Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
1. CRYPTOGRAPHY
It is an art of creating the ciphers.
2. CRYPTANALYSIS
It is an art of braking the ciphers. (hacking)
CIPHERTEXT: It is an unintelligible form
of original text(plain text) which is
obtained after applying an encryption
algorithm to the original text.
• Confidentiality
– assure that data can be kept secret
– method: encryption
• Integrity
– assure that received message has not been altered
– method: digital signature
• Authentication
– about verifying identities
– method: digital certificate
Encryption
Encryption key
Encryption
This is Plaintext 123@8(@0kfl30kfl
Plaintext Ciphertext
Ciphertext Plaintext
ASSYMETRIC CRYTOGRAPHY
Plaintext Ciphertext
private key
123@8(@0 This is
kfl30kfl Decryption Plaintext
Ciphertext Plaintext
DIGITAL SIGNATURE
• A digital signature or digital signature scheme is a
mathematical scheme for demonstrating the
authenticity of a digital message or document. A
valid digital signature gives a recipient reason to
believe that the message was created by a known
sender, and that it was not altered in transit.
• Digital signatures are commonly used for software
distribution, financial transactions, and in other
cases where it is important to detect forgery and
tampering.
• Digital signatures employ a type of asymmetric
cryptography. For messages sent through an insecure
channel, a properly implemented digital signature
gives the receiver reason to believe the message was
sent by the claimed sender. Digital signatures are
equivalent to traditional handwritten signatures in
many respects; properly implemented digital
signatures are more difficult to forge than the
handwritten type.
History:
Step 1 :
Compute the message
digest of the file
File
Message
Digest
Digital
Step 2 : Signature Step 3 :
Send the file and digital File + Digital Signature
Encrypt the message digest (signed file)
with sender’s private key signature
(signed file)
Steps in digital signature verification
Step 1a : Step 1b :
Find the message Decrypt the digital
digest of the file signature with sender’s
public key
Message Message
Digest Digest
Step 2 :
Compare the two Same
message digests Accept
Different
Reject
USES OF DIGITAL SIGNATURE
• AUTHENTICATION: Digital signatures can be used to authenticate the
source of messages. When ownership of a digital signature secret key is bound to a
specific user, a valid signature shows that the message was sent by that user. The
importance of high confidence in sender authenticity is especially obvious in a
financial context. For example, suppose a bank's branch office sends instructions
to the central office requesting a change in the balance of an account. If the
central office is not convinced that such a message is truly sent from an authorized
source, acting on such a request could be a grave mistake.
• INTEGRITY: the sender and receiver of a message may have a need for
confidence that the message has not been altered during transmission. If a
message is digitally signed, any change in the message after signature will
invalidate the signature.
• NON-REPUDIATION: Communication do occur between two persons,
thus there are chances that one of them becomes dishonest at a later
state i.e. deny of any message sent to receiver.
Digital signature prevent such cases.