GOVERNMENT POLYTECHNIC,

NANDED
Information Technology
DepartmentAcademic year:2023-24

Microproject on

DIGITAL SIGNATURE

Program Name: Information Technology

Program Code: IF6I
Course Name: Network and Information Security
Code: 22620

Name of Students Guided By

1.Bhalerao Prajwal Prof. S.N.Dhole
2.Chakote Pranav
3.Jayfale Adarsh
4.Yevtikar Namdev

1
 MAHARASHTRA STATE
BOARD OF TECHNICAL EDUCATION

Certificate

This is to certify that Mr. Bhalerao Prajwal, Chakote Pranav, Jayfale

Adarsh, Namdev Yevtikar Roll No. 1540,1541,1545,1560 of 6th Semester of
Diploma in Information technology of Institute, GOVERNMENT
POLYTECHNIC, NANDED (0020) has completed the Micro Project
satisfactorily in Subject- NIS for the academic year 2023-24 as prescribed in
the curriculum.

Place : Nanded
Date : 01/04/2024
Exam Seat No.: 380975,380990,380982,3801008

Subject Teacher Head of the Department Principal

S.N.Dhole Prof.S.N.Dhole Dr.N.L.Janrao

2
 ANEEXURE l
Evaluation Sheet for the Micro Project
Academic Year: 2023-24 Name of the Faculty: S.N.Dhole
Course: NIS Course Code: 22620 Semester: VI
Title of the Project: DIGITAL SIGNATURE

Cos address by Micro Project:

A: Use difierent Cryptographic tools.

Major learning outcomes achieved by the students by doing the project.

(A) Practical outcome:

1) Create and Verify digital signature using tool(cryptool).

(B) Unit outcomes in Cognitive domain.

1) Create and Verify digital signature.
2) Troubleshoot small modules.
3) Utilization of known concept in implementation.

Roll Student Name Marks out of 6 for Marks out of 4 for Total out
No. performance in performance in of 10
group activity oral/presentation
(D5 Col.8) (D5 Col.9)

1540 BHALERAO PRAJWAL

1541 CHAKOTE PRANAV
1545 JAYFALE ADARSH
1560 YEVTIKAR NAMDEV

(Signature of Faculty)

3
 WEEKLY PROGRESS REPORT
TITLE OF THE MICRO PROJECT:-
“Digital Signature”
WEEK ACTIVITY PERFORMED DATE SIGN OF
GUIDE
1st Discussion and finalization of Topic 08/01/2024
2nd Discussion and finalization of Topic 15/01/2024
3rd Preparation and submission of Abstract 20/01/2024
4th Literature Review 22/01/2024
5th Collection of Data 03/02/2024
6th Collection of Data 05/02/2024
7th Collection of Data 12/02/2024
8th Collection of Data 17/02/2024
9th Discussion and Outline of Content 19/02/2024
10th Formulation of Content 26/02/2024
11th Editing and 1st proof Reading of Content 02/03/2024
12th Editing and 2nd proof Reading of Content 04/03/2024
13th Compilation of Report and Presentation 11/03/2024
14th Seminar 16/03/2024
15th Viva-voce 18/03/2024
16th Final submission of Micro project 01/04/2024

Sign of the Students Sign of the Faculty

1540-
1541-
1545-
1560-

4
Introduction:-

 The Digital Signature is a technique which is used to

validate the authenticity and integrity of the message. We
know that there are four aspects of security: privacy,
authentication, integrity, and non-repudiation. We have
already discussed the first aspect of security and other three
aspects can be achieved by using a digital signature.

 The basic idea behind the Digital Signature is to sign a

document. When we send a document electronically, we can
also sign it. We can sign a document in two ways: to sign a
whole document and to sign a digest

 Digital signature is a cryptographic value that is calculated

from the data and a secret key known only by the signer.

 In real world, the receiver of message needs assurance that

the message belongs to the sender and he should not be
able to repudiate the origination of that message. This
requirement is very crucial in business applications, since
likelihood of a dispute over exchanged data is very high.

5
How do digital signatures work?:-

Digital signatures are cryptographic techniques used to ensure

the authenticity, integrity, and non-repudiation of digital
documents or messages. They operate through a combination of
asymmetric encryption and hashing algorithms. Here's a
simplified explanation of how they work:

1. Key Generation: Each party involved in digital signing

generates a pair of cryptographic keys - a private key and a
public key. These keys are mathematically related, but it is
computationally infeasible to derive the private key from the
public key.
2. Signing: When a sender wants to digitally sign a document
or message, they use a hashing algorithm (such as SHA-
256) to generate a unique hash value or digest of the
document. This hash value is a fixed-length string that
uniquely represents the contents of the document.
3. Encryption: The sender then encrypts the hash value using
their private key. This process creates the digital signature.
Only the sender's corresponding public key can decrypt and
verify this signature.
4. Verification: When a recipient receives the document along
with the digital signature, they use the same hashing
algorithm to independently compute the hash value of the
received document.
5. Decryption: The recipient then decrypts the digital signature
using the sender's public key, which yields the original hash
value.

6
6. Comparison: The recipient compares the computed hash
value of the received document with the hash value obtained
by decrypting the digital signature. If they match, it
confirms that the document has not been altered since it
was signed and that the sender possesses the
corresponding private key.
7. Authentication and Non-repudiation: Since only the sender
possesses the private key required to create the digital
signature, successful verification of the signature proves
that the document originated from the sender. This process
ensures authentication and non-repudiation - the sender
cannot later deny their involvement in creating or sending
the document.

7
The steps followed in creating digital signature are :-

1. Message digest is computed by applying hash function on

the message and then message digest is encrypted using
private key of sender to form the digital signature. (digital
signature = encryption (private key of sender, message
digest) and message digest = message digest
algorithm(message)).
2. Digital signature is then transmitted with the
message.(message + digital signature is transmitted)
3. Receiver decrypts the digital signature using the public key
of sender.(This assures authenticity, as only sender has his
private key so only sender can encrypt using his private key
which can thus be decrypted by sender’s public key).
4. The receiver now has the message digest.
5. The receiver can compute the message digest from the
message (actual message is sent with the digital signature).
6. The message digest computed by receiver and the message
digest (got by decryption on digital signature) need to be
same for ensuring integrity.

8
Assurances about digital signatures:-

The definitions and words that follow illustrate the kind of

assurances that digital signatures offer.
1. Authenticity: The identity of the signer is verified.
2. Integration: Since the content was digitally signed, it
hasn’t been altered or interfered with.
3. Non-repudiation: demonstrates the source of the signed
content to all parties. The act of a signer denying any
affiliation with the signed material is known as repudiation.
4. Notarization: Under some conditions, a signature in a
Microsoft Word, Microsoft Excel, or Microsoft PowerPoint
document that has been time-stamped by a secure time-
stamp server is equivalent to a notarization.

Benefits of Digital Signatures:-

 Legal documents and contracts: Digital signatures are
legally binding. This makes them ideal for any legal
document that requires a signature authenticated by one or
more parties and guarantees that the record has not been
altered.
 Sales contracts: Digital signing of contracts and sales
contracts authenticates the identity of the seller and the
buyer, and both parties can be sure that the signatures are
legally binding and that the terms of the agreement have not
been changed.
 Financial Documents: Finance departments digitally sign
invoices so customers can trust that the payment request is
from the right seller, not from a bad actor trying to trick the
buyer into sending payments to a fraudulent account.

9
Importance of Digital Signature:-

Out of all cryptographic primitives, the digital signature using

public key cryptography is considered as very important and
useful tool to achieve information security.
Apart from ability to provide non-repudiation of message, the
digital signature also provides message authentication and data
integrity. Let us briefly see how this is achieved by the digital
signature –

 Message authentication − When the verifier validates the

digital signature using public key of a sender, he is assured
that signature has been created only by sender who possess
the corresponding secret private key and no one else.
 Data Integrity − In case an attacker has access to the data
and modifies it, the digital signature verification at receiver
end fails. The hash of modified data and the output provided
by the verification algorithm will not match. Hence, receiver
can safely deny the message assuming that data integrity
has been breached.
 Non-repudiation − Since it is assumed that only the signer
has the knowledge of the signature key, he can only create
unique signature on a given data. Thus the receiver can
present data and the digital signature to a third party as
evidence if any dispute arises in the future.

10
Encryption with Digital Signature:-

In many digital communications, it is desirable to exchange an

encrypted messages than plaintext to achieve confidentiality. In
public key encryption scheme, a public (encryption) key of sender
is available in open domain, and hence anyone can spoof his
identity and send any encrypted message to the receiver.
This makes it essential for users employing PKC for encryption to
seek digital signatures along with encrypted data to be assured
of message authentication and non-repudiation.
This can archived by combining digital signatures with
encryption scheme. Let us briefly discuss how to achieve this
requirement. There are two possibilities, sign-then-
encrypt and encrypt-then-sign.
However, the crypto system based on sign-then-encrypt can be
exploited by receiver to spoof identity of sender and sent that data
to third party. Hence, this method is not preferred. The process
of encrypt-then-sign is more reliable and widely adopted. This is
depicted in the following illustration –

11
Drawbacks of Digital Signature:-

 Dependency on technology: Because digital signatures rely

on technology, they are susceptible to crimes, including
hacking. As a result, businesses that use digital signatures
must make sure their systems are safe and have the most
recent security patches and upgrades installed.
 Complexity: Setting up and using digital signatures can be
challenging, especially for those who are unfamiliar with the
technology. This may result in blunders and errors that
reduce the system’s efficacy. The process of issuing digital
signatures to senior citizens can occasionally be
challenging.
 Limited acceptance: Digital signatures take time to replace
manual ones since technology is not widely available in
India, a developing nation.

12
 Conclusion

By generating unique digital signatures with private keys and validating them
with corresponding public keys, our project enables parties to confidently
exchange sensitive information across digital channels, safeguarding against
tampering, forgery, and unauthorized access. Furthermore, the non-repudiation
aspect of digital signatures strengthens accountability and trust in electronic
transactions and communications, mitigating disputes and enhancing legal
validity.

As technology continues to advance and digital interactions become

increasingly prevalent, the importance of digital signatures in ensuring data
security and authenticity cannot be overstated. Through our project, we have
contributed to the advancement of secure digital communication practices,
empowering individuals and organizations to conduct transactions and
exchange information with confidence in the digital realm.

13
14