Digital signatures and public key infrastructure pki technology
Download
1 / 36

Digital Signatures - PowerPoint PPT Presentation


  • 537 Views
  • Uploaded on

Digital Signatures and Public Key Infrastructure (PKI) Technology April 11, 2002 Agenda Digital Signature Types PKI and Levels of Security How PKI Works Notarization Electronic Documents and PKI Demonstration of e-Recording Digital Signature Types Digital or Electronic Signatures

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Digital Signatures' - Jimmy


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Digital signatures and public key infrastructure pki technology l.jpg

Digital Signaturesand Public Key Infrastructure (PKI) Technology

April 11, 2002


Agenda l.jpg
Agenda

  • Digital Signature Types

  • PKI and Levels of Security

  • How PKI Works

  • Notarization

  • Electronic Documents and PKI

  • Demonstration of e-Recording



Digital or electronic signatures l.jpg
Digital or Electronic Signatures

Per US law “any signature in electronic form attached or logically associated to a record by a person with the intent to sign a record”

Intent to be the equivalent of a handwritten “wet” signature

Can use any number of authentication methods, separately or in combination


Signature definitions l.jpg
Signature Definitions

  • Digital Signatures

    • Includes simple passwords or digitized images of handwritten signatures

    • Do not rely on cryptography

    • Not computer-readable characters

  • Electronic Signatures

    • Most full-featured and secure signature type

    • Electronically signed documents that rely upon public key cryptography (PKC) to authenticate identity

    • Can be encrypted for additional confidentiality


Matching technology to the need l.jpg
Matching Technology to the Need

  • Integrity – the assurance that the message is whole, complete, and not changed in transmission

  • Nonrepudiation – neither party to the transaction can later claim that the transaction did not take place, or that the signature is not valid

  • Confidentiality – access to the content of the document is limited to authorized persons, thus eliminating the possibility for disclosure or theft of information or signatures

  • Authentication – provides the assurance that the person affixing a signature to an electronic document is, indeed, who he or she claims to be



Paper vs electronic delivery l.jpg
Paper vs. Electronic Delivery

  • Written signature

  • Document sealed in envelope

  • Check the seal to verify document has not been altered

Electronic World:

e.g. Email

Delivery Channel

Paper World:

e.g. courier, snail mail

Paper World

Electronic World

  • Electronic Signature

  • Encrypt document

  • Perform a message digest/hashing algorithm to verify document has not been altered


Public key cryptography pkc l.jpg
Public Key Cryptography (PKC)

  • PKI is based upon PKC, an internationally accepted method for securing electronic communications

  • PKC involves a pair of mathematically related keys

    • Very large prime numbers of 1024 characters in length

    • Public key

      • Distributed freely to anyone whom the public key owner wishes to communicate securely

    • Private Key

      • Known only by the signer

      • Used to sign a message that only the public key can verify


Certification authorities l.jpg
Certification Authorities

CERTIFICATE AUTHORITY

Certificate authorities are central to authentication under PKI. They:

  • Issue private keys (digital certificates)

  • Maintain records of certificates issued

  • Identify and authenticate certificate holders

  • Maintain the directory of publicly available keys

  • Audit themselves and customers

    Can be either enterprise operated or by a trusted third party

    Vendors include VeriSign, GTE CyberTrust, others


Private keys or digital certificates l.jpg
Private Keys or Digital Certificates

  • Contain

    • User id’s

    • Private key

    • Who certificate belongs to

    • When certificate expires

  • Storage

    • In a browser

    • On a piece of hardware such as a smart card or a plug-in USB device

  • Fees

    • Users pay an annual fee based on their level of security, liability limits also vary by level of security


Examples of levels of security l.jpg
Examples of Levels of Security

  • High Level

    • Applicants must appear before a notary with 2 photo id’s

    • Notary submits info to certification authority

    • Authority reviews and assigns a digital identification in either a smart card or “key fob” that plugs into the USB port of the users PC

    • In addition, provided a pass phrase or an identification number

    • Initiating a transaction requires the smart card/key fob and the pass phrase/ identification number

    • Example: lawyers and healthcare professionals seeking confidential client records


Examples of levels of security13 l.jpg
Examples of Levels of Security

  • Intermediate Level

    • Require storage of the certificate on a smart card or key fob

    • Do not require a notarized application

    • Example: accessing internal company network via laptop over the Internet

  • Standard Level

    • Apply for digital signatures online

    • Minimal verification

    • Loaded directly into the users browser

    • Really no security other than a person asking for it

    • Expected to replace state-issued passwords for electronic filing of tax applications and other common transactions


Public sector developments l.jpg
Public Sector Developments

  • Washington and Illinois among the states first to rollout statewide implementations of PKI technology that allow citizens, businesses, and others to securely deal with government agencies over the web

  • Serving as their own Certification Authorities

  • Unlike departmental solutions, these systems are meant to give citizens on digital signature to use in online dealings with any state or local government department


Concerns and risks l.jpg
Concerns and Risks

  • Adopting business processes to accommodate new kind of signature

  • No case law: long-term legal enforceability of electronic contracts and agreements

  • Standard archiving needed

    • Electronic document or record must be accessible to inspection for generations as any paper legal document

    • Archiving used by governments must be available whatever software or hardware updates occur

  • Loss or theft of private keys



Hashing or message digest l.jpg
Hashing or Message Digest

  • A message digest is produced by performing a hashing algorithm which is a calculation that reduces a document to a unique number

  • If the document changes in the slightest bit, so does the digest

MESSAGE

Hashing Algorithm

MESSAGE DIGEST



Secure transmission l.jpg
Secure Transmission

  • Public Key Cryptography is the internationally accepted method for securing electronic communications

+

=

+

=

PRIVATE KEY

ENCRYPTED MESSAGE

PUBLIC KEY

MESSAGE

MESSAGE

ENCRYPTED MESSAGE

ASYMMETRIC KEYS

Secure

Transmission

Electronic

Signature


Electronic signature l.jpg
Electronic Signature

=

+

=

DIGITAL FINGERPRINT

SENDER’S PRIVATE

KEY

MESSAGE

DIGEST

Digital Signature

  • A electronic signature (i.e., digital fingerprint) is created by encrypting the message digest with the sender’s Private Key

  • An electronic signature confirms that:

    • Message came from the sender

    • Message was unaltered in transit

Secure

Transmission

Electronic

Signature


Benefits of electronic signatures l.jpg
Benefits of Electronic Signatures

  • Anyone who knows the public key can verify the correctness of the signature

  • Reduced possibility of fraud, forgery, or impersonation

  • Verification of document integrity

    • Encrypted message summary (hash) must match message content, otherwise digital signature is void

    • Digital signatures cannot be copied from one document to another as any changes to the message would void the signature




Notarization24 l.jpg
Notarization

  • An important part of many signed docs is notarized acknowledgement to help protect the parties to a contract

  • Five components to a notarized acknowledgment

    • Personal appearance – allows notary to interact and observe the signer

    • Identification – notary relies on several means to make sure the person signing the document is who they say they are

    • Acknowledged by signer – before the notary, asserting they are authorized to sign and are not doing so under duress

    • Lack of duress – presence of third party helps prevent signatures under coercion or physical threat

    • Awareness – interacting with notary helps detect whether drugs, mental impairment, or other infirmity may have influenced decision to sign


Digital acknowledgements l.jpg
Digital Acknowledgements

  • For all practical purposes, identical to a digital signature

  • Can be created only by a notary with special credentials to do so

  • Instead of an embossed stamp, notary uses a special digital certificate

    • Many states still require the notary be physically present to fulfill the “personal appearance” requirement

    • This may change as digital documents become more commonplace, e.g, replaced by a video presence

  • A document that has been both signed and notarized will actually contain 2 digital signatures



The future of documents l.jpg
The Future of Documents

  • Now

transitioning to…

  • The Future


Elements of a document l.jpg
Elements of a Document

Kevin Paul Smith

3157 Willow Ln, Orangevale, CA

(206) 555-1534

(206) 555-1234

December 11, 2001

x

Denise Jones

Kevin Paul Smith

6541 Miller Pl, Folsom, CA

$236,000

$212,400

Home Town Bank

North half of Lot 36, as shown

on the official “Map of Folsom,” May, 1934

Kevin Paul Smith

12\11\01

Grant Deed

Name _______________________________________

Address ____________________________________

Telephone _______________ Fax _____________

Closing Date ______________________________

Type of Transaction:

q Sale q Refinance q Home Equity

Seller __________________________________

Buyer/Borrower __________________________

Property Address ________________________

Sale Price _______________________________

Loan Amount _____________________________

Lender __________________________________

Legal Description __________________________

__________________________________________

Signature ______________________ Date _________

Form with Standard Text

Data Elements

Signature


Levels of electronic documents l.jpg
Levels of Electronic Documents

  • Documents can be broadly categorized into four conceptual “levels.” We believe that a viable document strategy must accommodate all four levels.


Electronic document level three l.jpg
Electronic Document – Level Three

  • Level Three

    • An electronic document is created by combining a form (created using HTML) with information (embedded XML data tags), and is encrypted and signed with a digital signature (using PKI technology)

    • A truly electronic “intelligent” enforceable document, not an image of a paper document


Elements of an intelligent document l.jpg
Elements of an Intelligent Document

Kevin Paul Smith

3157 Willow Ln, Orangevale, CA

(206) 555-1534

(206) 555-1234

December 11, 2001

x

Denise Jones

Kevin Paul Smith

6541 Miller Pl, Folsom, CA

$236,000

$212,400

Home Town Bank

North half of Lot 36, as shown

on the official “Map of Folsom,” May, 1934

Kevin Paul Smith

12\11\01

Grant Deed

Name _______________________________________

Address ____________________________________

Telephone _______________ Fax _____________

Closing Date ______________________________

Type of Transaction:

q Sale q Refinance q Home Equity

Seller __________________________________

Buyer/Borrower __________________________

Property Address ________________________

Sale Price _______________________________

Loan Amount _____________________________

Lender __________________________________

Legal Description __________________________

__________________________________________

Signature ______________________ Date _________

HTML

XML

PKI


Level three l.jpg
Level Three

Recorder

Title and Escrow Services

Document

Repository

Data

On-line Signing Room

Database

Intelligent Document

Microfiche, if desired


The benefits of level three l.jpg
The Benefits of Level Three

  • Electronic paper documents can travel faster between links in the value chain

  • Information is embedded in and electronically retrievable from enforceable documents

  • Enforceable document paradigm and data paradigm are combined

  • Information from enforceable documents does not need to be reconciled

  • Documents are signed and encrypted using digital signatures

  • The Document can be electronically parsed or manipulated

  • Privacy and security are greatly enhanced

    • Discretion as to what pieces of information an individual can access

    • All, some, or nothing


Virtual travel to documents l.jpg
Virtual Travel to Documents

XHTML

Document

On-line Signing Room



E recording demonstration l.jpg
e-Recording Demonstration

  • Prepare a reconveyance

  • Sign it

  • Notarize

  • Recording at the county

  • Return recorded document and receipt

Richard [email protected](303) 618-8874


ad