1 / 15

Unit 3 Section 6.4: Internet Security

Unit 3 Section 6.4: Internet Security. Digital Signatures and Certificates. Digital Signatures and Certificates. To prove that an electronic message is genuine, a sender can digitally sign the message.

diannc
Download Presentation

Unit 3 Section 6.4: Internet Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Unit 3Section 6.4: Internet Security Digital Signatures and Certificates

  2. Digital Signatures and Certificates • To prove that an electronic message is genuine, a sender can digitally sign the message. • This means it can be detected if the message has been tampered with and the signature is proof that it has been sent by the correct person. Digital signatures use asymmetric encryption. • The process to send a message is as follows:

  3. Message Hash Function Digest 010010100010 110100101010 A digest (also known as a hash) is produced from the message using a hash function. The digest is a much reduced version of the original message (it is not possible to change a message digest back into the original message from which it was created).

  4. Encrypted Digest (Digital Signature) Encrypt using sender’s private key Digest 1111001010010 1001010001010 010010100010 110100101010 The digest is then encrypted using the sender’s private key. The sender’s private key must be used instead of the receiver’s public key to prove it has been encrypted by the sender. The encrypted digest result is the digital signature.

  5. Message Digital Signature Appended with 1111001010010 1001010001010 The encrypted digest (digital signature) is then appended to the original message.

  6. Message Encrypted Message Encrypt using receiver’s public key 1111001010010 1001010001010 0010101000110 0001010010011 0101000100101 0101010100111 1101001100000 The message and digital signature are then encrypted using the receiver’s public key. The receiver’s public key must be used here so that only the receiver can decrypt the message with the private key.

  7. Encrypted Message Send by e-mail 0010101000110 0001010010011 0101000100101 0101010100111 1101001100000 The encrypted message is then sent by electronic mail.

  8. Digital Signatures and CertificatesThe process to verify that a message is genuine is as follows:

  9. Message Encrypted Message Decrypt using receiver’s private key 1111001010010 1001010001010 1101001001011 1111110100100 1111001010010 1001010001010 The message and signature are decrypted using the receiver’s private key.

  10. Message Digital Signature 1111001010010 1001010001010 Separate Digital Signature 1111001010010 1001010001010 The decrypted message is then separated into the original message and digital signature.

  11. Digital Signature (Encrypted Digest) Decrypt using sender’s public key Decrypted Digest 010010100010 110100101010 1111001010010 1001010001010 The digital signature (encrypted digest) is then decrypted using the sender’s public key. This proves it has been sent by the person who owns the private key.

  12. Message Hash Function New Digest 010010100010 110100101010 A new digest is produced from the original message using the same hash function as the original digest.

  13. Decrypted Digest New Digest 010010100010 110100101010 010010100010 110100101010 The decrypted digest is then compared to the new digest. If the decrypted digest is the same as the new digest then the message has not been tampered with.

  14. Digital Signatures and CertificatesAlthough this process sounds complicated it is all handled by the signing software so the messages can be signed and received using a simple click.

  15. Digital Signatures and CertificatesA digital certificate is issued by a certification authority. It contains your name, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. Digital certificates can be kept in registries so that authenticating users can look up other users' public keys.

More Related