• No results found

A ROLE OF DIGITAL SIGNATURE TECHNOLOGY USING RSA ALGORITHM

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "A ROLE OF DIGITAL SIGNATURE TECHNOLOGY USING RSA ALGORITHM"

Copied!
6
0
0

Loading.... (view fulltext now)

Download now ( 6 Page )

Full text

(1)

A ROLE OF DIGITAL SIGNATURE TECHNOLOGY USING RSA ALGORITHM

BHAGYASHREE

a1

, ARPITA

b

, CHANDANA

c

AND SOUJANYA

d

abcdDepartment of ECE NIT, Raichur, India

ABSTRACT

A Digital Signature is the electronic or digital equivalent of a physical signature. Just as a physical signature on a paper document establishes the origin of that document, a digital signature affixed to a digital document (computer file) establishes the origin of that digital document. Digital Signatures are much more secure and ‘fool-proof’ compared to physical signatures. Physical signatures are easily replicated or ‘forged’.

On the other hand, the technology behind Digital Signatures makes it virtually impossible to forge them. Because of the higher security associated with Digital Signatures and the many advantages associated with storing documents electronically (as opposed to paper), governments in many countries have passed laws and regulations encouraging (and in some cases mandating) the usage of digitally signed electronic documents rather than paper documents. For example, in India, Income Tax returns, corporate returns etc are to be digitally signed and uploaded electronically. A Digital Signature is a sequence of ‘bytes’ or a code that has some special characteristics. A code generated for a particular document by a particular signer is unique. An identical code cannot be generated by another signer for the same document or by the same signer for another document. This means that only the unique combination of that particular document and that particular signer can generate a particular digital signature. It provides the basic definitions of and recommendations for implementing the RSA algorithm for publickey cryptography. It defines the mathematical properties of public and private keys, primitive operations for encryption and signatures, secure cryptographic schemes.

KEYWORDS:Digital Signature, Handwritten Signatures A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or documents. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, that the sender cannot deny having sent the message ( authentication and non-repudiation), and that the message was not altered in transit ( integrity). Digital signatures are commonly used for software distribution, financial transactions, and in other cases where it is important to detect forgery or tampering. Digital signatures are often used to implement electronic signatures, a broader term that refers to any electronic data that

carries the intent of a signature,[but not all electronic

signatures use digital signatures [Ravi Shankar Dhakar, 2012].In some countries, including the United States, India, Brazil, Saudi Arabia and members of the European Union, electronic signatures have legal significance. Digital signatures employ asymmetric cryptography. In many instances they provide a layer of validation and security to messages sent through a nonsecure channel: Properly implemented, a digital signature gives the receiver reason to believe the message was sent by the claimed sender. Digital seals and signatures are

equivalent to handwritten signatures and stamped seals. Digital signatures are equivalent to traditional handwritten signatures in many respects, but properly implemented digital signatures are more difficult to forge than the handwritten type [Maryam Savari, 2012]. Digital signature schemes, in the sense used here, are cryptographically based, and must be implemented properly to be effective. Digital signatures can also provide non-repudiation, meaning that the signer cannot successfully claim they did not sign a message, while also claiming their private key remains secret; further, some non-repudiation schemes offer a time stamp for the digital signature, so that even if the private key is exposed, the signature is valid []. Digitally signed messages may be anything representable as a bitstring: examples include electronic mail, contracts, or a message sent via some other cryptographic protocol. A digital signature is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and to ensure that the original content of the message or document that has been sent is unchanged. Digital signatures are easily transportable, cannot be imitated by someone else, and can be automatically

(2)

time-stamped. A digital signature can be used with any kind of message, whether it is encrypted or plaintext. Thus Digital Signatures provide the following three features:

Authentication

Digital signatures are used to authenticate the source of messages. The ownership of a digital signature key is bound to a specific user and thus a valid signature shows that the message was sent by that user.

Integrity

In many scenarios, the sender and receiver of a message need assurance that the message has not been altered during transmission. Digital Signatures provide this feature by using cryptographic message digest functions.

Non Repudiation

Digital signatures ensure that the sender who has signed the information cannot at a later time deny having signed it.

DIGITAL SIGNATURE VERSUS

HANDWRITTEN SIGNATURES

A handwritten signature scanned and digitally attached with a document does not qualify as a Digital Signature. A Digital Signature is a combination of 0 & 1screated using crypto algorithms. An ink signature can be easily replicated from one document to another by copying the image manually or electronically [Suli Wang, 2011]. Digital Signatures cryptographically bind an electronic identity to an electronic document and the digital signature cannot be copied to another document. Further, paper contracts often have the ink signature block on the last page, allowing previous pages to be replaced after the contract has been signed. Digital signatures on the other hand compute the hash or digest of the complete document and a change of even one bit in the previous pages of the document will make the digital signature verification fail. As can be seen in the underlying figure, a Digital Signature is a string of bits appended to a document. The size of a digital signature depends on the Hash function like SHA 1 / SHA2 etc used to create the message digest and the signing key. It is usually a

few bytes.

Overview of how Digital Signatures work

The Digital Signatures require a key pair (asymmetric key pairs, mathematically related large numbers) called the Public and Private Keys. Just as physical keys are used for locking and unlocking, in cryptography, the equivalent functions are encryption and decryption. The private key is kept confidential with the owner usually on a secure media like crypto smart card or crypto token [Yashpal Kadam, 2011]. The public key is shared with everyone. Information encrypted by a private key can only be decrypted using the corresponding public key. In order to digitally sign an electronic document, the sender uses his/her Private Key. In order to verify the digital signature, the recipient uses the sender’s Public Key. Let us understand how the Digital Signatures work based on an example. Assume you are going to send the draft of a contract to your lawyer in another town. You want to give your lawyer the assurance that it was unchanged from what you had sent and that it is really from you.

1. You copy-and-paste the contract into an e-mail

note. Get electronic form of a document ( eg : - word or pdf file)

2. Using special software, you obtain a message hash

(fixed size bit string) of the contract

3.You then use your private key to encrypt the hash.

4. The encrypted hash becomes your digital signature of the contract and is appended to the contract. At the other end, your lawyer receives the message.

1. To make sure the contract is intact and from you,

(3)

2. Your lawyer then uses your public key to decrypt the Digital Signature received with the contract.

3.If the hash generated from the Digital Signature

matches the one generated in Step 1, the integrity of the received contract is verified.

Digital Signature Certificate Verification

Digital Signature Certificates are verified using a Chain of trust. The trust anchor for the Digital Certificate is the Root Certifying Authority (CCA in India). A root certificate is the top-most certificate of the hierarchy, the private key of which is used to "sign" other certificates. All certificates immediately below the root certificate inherit the trustworthiness of the root certificate. Certificates further down the tree also depend on the trustworthiness of the

intermediates (often known as "subordinate

certification authorities"). The Digital Certificate verification process is a recursive process in which the program verifying the end user certificate verifies the validity of the certificate of the issuing authority until it finds a valid certificate of a trusted party. On successful verification of the trusted party Certificate, the Digital Certificate verification stops. In case a trusted party Certificate is not found by the program, the Digital Certificate verification process ends in failure.

Implementation of signature using cryptography scheme

The Information Technology Act 2000 (IT Act) prescribes digital signatures as a means of authentication of electronic records. In short, a digital signature has the same function as that of a hand written signature. However, understanding how a digital signature is created and how it achieves the same functionality as that of a handwritten signature is by no means an easy task. This is because the technical concepts involved in creating a digital signature seem far removed from the realm of law, although the objective of affixing digital signature to an electronic record is purely legal! Digital signatures are an application of asymmetric key cryptography [Rohit Bhadauria, 2011]. This chapter traces the roots

of cryptography, discusses symmetric and

asymmetric key cryptography and ends with a detailed discussion on how asymmetric key cryptography can be used to create a digital signature. Cryptography has a long and interesting history

1.Cryptography is primarily used as a tool to protect

national secrets and strategies. It is extensively used by the military, the diplomatic services and the banking sector. One of the landmark developments in the history of cryptography was the introduction of the revolutionary concept of public-key cryptography

2.In 1978, Ron Rivest, Adi Shamir and Leonard

Adleman discovered the first practical public-key encryption and signature scheme, now referred to as RSA (after the names of its inventors).

How cryptography works

Cryptography is the science of using

mathematics to encrypt and decrypt data.

Cryptography enables you to store sensitive information or transmit it across insecure networks (like the Internet) so that it cannot be read by anyone except the intended recipient. While cryptography is the science of securing data, cryptanalysis is the

science of analyzing and breaking secure

communication (breaching security measures).

Classical cryptanalysis involves an interesting combination of analytical reasoning, application of mathematical tools, pattern finding, patience, determination, and luck. Cryptanalysts are also called attackers. Cryptology embraces both cryptography

(4)

and cryptanalysis. A cryptographic algorithm, or cipher, is a mathematical function used in the

encryption and decryption process. This

mathematical function works in combination with a key — a very large number — to encrypt the plaintext (the original message). Data that can be read and understood without any special measures is called plain textor clear text. Data which requires some special function to be performed on it before it can be read and understood, is called cipher text. The same plaintext, encrypted by using different keys, will result in different cipher text. The security of encrypted data is entirely dependent on two things: the strength of the cryptographic algorithm and the secrecy of the key. A cryptographic algorithm, plus all possible keys and all the protocols that make it work comprise a cryptosystem.

Encryptions used to ensure that information is hidden from anyone for whom it is not intended, even those who can see the encrypted data. The process of reverting cipher text to its original plaintext is called decryption.

Rabin signature algorithm

In cryptography the Rabin Signature Scheme is a method of Digital signature originally proposed by Michael O. Rabin in 1979. The Rabin Signature Scheme was one of the first digital signature schemes proposed, and it was the first to relate the hardness of forgery directly to the problem of integer factorization. Because of its simplicity and prominent role in early public key cryptography, the Rabin Signature Scheme is covered in most introductory courses on cryptography. The Rabin Signature Scheme is existentially unforgeable in the random oracle model assuming the integer factorization problem is intractable. The Rabin Signature Scheme is also closely related to the Rabin cryptosystem.

The RSA algorithm involves three steps: key generation, encryption and decryption.

We designed this for an 8-bit input. The Message Digest Function first pads in to 512 bits and then condenses it to 160 bits using the MD5 algorithm. The condensed message is then encrypted using the RSA algorithm and a signature is created. Both the Message and the Signature are transmitted to the receiver. The receiver decrypts the signature (using RSA algorithm) and compares it with the digested message.

A digital signature, an asymmetric

cryptography is designed using VHDL. The implementation has a Message Digest block and a

RSA block. Implemented Digital Signature

Algorithm on a Spartan 3 FPGA board. For messages sent through an insecure channel, a properly implemented digital signature gives the receiver reason to believe the message was sent by the claimed sender. Digital signatures are equivalent to traditional handwritten signatures in many respects; properly implemented digital signatures are more difficult to forge than the handwritten type. Digital signature schemes in the sense used here are cryptographically based, and must be implemented properly to be effective. Digital signatures can also provide non-repudiation, meaning that the signer cannot successfully claim they did not sign a message, while also claiming their private key

(5)

remains secret; further, some non-repudiation schemes offer a time stamp for the digital signature, so that even if the private key is exposed, the signature is valid nonetheless.

• A digital signature or digital signature scheme is

a type of asymmetric cryptography.

• First described by Whitfield Diffie and Martin

Hellman

• Provide a high level of assurance that the digital

signature is genuinely the signer’s.

HOW IT WORKS

One method for creating a digital signature is for the originator of data to create the signature by encrypting all of the data with the originator’s private key and enclosing the signature with the original data. Anyone with the originator’s public key can decrypt the signature and compare the decrypted message to the original message. Because only someone with the private key can create the signature, the integrity of the message is verified when the decrypted message matches the original. If an intruder alters the original message during transit, the intruder cannot also create a new valid signature. If an intruder alters the signature during transit, the signature does not verify properly and is invalid.

• Using special software, you obtain a message

hash of the message.

• You then use a private key that you have to

encrypt the hash.

• The encrypted hash becomes your digital

signature of the message. At the other end

• To make sure it’s intact and from you, your

receiver makes a hash of the received message.

• Receiver then uses your public key to decrypt the

message hash or summary.

• If the hashes match, the received message is

valid.

Digital signatures versus ink on paper signatures An ink signature could be replicated from one document to another by copying the image manually or digitally, but to have credible signature

copies that can resist some scrutiny is a significant manual or technical skill, and to produce ink signature copies that resist professional scrutiny is very difficult.

Digital signatures cryptographically bind an electronic identity to an electronic document and the digital signature cannot be copied to another document. Paper contracts sometimes have the ink signature block on the last page, and the previous pages may be replaced after a signature is applied. Digital signatures can be applied to an entire document, such that the digital signature on the last page will indicate tampering if any data on any of the pages have been altered, but this can also be achieved by signing with ink and numbering all pages of the contract.

All digital signature schemes share the

following basic prerequisites regardless of

cryptographic theory or legal provision: 1. Quality algorithms

Some public-key algorithms are known to be insecure, practical attacks against them having been discovered.

2. Quality implementations

An implementation of a good algorithm (or protocol) with mistake(s) will not work.

3. The private key must remain private

If the private key becomes known to any other party, that party can produce perfect digital signatures of anything whatsoever.

4. The public key owner must be verifiable A public key associated with Bob actually came from Bob. This is commonly done using a public key infrastructure (PKI) and the public key↔user association is attested by the operator of the PKI (called a certificate authority). For 'open' PKIs in which anyone can request such an attestation (universally embodied in a cryptographically protected identity certificate), the possibility of mistaken attestation is nontrivial. Commercial PKI operators have suffered several publicly known problems. Such mistakes could lead to falsely signed, and thus wrongly attributed, documents. 'Closed' PKI systems are more expensive, but less easily subverted

(6)

in this way.

5. Users (and their software) must carry out the signature protocol properly.

Only if all of these conditions are met will a digital signature actually be any evidence of who sent the message, and therefore of their assent to its contents. Legal enactment cannot change this reality of the existing engineering possibilities, though some such have not reflected this actuality.

Using digital signatures only with trusted applications

One of the main differences between a digital signature and a written signature is that the user does not "see" what he signs. The user application presents a hash code to be signed by the digital signing algorithm using the private key. An attacker who gains control of the user's PC can possibly replace the user application with a foreign substitute, in effect replacing the user's own communications with those of the attacker. This could allow a malicious application to trick a user into signing any document by displaying the user's original on-screen, but presenting the attacker's own documents to the signing application. ff To protect against this scenario, an authentication system can be set up between the user's application (word processor, email client, etc.) and the signing application. The general idea is to provide some means for both the user application and signing application to verify each other's integrity. For example, the signing application may require all requests to come from digitally signed binaries.

CONCLUSIONS

In this paper a digital signature will work effectively with the help of RSA for both encryption and secure communication purposes, whereas hashing is used for digital signature and hiding key information. This model provides security for the entire cloud computing environment. The specialty of our design approach is that here, each algorithm is executed in different servers which overcomes the problem of slow downing the system. In the proposed system, an intruder cannot easily access or upload the file because the algorithms are executed in different servers at different locations. For implementation purpose we have combined both RSA encryption and

Digital Signatures algorithms as a result a powerful security and data integrity service system is obtained. Although RSA encryption algorithm is quite deterministic but algorithm makes the model highly secured. In a nutshell we can say that our proposed model can provide a better approach as compared to other works.

REFERENCES

Ravi Shankar Dhakar, Amit Kumar Gupta, "Modified RSA Encryption Algorithm (MREA)". Advanced Computing & Communication Technologies (ACCT), Second International Conference, 2012.

Maryam Savari, Mohammad Montazerolzohour and Yeoh Eng Thiam, "Comparison of ECC and RSA Algorithm in Multipurpose Smart Card

Application". Cyber Security, Cyber

Warfare and Digital Forensic (CyberSec), International Conference, 2012.

P.R. Vijayalakshmi, K. Bommanna Raja,

"Performance Analysis of RSA and ECC in

Identity-Based Authenticated New

Multiparty Key Agreement Protocol".

Computing, Communication and

Applications (ICCCA), International

Conference, 2012.

Suli Wang, Ganlai Liu, "File encryption and

decryption system based on RSA

algorithm". Computational and Information Sciences (ICCIS), International Conference, 2011.

Yashpal Kadam, “Security Issues in Cloud

Computing A Transparent View”,

International Journal of Computer Science Emerging Technology, Vol-2 No 5 October, 2011 , 316-322.

Rohit Bhadauria, Rituparna Chaki, Nabendu Chaki, Sugata Sanyal, “A Survey on Security Issues in Cloud Computing”, 2011.

References

Download now ( PDF - 6 Page - 172.41 KB )

Related documents

Crisis Prevention and Management Tool

**Note: Crisis protocol will be ongoing through collaboration with Crisis Network, Staffing Agency, Autism Service, Behavioural Service and Centre for Addiction and Mental

Solutions to performance problems in VoIP over a 802.11 wireless LAN

With regard to 1), we show that a M–M scheme can improve the VoIP capacity by close to 100%. The M–M scheme multi- plexes the downlink VoIP packets into a larger multicast packet

THE GOSPEL of ST. JOHN Study Questions Property of Live God Loud Ministries. Tuesday Quiz Material (Chapters 1-7) CHAPTER ONE

QUESTION: What did Jesus do when He knew the Pharisees had heard He baptized more disciples than John.. ANSWER: He left Judea and went to Galilee

The influence of ideologies on Chinese management characteristics and its relevance in cross-cultural management between China and the European Union. A conceptual paper

Confucianism is the best known Chinese ideology worldwide, in relation with business it is mostly dealing with questions of business ethics, while Daoism addresses behavioral

Bhagwati--In Defense of Globalization

Economic globalization consti- tutes integration of national economies into the international economy through trade, direct foreign investment (by corporations and multina-

Cryptanalysis of a Partially Blind Signature Scheme or How to make $100 bills with $1 and $2 ones

Blind signatures are variants of digital signature schemes for which the signer does not learn the message he actually signs.. At first sight, such a primitive is surprising but

Internet Programming. Security

 An attacker can modify the message but cannot forge a correct signature to pretend the message comes from you.  Digital signatures are usually realized by

Essays in Contract Theory

An individually rational separating contract, on the other hand, will induce investigation if and only if information about the ex-ante type is sufficiently valuable for the agent