DIGITAL SIGNATURES By Umair Sadiq

DIGITAL SIGNATURES By Umair Sadiq

WHAT IS A DIGITAL SIGNATURE? A signature to validate any electronic data. Its not modified It belongs to signatory Signatory cannot repudiate

PICTORIAL OVERVIEW

VARIOUS ALGORITHMS RSA DSA (US Federal Govt Standard) Elliptic Curve DSA ElGamal (based on computing discrete logarithm), Pointcheval-Stern (a variant of ElGamal) Note: Unlocking the key requires solution to a mathematically hard problem like factoring the product of large primes or computing discrete logarithms

A SIMPLIFIED SCENARIO Encryption, (e,n) code msg e mod n Decryption, (d,n) msg code d mod n msg msg e d (mod n) ed (n)

POTENTIAL THREATS AND SOLUTIONS Man-in-the-middle-attack a person intercepts and modifies messages in both direction and uses its own generated set of keys digital certificates are used to authenticate keys Timing attacks with the knowledge of hardware and decipher time becomes possible to deduce the key it is rectified by combining decryption with a random computation

CONCLUSION Where digital signature provide a safe way to authenticate electronic piece of information, it is important to use an algorithm that has been put to rigorous testing and has proven its validity over a period of time.

REFERENCES http://csrc.nist.gov/publications/fips/fips186-2/ fips186-2-change1.pdf http://www.abanet.org/scitech/ec/isc/dsgtutorial.html http://gdp.globus.org/gt4-tutorial/multiplehtml/ ch09s03.html