SlideShare a Scribd company logo

Network security

Download as PPTX, PDF
ABHISHEK KUMAR, profile picture
ABHISHEK KUMAR

Network security involves securing computer networks and systems. It is handled by network administrators who implement security policies, software, and hardware to protect networks from unauthorized access, misuse, or denial of resources. Network security aims to authenticate users, control access to resources, and ensure confidentiality, integrity, non-repudiation and availability of networks and resources. Common methods include authentication, access control, encryption, digital signatures, and monitoring systems for security audits.

Engineering
Related topics:
Network Security
1 of 39
Downloaded 11 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
Network security
• A specialized field in computer networking that involves securing a computer network infrastructure. • handled by a network administrator or system administrator who implements the security policy, network software and hardware needed to protect. • prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.
• covers both, public and private networks, that are used in  everyday jobs  conducting transactions and communications among businesses  government agencies individuals.
• Protect vital information while still allowing access to those who need it Trade secrets, medical records, etc. • Provide authentication and access control for resources • Guarantee availability of resources
• Authentication  The process of verifying the identity of a user  Password, Key, smart card or other device, fingerprint, voice, or retinal scans • Access control  Limits the access to authorized users, resources provided by the application • Confidentiality  Protects against unauthorized release of message content • Integrity  Guarantees that a message is received as sent
• Non-repudiation  Protects against sender/receiver denying sending/receiving a message  Someone cannot deny something • Availability  Guarantees that the system services are always available when needed • Security Audit  Keeps track of transaction for late use (diagnostic, alarms…) • Key Management  Allows to negotiate, setup and maintain keys between communicating entities
Network security
• Cryptography is the science and art of transforming messages to make them secure and immune to attack. • The word ‘cryptography’ was coined by combining two Greek words, ‘Krypto’ meaning hidden and ‘graphene’ meaning writing.
• an implementation of cryptographic techniques and their accompanying infrastructure to provide information security services. • A cryptosystem is also referred to as a cipher system. The objective of cryptosystem at the end of the process, only the sender and the receiver will know the plaintext.
• Plaintext  It is the data to be protected during transmission. • Encryption Algorithm  a cryptographic algorithm that takes plaintext and an encryption key as input and produces a ciphertext. • Ciphertext  scrambled version of the plaintext produced by the encryption algorithm using a specific the encryption key.
• Decryption Algorithm  a cryptographic algorithm that takes a ciphertext and a decryption key as input, and outputs a plaintext. • Encryption Key  a value that is known to the sender.  The sender inputs the encryption key into the encryption algorithm along with the plaintext in order to compute the ciphertext. • Brute force  Try every possible key until plain text is achieved
• Decryption Key  a value that is known to the receiver.  It is related to the encryption key, but is not always identical to it.  The receiver inputs the decryption key into the decryption algorithm along with the ciphertext in order to compute the plaintext. • Interceptor (an attacker)  an unauthorized entity who attempts to determine the plaintext.  can see the ciphertext and may know the decryption algorithm.  He, however, must never know the decryption key.
Network security
• Symmetric Key Algorithms (AES , DES, IDEA) • Public–Key Algorithms or Asymmetric cryptography • Digital Signatures
Network security
• Symmetric-key algorithms  use the same cryptographic keys for both encryption of plaintext and decryption of ciphertext.  keys may be identical or there may be a simple transformation to go between the two keys.  the keys, represent a shared secret between two or more parties that can be used to maintain a private information link.  same key is one of the main drawbacks of symmetric key encryption.
• Symmetric-key Cryptography
• Substitution Ciphers A substitution technique is one in which the letters/number/symbols of plaintext are replaced by other letters/numbers/symbols. e.g. A D, T Z 2 5, 3 6 • Caesar Cipher • Replace each letter with the letter standing x place further • Example: (x=3) • Plain : meet me after the party • Cipher : phhw ph diwhu wkh sduwb • If Key space : 25 • Brut force attack : try 25 possibilities
• TRANSPOSITION CIPHER In the transposition technique the positions of letters/numbers/symbols in plaintext is changed with one another. Plain text : MEET ME AFTER PARTY Cipher text : TEMEEMEFAPTRYRAT KEY USED : 421635
• Types of Symmetric-key algorithms  Symmetric key algorithms can be divided into two categories: block and stream.  Block algorithms encrypt data a block (many bytes) at a time, while stream algorithms encrypt byte by byte (or even bit by bit).
• Examples of Symmetric algorithms  AES (Advanced Encryption Standard)  DES (Digital Encryption Standard)  IDEA (International Data Encryption Algorithm) and etc. • Other terms for symmetric-key encryption  secret-key  single-key  shared-key  one-key  private-key
Network security
• Based on mathematical algorithms • Asymmetric  Use two separate keys • Ingredients  Plain text  Encryption algorithm  Public and private key  Cipher text  Decryption algorithm
• Encryption
• Public Key Encryption - Authentication
• Public Key Encryption – Operation  One key made public o Used for encryption  Other kept private o Used for decryption  Infeasible to determine decryption key given encryption key and algorithm  Either key can be used for encryption, the other for decryption
• Public Key Encryption – Steps  User generates pair of keys  User places one key in public domain  To send a message to user, encrypt using public key  user decrypts using private key
• RSA Algorithm • n = pq, where p and q are distinct primes. • phi, φ = (p-1)(q-1) • e < n such that gcd(e, phi)=1 • d = e-1 mod phi. • c = me mod n, 1<m<n. • m = cd mod n.
• A very simple example of RSA encryption
• A very simple example of RSA encryption
• Difference SYMMETRIC KEY CRYPTOGRAPHY ASYMMETRIC KEY CRYPTOGRAPHY 1. The same algorithm with the same key is used for encryption and decryption. 2. The key must be kept secret. 3. It may be impossible or at least impractical to decipher a message if no other information is available. 1. One algorithm is used for encryption and decryption with a pair of keys, one for encryption and one for decryption. 2. One of the two keys must be kept secret. 3. It may be impossible or at least impractical to decipher a message if no other information is available.
Network security
• not to be confused with a digital certificate • it is a mathematical technique used to validate the authenticity and integrity of a message, software or digital document. • Sender encrypts message with their private key • Receiver can decrypt using senders public key • This authenticates sender, who is only person who has the matching key • Does not give privacy of data  Decrypt key is public
• How digital signatures work o Digital signatures are based on public key cryptography o such as RSA, one can generate two keys that are mathematically linked: one private and one public. • How to create a digital signature o signing software (such as an email program) creates a one-way hash of the electronic data to be signed. o The private key is then used to encrypt the hash. along with other information, such as the hashing algorithm -- is the digital signature. o The reason for encrypting the hash instead of the entire message or document is that a hash function can convert an arbitrary input into a fixed length value, which is usually much shorter. This saves time since hashing is much faster than signing.
Message + Signature Hash Decrypt Signature With Sender’s Public Key SIGN hash With Sender’s Private key Message + signature COMPARE Calculated HashMessage Sender Receiver Hash Sent thru’ Internet if OK Signatures verified
• Private key protection  The Private key generated is to be protected and kept secret. The responsibility of the secrecy of the key lies with the owner.  The key is secured using  PIN Protected soft token  Smart Cards  Hardware Tokens
• Most modern email programs  the use of digital signatures and digital certificates making it easy to sign any outgoing emails and validate digitally signed incoming messages. • Digital signatures are also used extensively to provide  proof of authenticity  data integrity  non-repudiation of communications and transactions conducted over the Internet. What are the benefits of digital signatures?  Authentication and Integrity
Paper signatures v/s Digital Signatures Parameter Paper Electronic Authenticity May be forged Can not be copied Integrity Signature independent of the document Signature depends on the contents of the document Non- repudiation a. Handwriting expert needed b. Error prone a. Any computer user b. Error free V/s
Network security

More Related Content

PPT
Cryptography
JohnsonDaniel JohnsonDaniel
 
PDF
BAIT1103 Chapter 3
limsh
 
PPSX
5 Cryptography Part1
Alfred Ouyang
 
PDF
Public Key Encryption & Hash functions
Dr.Florence Dayana
 
PDF
RSA Algoritmn
Dr. Kapil Gupta
 
PPTX
cryptography
Jai Nathwani
 
PDF
Encryption and Key Distribution Methods
Gulcin Yildirim Jelinek
 
PDF
CNS - Unit - 1 - Introduction
Gyanmanjari Institute Of Technology
 
Cryptography
JohnsonDaniel JohnsonDaniel
 
BAIT1103 Chapter 3
limsh
 
5 Cryptography Part1
Alfred Ouyang
 
Public Key Encryption & Hash functions
Dr.Florence Dayana
 
RSA Algoritmn
Dr. Kapil Gupta
 
cryptography
Jai Nathwani
 
Encryption and Key Distribution Methods
Gulcin Yildirim Jelinek
 
CNS - Unit - 1 - Introduction
Gyanmanjari Institute Of Technology
 

What's hot (20)

PDF
CNS - Unit - 4 - Public Key Cryptosystem
Gyanmanjari Institute Of Technology
 
PPTX
Cryptography
Sandip kumar
 
PPT
Distribution of public keys and hmac
anuragjagetiya
 
PDF
BAIT1103 Chapter 2
limsh
 
PPTX
Network security
Perfect Training Center
 
PPTX
Cryptography
Abhi Prithi
 
PDF
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
 
PPSX
Cryptography
Nishant Pahad
 
PPT
Chapter 15 - Security
Wayne Jones Jnr
 
DOC
MAJOR PROJECT FORMAT--2013(new 1)
Neelabja Manna
 
PPTX
Introduction to cryptography part1-final
Taymoor Nazmy
 
PDF
Unit 1
Trupti Kodinariya
 
PPTX
Cryptographic tools
CAS
 
PPTX
20 security
abiy2004
 
PPT
Cryptography 1
bhanu7161
 
PPT
Cryptography and network security
Mahipesh Satija
 
PPTX
Public key Cryptography & RSA
Amit Debnath
 
PPT
Cryptography
أحلام انصارى
 
PPTX
Basic cryptography
Perfect Training Center
 
PPTX
Intro to modern cryptography
zahid-mian
 
CNS - Unit - 4 - Public Key Cryptosystem
Gyanmanjari Institute Of Technology
 
Cryptography
Sandip kumar
 
Distribution of public keys and hmac
anuragjagetiya
 
BAIT1103 Chapter 2
limsh
 
Network security
Perfect Training Center
 
Cryptography
Abhi Prithi
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
Kathirvel Ayyaswamy
 
Cryptography
Nishant Pahad
 
Chapter 15 - Security
Wayne Jones Jnr
 
MAJOR PROJECT FORMAT--2013(new 1)
Neelabja Manna
 
Introduction to cryptography part1-final
Taymoor Nazmy
 
Unit 1
Trupti Kodinariya
 
Cryptographic tools
CAS
 
20 security
abiy2004
 
Cryptography 1
bhanu7161
 
Cryptography and network security
Mahipesh Satija
 
Public key Cryptography & RSA
Amit Debnath
 
Cryptography
أحلام انصارى
 
Basic cryptography
Perfect Training Center
 
Intro to modern cryptography
zahid-mian
 
Ad

Viewers also liked (10)

PPTX
Enterprise IT Security| CIO Innovation and Leadership
RedZone Technologies
 
PDF
Network security
SADIQUE ALI
 
PPTX
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Benelux
 
PDF
Industry 4 network design and security - Peter Brown
PROFIBUS and PROFINET InternationaI - PI UK
 
PPTX
Network security
mena kaheel
 
PPTX
Data Network Security
Atif Rehmat
 
PPTX
Network security
Madhumithah Ilango
 
PPT
Network Security
MAJU
 
PPT
Network security
Gichelle Amon
 
PDF
Network Security Presentation
Allan Pratt MBA
 
Enterprise IT Security| CIO Innovation and Leadership
RedZone Technologies
 
Network security
SADIQUE ALI
 
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Benelux
 
Industry 4 network design and security - Peter Brown
PROFIBUS and PROFINET InternationaI - PI UK
 
Network security
mena kaheel
 
Data Network Security
Atif Rehmat
 
Network security
Madhumithah Ilango
 
Network Security
MAJU
 
Network security
Gichelle Amon
 
Network Security Presentation
Allan Pratt MBA
 
Ad

Similar to Network security (20)

PDF
Information Security 05- Encryption.pdfn
faiziikanwal47
 
PPTX
Detailed description about the concept of E Commerce UNIT IV.pptx
gstagra
 
PPTX
groupWork.pptx
KennedyKiplangat1
 
PPTX
CISSP - Chapter 3 - Cryptography
Karthikeyan Dhayalan
 
PPTX
CRYPTOGRAPHY and its applications .pptx
eveanchalvaj2206
 
PPTX
Cryptography
Muhammad Shoaib Saleem
 
PPTX
Introduction to Cryptography and digital signatures
anupama12369
 
DOCX
Cryptography : The Art of Secured Messaging
Sumit Satam
 
PPTX
Symmetric ciphermodel
priyapavi96
 
PPTX
Mastering Network Security: Protecting Networks from Cyber Threats with Firew...
Sisodetrupti
 
PPTX
big data and Iot , its security part ,hoe yoy help this
warriorshanta
 
PPTX
Encryption techniques
MohitManna
 
PPTX
Cryptography and Network Security Principles.pptx
AbrahamThompson3
 
PPT
Cryptography
Sourabh Badve
 
PPT
Info security & crypto
Shehrevar Davierwala
 
PPTX
Information-Security-Lecture-8.pptx
anbersattar
 
PPTX
Encrytion ppt
Raj Sampat
 
PDF
chapter 1-4.pdf
zerihunnana
 
PDF
information technology cryptography Msc chapter 1-4.pdf
wondimagegndesta
 
PDF
Basic Cryptography.pdf
Setiya Nugroho
 
Information Security 05- Encryption.pdfn
faiziikanwal47
 
Detailed description about the concept of E Commerce UNIT IV.pptx
gstagra
 
groupWork.pptx
KennedyKiplangat1
 
CISSP - Chapter 3 - Cryptography
Karthikeyan Dhayalan
 
CRYPTOGRAPHY and its applications .pptx
eveanchalvaj2206
 
Cryptography
Muhammad Shoaib Saleem
 
Introduction to Cryptography and digital signatures
anupama12369
 
Cryptography : The Art of Secured Messaging
Sumit Satam
 
Symmetric ciphermodel
priyapavi96
 
Mastering Network Security: Protecting Networks from Cyber Threats with Firew...
Sisodetrupti
 
big data and Iot , its security part ,hoe yoy help this
warriorshanta
 
Encryption techniques
MohitManna
 
Cryptography and Network Security Principles.pptx
AbrahamThompson3
 
Cryptography
Sourabh Badve
 
Info security & crypto
Shehrevar Davierwala
 
Information-Security-Lecture-8.pptx
anbersattar
 
Encrytion ppt
Raj Sampat
 
chapter 1-4.pdf
zerihunnana
 
information technology cryptography Msc chapter 1-4.pdf
wondimagegndesta
 
Basic Cryptography.pdf
Setiya Nugroho
 

Recently uploaded (20)

PPTX
UNIT 4 Total Quality Management .pptx
gokuld13012005
 
DOCX
573137875-Attendance-Management-System-original
AYUSHMANAV
 
PDF
Mohammad Mahdi Farshadian CV - Prospective PhD Student 2026
Educational Group Mohammad Farshadian
 
PPTX
Foundation to blockchain - A guide to Blockchain Tech
Davies Chacko
 
PPTX
Strings in CPP - Strings in C++ are sequences of characters used to store and...
sangeethamtech26
 
PDF
Operating System & Kernel Study Guide-1 - converted.pdf
mranoninvisib16
 
PPTX
Lecture Notes Electrical Wiring System Components
eedgecbhojpur
 
PDF
Embodied AI: Ushering in the Next Era of Intelligent Systems
Yu Huang
 
PPTX
FINAL REVIEW FOR COPD DIANOSIS FOR PULMONARY DISEASE.pptx
rubeshbme
 
PPTX
Lesson 3_Tessellation.pptx finite Mathematics
quakeplayz54
 
PDF
Well-logging-methods_new................
ZafriFarid
 
PDF
Mitigating Risks through Effective Management for Enhancing Organizational Pe...
IJAEMSJORNAL
 
PPTX
IOT PPTs Week 10 Lecture Material.pptx of NPTEL Smart Cities contd
ssusera400e8
 
PDF
Structs to JSON How Go Powers REST APIs.pdf
Emily Achieng
 
PPTX
Construction Project Organization Group 2.pptx
vj5agdales
 
PPTX
bas. eng. economics group 4 presentation 1.pptx
kiribakimoses1993
 
PDF
Arduino robotics embedded978-1-4302-3184-4.pdf
AbdullahEmam4
 
PDF
SM_6th-Sem__Cse_Internet-of-Things.pdf IOT
smceramu
 
PPTX
Recipes for Real Time Voice AI WebRTC, SLMs and Open Source Software.pptx
Alberto González Trastoy
 
PDF
Digital Logic Computer Design lecture notes
CHINNASUNKAIAH1
 
UNIT 4 Total Quality Management .pptx
gokuld13012005
 
573137875-Attendance-Management-System-original
AYUSHMANAV
 
Mohammad Mahdi Farshadian CV - Prospective PhD Student 2026
Educational Group Mohammad Farshadian
 
Foundation to blockchain - A guide to Blockchain Tech
Davies Chacko
 
Strings in CPP - Strings in C++ are sequences of characters used to store and...
sangeethamtech26
 
Operating System & Kernel Study Guide-1 - converted.pdf
mranoninvisib16
 
Lecture Notes Electrical Wiring System Components
eedgecbhojpur
 
Embodied AI: Ushering in the Next Era of Intelligent Systems
Yu Huang
 
FINAL REVIEW FOR COPD DIANOSIS FOR PULMONARY DISEASE.pptx
rubeshbme
 
Lesson 3_Tessellation.pptx finite Mathematics
quakeplayz54
 
Well-logging-methods_new................
ZafriFarid
 
Mitigating Risks through Effective Management for Enhancing Organizational Pe...
IJAEMSJORNAL
 
IOT PPTs Week 10 Lecture Material.pptx of NPTEL Smart Cities contd
ssusera400e8
 
Structs to JSON How Go Powers REST APIs.pdf
Emily Achieng
 
Construction Project Organization Group 2.pptx
vj5agdales
 
bas. eng. economics group 4 presentation 1.pptx
kiribakimoses1993
 
Arduino robotics embedded978-1-4302-3184-4.pdf
AbdullahEmam4
 
SM_6th-Sem__Cse_Internet-of-Things.pdf IOT
smceramu
 
Recipes for Real Time Voice AI WebRTC, SLMs and Open Source Software.pptx
Alberto González Trastoy
 
Digital Logic Computer Design lecture notes
CHINNASUNKAIAH1
 

Network security

  • 2. • A specialized field in computer networking that involves securing a computer network infrastructure. • handled by a network administrator or system administrator who implements the security policy, network software and hardware needed to protect. • prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.
  • 3. • covers both, public and private networks, that are used in  everyday jobs  conducting transactions and communications among businesses  government agencies individuals.
  • 4. • Protect vital information while still allowing access to those who need it Trade secrets, medical records, etc. • Provide authentication and access control for resources • Guarantee availability of resources
  • 5. • Authentication  The process of verifying the identity of a user  Password, Key, smart card or other device, fingerprint, voice, or retinal scans • Access control  Limits the access to authorized users, resources provided by the application • Confidentiality  Protects against unauthorized release of message content • Integrity  Guarantees that a message is received as sent
  • 6. • Non-repudiation  Protects against sender/receiver denying sending/receiving a message  Someone cannot deny something • Availability  Guarantees that the system services are always available when needed • Security Audit  Keeps track of transaction for late use (diagnostic, alarms…) • Key Management  Allows to negotiate, setup and maintain keys between communicating entities
  • 8. • Cryptography is the science and art of transforming messages to make them secure and immune to attack. • The word ‘cryptography’ was coined by combining two Greek words, ‘Krypto’ meaning hidden and ‘graphene’ meaning writing.
  • 9. • an implementation of cryptographic techniques and their accompanying infrastructure to provide information security services. • A cryptosystem is also referred to as a cipher system. The objective of cryptosystem at the end of the process, only the sender and the receiver will know the plaintext.
  • 10. • Plaintext  It is the data to be protected during transmission. • Encryption Algorithm  a cryptographic algorithm that takes plaintext and an encryption key as input and produces a ciphertext. • Ciphertext  scrambled version of the plaintext produced by the encryption algorithm using a specific the encryption key.
  • 11. • Decryption Algorithm  a cryptographic algorithm that takes a ciphertext and a decryption key as input, and outputs a plaintext. • Encryption Key  a value that is known to the sender.  The sender inputs the encryption key into the encryption algorithm along with the plaintext in order to compute the ciphertext. • Brute force  Try every possible key until plain text is achieved
  • 12. • Decryption Key  a value that is known to the receiver.  It is related to the encryption key, but is not always identical to it.  The receiver inputs the decryption key into the decryption algorithm along with the ciphertext in order to compute the plaintext. • Interceptor (an attacker)  an unauthorized entity who attempts to determine the plaintext.  can see the ciphertext and may know the decryption algorithm.  He, however, must never know the decryption key.
  • 14. • Symmetric Key Algorithms (AES , DES, IDEA) • Public–Key Algorithms or Asymmetric cryptography • Digital Signatures
  • 16. • Symmetric-key algorithms  use the same cryptographic keys for both encryption of plaintext and decryption of ciphertext.  keys may be identical or there may be a simple transformation to go between the two keys.  the keys, represent a shared secret between two or more parties that can be used to maintain a private information link.  same key is one of the main drawbacks of symmetric key encryption.
  • 18. • Substitution Ciphers A substitution technique is one in which the letters/number/symbols of plaintext are replaced by other letters/numbers/symbols. e.g. A D, T Z 2 5, 3 6 • Caesar Cipher • Replace each letter with the letter standing x place further • Example: (x=3) • Plain : meet me after the party • Cipher : phhw ph diwhu wkh sduwb • If Key space : 25 • Brut force attack : try 25 possibilities
  • 19. • TRANSPOSITION CIPHER In the transposition technique the positions of letters/numbers/symbols in plaintext is changed with one another. Plain text : MEET ME AFTER PARTY Cipher text : TEMEEMEFAPTRYRAT KEY USED : 421635
  • 20. • Types of Symmetric-key algorithms  Symmetric key algorithms can be divided into two categories: block and stream.  Block algorithms encrypt data a block (many bytes) at a time, while stream algorithms encrypt byte by byte (or even bit by bit).
  • 21. • Examples of Symmetric algorithms  AES (Advanced Encryption Standard)  DES (Digital Encryption Standard)  IDEA (International Data Encryption Algorithm) and etc. • Other terms for symmetric-key encryption  secret-key  single-key  shared-key  one-key  private-key
  • 23. • Based on mathematical algorithms • Asymmetric  Use two separate keys • Ingredients  Plain text  Encryption algorithm  Public and private key  Cipher text  Decryption algorithm
  • 25. • Public Key Encryption - Authentication
  • 26. • Public Key Encryption – Operation  One key made public o Used for encryption  Other kept private o Used for decryption  Infeasible to determine decryption key given encryption key and algorithm  Either key can be used for encryption, the other for decryption
  • 27. • Public Key Encryption – Steps  User generates pair of keys  User places one key in public domain  To send a message to user, encrypt using public key  user decrypts using private key
  • 28. • RSA Algorithm • n = pq, where p and q are distinct primes. • phi, φ = (p-1)(q-1) • e < n such that gcd(e, phi)=1 • d = e-1 mod phi. • c = me mod n, 1<m<n. • m = cd mod n.
  • 29. • A very simple example of RSA encryption
  • 30. • A very simple example of RSA encryption
  • 31. • Difference SYMMETRIC KEY CRYPTOGRAPHY ASYMMETRIC KEY CRYPTOGRAPHY 1. The same algorithm with the same key is used for encryption and decryption. 2. The key must be kept secret. 3. It may be impossible or at least impractical to decipher a message if no other information is available. 1. One algorithm is used for encryption and decryption with a pair of keys, one for encryption and one for decryption. 2. One of the two keys must be kept secret. 3. It may be impossible or at least impractical to decipher a message if no other information is available.
  • 33. • not to be confused with a digital certificate • it is a mathematical technique used to validate the authenticity and integrity of a message, software or digital document. • Sender encrypts message with their private key • Receiver can decrypt using senders public key • This authenticates sender, who is only person who has the matching key • Does not give privacy of data  Decrypt key is public
  • 34. • How digital signatures work o Digital signatures are based on public key cryptography o such as RSA, one can generate two keys that are mathematically linked: one private and one public. • How to create a digital signature o signing software (such as an email program) creates a one-way hash of the electronic data to be signed. o The private key is then used to encrypt the hash. along with other information, such as the hashing algorithm -- is the digital signature. o The reason for encrypting the hash instead of the entire message or document is that a hash function can convert an arbitrary input into a fixed length value, which is usually much shorter. This saves time since hashing is much faster than signing.
  • 35. Message + Signature Hash Decrypt Signature With Sender’s Public Key SIGN hash With Sender’s Private key Message + signature COMPARE Calculated HashMessage Sender Receiver Hash Sent thru’ Internet if OK Signatures verified
  • 36. • Private key protection  The Private key generated is to be protected and kept secret. The responsibility of the secrecy of the key lies with the owner.  The key is secured using  PIN Protected soft token  Smart Cards  Hardware Tokens
  • 37. • Most modern email programs  the use of digital signatures and digital certificates making it easy to sign any outgoing emails and validate digitally signed incoming messages. • Digital signatures are also used extensively to provide  proof of authenticity  data integrity  non-repudiation of communications and transactions conducted over the Internet. What are the benefits of digital signatures?  Authentication and Integrity
  • 38. Paper signatures v/s Digital Signatures Parameter Paper Electronic Authenticity May be forged Can not be copied Integrity Signature independent of the document Signature depends on the contents of the document Non- repudiation a. Handwriting expert needed b. Error prone a. Any computer user b. Error free V/s