DIGITAL SIGNATURES

Digital signatures are used to authenticate the

identity of the sender. It is like signing a
message in electronic form. A digital signature
is a protocol that produces the same effect as
a real signature. It is a mark that only the
sender can make and other people can easily
recognize that it belongs to the sender.
PDF documents are used to share all kinds of
information, including that of a confidential
nature or with a legal value, like a contract. In
order to ensure that a document has not been
modified by someone other than its author,
and to verify that the author is who we expect
and not somebody else, digital signatures are
necessary.
Digital signatures are often used to implement
electronic signatures, which includes any
electronic data that carries the intent of a
signature, but not all electronic signatures use
digital signatures. Digital seals and signatures
are equivalent to handwritten signatures and
stamped seals.

Advantages of digital signatures v/s handwritten

signatures

The crucial difference of the handwritten

signature is that the electronic signature
Da(m) is intimately connected with the
message, whereas the handwritten signature
is added to the message and always looks the
same and that's why is easy to forge. As a
consequence no one can alter the signed
message Da(m) and trying to make it seem as
if the signature is by the real person. For, if
Da(m) is altered at all, then the application of
the public key Ea to the altered signed
message Da(m)" yields a clear text which will
appear totally random. Sending documents
digitally is faster and more cost-efficient.
Digital signing software is easy to use and
cost-effective.
E-documents dramatically reduce the risk of
being stolen, damaged, intercepted, lost,
destroyed, altered, or read by unwanted eyes.
One of the benefits of electronic signature
software is it’s designed to seamlessly
integrate with other applications, so you can
use it to sign different kinds of documents in
various formats.
Digital signatures make it easy to close a sale
on the spot, turn around contracts faster, and
finalize documents that require signatures
from multiple parties.
Disadvantage using digital signatures

Once an entire signature is published by the

signer, anyone can verify it. But moreover
once the signature has been verified,
(assuming that this is an originally signed
document with no copies after being signed)
no one else may verify the signature.
One obvious solution to this would be to
make copies of the signed document.
Another solution could turn the problem of
digital signature into an advantage. Using
digital signatures we can specify who will
verify the signature exclusively:
The private key must be kept in a secured
manner. Although digital signature provides
authenticity, it does not ensure secrecy of the
data.
To provide the secrecy, some other technique
such as encryption and decryption needs to
be used.
The process of generation and verification of
digital signature requires considerable
amount of time.
When the digital signature is not verified by
the public key, then the receiver simply marks
the message as invalid but he does not know
whether the message was corrupted or the
false private key was used.
Digital signature creation
The creation of a Digital Signature is a
complex mathematical process. However as
the complexities of the process are computed
by the computer, applying a Digital Signature
is no more difficult that creating a
handwritten one.
Digital signatures are based on public key
cryptography, also known as asymmetric
cryptography. Using a public key algorithm,
such as RSA, one can generate two keys that
are mathematically linked: one private and
one public.
Digital signatures work because public key
cryptography depends on two mutually
authenticating cryptographic keys. The
individual who is creating the digital signature
uses their own private key to encrypt
signature-related data; the only way to
decrypt that data is with the signer's public
key. This is how digital signatures are
authenticated.
MAC (Message
Authentication Code

A message authentication code (MAC), or tag,

is a security code that is typed in by the user
of a computer to access accounts or portals.
This code is attached to the message or
request sent by the user. Message
authentication codes (MACs) attached to the
message must be recognized by the receiving
system in order to grant the user access.
Message authentication codes (MACs) are
commonly used in electronic funds transfers
(EFTs) to maintain information integrity. They
confirm that a message is authentic; that it
really does come, in other words, from the
stated sender, and hasn’t undergone any
changes en route. A verifier who also
possesses the key can use it to identify
changes to the content of the message in
question.
A message authentication code (MAC)
(sometimes also known as keyed hash)
protects against message forgery by anyone
who doesn't know the secret key (shared by
sender and receiver).
This means that the receiver can forge any
message – thus we have both integrity and
authentication (as long as the receiver doesn't
have a split personality), but not non-
repudiation.
Also an attacker could replay earlier messages
authenticated with the same key, so a
protocol should take measures against this .
(Also, in case of a two-sided conversation,
make sure that either both sides have
different keys, or by another way make sure
that messages from one side can't sent back
by an attacker to this side.)
 Limitations of MAC

* Establishment of Shared Secret.

* Inability to Provide Non-Repudiation.

submitted by: Vishnu MP

PCS051824