Professional Documents
Culture Documents
Digital Signature
Digital Signature
AUTHENTICATION PROTOCOLS
There are various authentication protocols. Some of them are listed
below:
1. Challenge Handshake Authentication Protocol (CHAP): it is three-
way handshake protocol and it is much secured than PAP.
2. Extensible Authentication Protocol (EAP): It is used as a dial-in
between the client and the server. It is used to determine what
authentication protocol will be used.
3. Password Authentication Protocol (PAP): it is a two-way handshake
protocol. It is used with point to point protocol (PPP). It uses a plain
text password like older SLIP systems. It is not secure.
4. Shiva PAP (SPAP): Only NT RAS server supports this for clients
dialing in.
5. Data Encryption Standards (DES): It is used for older clients and
servers.
6. Remote Authentication Dial-In User Service (RADIUS): It is used in
organisation’s network to authenticate users dialing in remotely to
server.
7. S/Key: It is RFC 2289 Authentication Protocol. It is secure against
replays attacks. It is a one-time password system.
8. MS-CHAP (MD4): It is used to authenticate remote workstations and
developed by Microsoft. It uses MD4 for computing the message
digest and DES for encryption.
9. SKID-SKID2 and SKID3: It uses symmetric encryption technique.
Privacy of the user are not maintained and man-in-the-middle attack
is possible against it.
SUMMARY
Digital signature is a strong method for authentication used today. Digital
signature includes message authentication codes (MAC), hash value of a
message and digital pen pad devices. The Digital Signature Algorithm
(DSA) is the standard algorithm for digital signatures. The algorithm is
split into three parts-key generation, signing and verification. One more
digital signature scheme described by Taher ElGamal in 1984 is the
ElGamal signature. It is based on discrete logarithms. A variant of the
Digital Signature Algorithm (DSA) is Elliptical curve Digital Signature
Algorithm (EDSA). It is based on elliptical curve groups. The use of
elliptical curve provides smaller key sizes for the same security level, with
roughly, the same execution time. It also generates the signature of
exactly the same size. The NIST published the standard for digital
signature, called DSS, in 1991. One should note that DSS is a standard,
whereas DSA is an algorithm. It has been developed for performing digital
signatures. The applications of DSA are intended in various areas such as
e-mail, online transactions, e-commerce, e-billing. There are various
authentication protocols. Some of them are CHAP, MS-CHAP (MD4), etc.
Digital signature algorithms have a number of prior requirements
(mentioned below). Without these requirements signatures do not have
any meaning.
1. Quality algorithms: Quality of the digital algorithm also depends on
the quality of public key algorithms used.
2. Implementations: Implementation of any algorithm is very
important. If a very good algorithm is implemented with some
mistake, it will never work properly.
3. Private key: The security of any algorithm depends on the secrecy of
private key. If the private key of a user compromises (known by the
attackers), then the attackers also generates the same digital
signature irrespective of how strong the algorithm can be used for
the generation of the signature.
4. Distribution of public keys: If the public key cryptography, the
distribution of public key is also very important. F