Trustport public key infrastructure
This presentation is the property of its rightful owner.
Sponsored Links
1 / 22

TrustPort Public Key Infrastructure PowerPoint PPT Presentation


  • 130 Views
  • Uploaded on
  • Presentation posted in: General

TrustPort Public Key Infrastructure. Security of electronic communications Using asymmetric cryptography Electronic signature, digital certificate Using public key infrastructure TrustPort public key infrastructure solutions TrustPort eSign Pro. Table of contents. Three main aspects

Download Presentation

TrustPort Public Key Infrastructure

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Trustport public key infrastructure

TrustPort Public Key Infrastructure


Table of contents

Security of electronic communications

Using asymmetric cryptography

Electronic signature, digital certificate

Using public key infrastructure

TrustPort public key infrastructure solutions

TrustPort eSign Pro

Table of contents


Security of electronic communications

Three main aspects

Integrity of transferred data

Authentication of the sender

Confidentiality of transferred data

Perils of unsecured communications

Data tempering on the way from the sender to the recipient

The real sender pretending to be someone else

Unwanted disclosure of confidential data

Security of electronic communications


Security of electronic communications1

Making the communications secure

Data encryption

Electronic signing

Security of electronic communications


Making the communications secure

Symmetric cryptography

Based on a secret key

Perfect for local data encryption

Problematic distribution of the secret key

Asymmetric cryptography

Based on a private key and a public key

Designed for remote data exchange

Easy distribution of the public key

New issues to be solved

Making the communications secure


Using asymmetric cryptography for encryption

Anyone can encrypt and send data using public key

Recipient only can decrypt data using private key

Using asymmetric cryptography for encryption

encryption

decryption

Data

Encrypted data

Decrypteddata

Recipient‘s public key

Recipient‘s private key


The key pair explained

The keys are mathematically related

Data encrypted by public key can be decrypted only by the owner of the private key

Data encrypted by private key can be decrypted by anyone using public key

The private key cannot be reverse engineered from the public key

The key pair explained

Bigrandomnumber

Key generation algorithm

Public key

Private key


Using asymmetric cryptography for signing

Using asymmetric cryptography for signing

sender‘s private key

hash algorithm

Data

Hashvalue

Encrypted hash value

= electronic signature

encryption

Data


Verification of electronic signature

Hash values are identical … signature is valid

Hash values are different … signature is not valid

Verification of electronic signature

sender‘s public key

Decryptedhashvalue

decryption

Encrypted hash value

= electronic signature

comparison

Data

Hashvalue

hash algorithm


Advantages of electronic signature

Authentication of the sender

no other person can create a valid signature of a document in the name of the sender

Securing integrity of the data

the signed document cannot be modified without making the signature invalid

Indisputability of the sender

the sender cannot deny the document was sent by him or her

Advantages of electronic signature


Credibility of the electronic signature

The credibility is based on the

asymmetric encryption algorithm used.

bit length of the encryption keys used.

secure storage of the private keys.

Credibility of the electronic signature


Digital certificate

A certificate is binding together a personal identity with a public key.

Certificate parts

Identification of the holder

Serial number

Identification of certification authority

Validity period

Public key of the holder

Digital certificate


Registration and certification authority

accepts requests for certificates, verifies the identity of the applicants, issues digital certificates

guarantees the credibility of digital certificates

maintains a certificate revocation list

each certificate has a limited validity period

a certificate may be revoked even before the end of validity period

on verification of an electronic signature, the certification authority checks the list of all revoked certificates

Accredited certification authority is a certification authority recognized by the state. It can issue qualified digital certificates, applicable for legally binding communications with the public administration.

Certification authority without accreditation can be used for internal purposes of a business or an institution.

Registration and certification authority


Public key infrastructure explained

Public key infrastructure explained

Certification authority

Verification authority

Certificate, public key

Requestis OK

Registration authority

Signatureis OK

Certificate, privatekey

Signature

Request

Sender

Recipient

Signature

Data message


The use of public key infrastructure

web applications

mail clients

office applications

content management systems

TrustPort Public Key Infrastructure, built on long tradition of development and experience in the field of electronic signature

The use of public key infrastructure


Trustport public key infrastructure1

Asymmetric encryption algorithms in use

RSA (512 to 4096 bit), DSA (1024 bits), Elliptic curves (112 to 256 bits), Diffie-Hellman

Symmetric encryption algorithms in use

RC2 (40 to 128 bits), CAST128 (64, 80, 128 bits), BlowFish (64 to 448 bits), DES (56 bits), 3DES (168 bits), Rijndael (128, 192, 256 bits), TwoFish (128, 256 bits)

Hash algorithms in use

SHA1, SHA256, SHA384, SHA512, MD5, RIPEMD 160

Further specifications

LDAP support, electronic signing and verification of PDF files, PDF encryption based on password and certificate, PDF timestamping

TrustPort Public Key Infrastructure


Solutions based on trustport public key infrastructure

Solutions for end users

TrustPort eSign Pro(encrypting and signing files, verification of electronic signatures, timestamping files, safe storage of private keys and personal certificates)

Solutions for businesses

TrustPort Certification Authority(issuance and revocation of certificates, handling certificate requests, the core can run multiple certification authorities)

TrustPort Timestamp Authority(issuance of time stamps, detection of exact time from independent sources, can be used in combination with the previous product)

Solutions based on TrustPort Public Key Infrastructure


Solutions based on trustport public key infrastructure1

TrustPort PKI SDK

enables development of applications using public key infrastructure

easy import and export of certificates, certificate revocation lists, encryption keys

safe storage of private keys and personal certificates

on the hard drive

on chip cards and flash tokens

multitude of symmetric, asymmetric and hash algorithms

extensive support of cards and tokens from different manufacturers

optional modules miniCA, miniTSA

certification and timestamp authorities for internal corporate use

Solutions based on TrustPort Public Key Infrastructure


Trustport public key infrastructure

TrustPort eSign Pro

TrustPort eSign Pro

  • Specific endpoint solution

  • Signs electronic documents

  • Encrypts documents reliably

  • Enables time stamping

Complete PDF support

  • PDF signing

  • PDF encryption

  • PDF time stamping


Trustport public key infrastructure

TrustPort eSign Pro

  • Recommended system requirements:

    • Pentium 200 MHz or higher,

    • Windows 2000 or higher,

    • 64 MB RAM

    • 20 MB HDD

  • Supported systems:

    • Microsoft Windows 7

    • Microsoft Windows Vista

    • Microsoft Windows XP

    • Microsoft Windows 2000

    • Microsoft Windows Server 2003

    • Microsoft Windows Server 2008


  • Trustport public key infrastructure

    TrustPort eSign Pro


    Thank you for your attention

    Thank you for your attention!


  • Login