person knows when s/he enters a contract. But. Forgery Falsified ID Altered documents Insecure – couriers, agencies, secretaries. Therefore:.

shaun
Download Presentation

Digital Signatures

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Digital Signatures

  2. Written Signatures / Paper Documents • Provide “proof” of identification • Legal basis – contracts, etc. • Ceremonial – signing person knows when s/he enters a contract

  3. But . . . • Forgery • Falsified ID • Altered documents • Insecure – couriers, agencies, secretaries

  4. Therefore: • Digital Signatures!!! • Short history • Technology • How to . . .

  5. Short history of digital signatures • DSS - Federal Information Processing Standards Publications (FIPS PUBS) – publication 186: May 19, 1994 • The standard (DSS) specifies a DSA appropriate for applications requiring a digital rather than a written signature • Specifications also in this document

  6. Technology • Dig. sig. computed such that identity of signatory and integrity of data can be verified • Public/private keys – encode with private, verify with public • This ensures a nonrepudiation policy, as well – once message has been verified, signatory cannot repudiate involvement with message/contract

  7. Tech. (cont.) • Encryption can also be accomplished using many modern software packages (PGP, for example) – sign and encrypt with private keys • De-encryption and verification by public keys

  8. How to . . . • To use such technology, get digital signing/encryption software • PGP (Pretty Good Privacy) (www.pgpi.org) • Fairly well known • Offers many features • E-mail encryption • Instant Message encryption (using MSN Messenger) • PGPNet – all network communications can be encrypted • Search engine – “Digital Signature” or “Encryption”

  9. Sources: • http://www.itl.nist.gov/fipspubs/fip186.htm (Federal Information Processing Standards Publications) • http://www.abanet.org/scitech/ec/isc/dsg-tutorial.html (American Bar Association - Digital Signature Guidelines Tutorial) • http://www.pgpi.org/ (International PGP Home Page) • http://web.mit.edu/network/pgp.html (MIT distribution site for PGP)

More Related