Professional Documents
Culture Documents
Digital Signatures and Authentication Protocols
Digital Signatures and Authentication Protocols
Digital Signatures and Authentication Protocols
Authentication Protocols
Reporters:
Jerimiah Saberon
Merryl Lorraine gonzaga
April mae panaguiton
What is the Digital Signature Standard (DSS)?
The Digital Signature Standard (DSS) is a digital signature algorithm developed by the
U.S. National Security Agency as a means of authentication for electronic documents.
A digital signature is equivalent to a written signature used to sign documents and provide physical
authentication.
DSS was published by the National Institute of Standards and Technology in 1994. It has since
become the United States government standard for authentication of electronic documents.
DSS is also specified as a verified means for authentication in Federal Information Processing
Standards (FIPS) 186.
How does the Digital Signature Standard work?
DSA is a pair of large numbers that are computed according to the specified algorithm within
parameters that enable the authentication of the signatory and, as a consequence, the
integrity of the data attached.
It contains Elliptic Curve Digital Signature Algorithm (DSA), as well as a definition of Rivest-
Shamir-Adleman signatures based on Public-Key Cryptography Standards #1 version 2.1
and American National Standards Institute X9.31.
Digital signatures are generated through DSA, as well as verified. Signatures are
generated in conjunction with the private key. Verifying the private key takes place in
reference to a corresponding public key
What is the Digital Signature Standard format?
Lesson 2: Authentication services and protocols
Kerberos is an authentication protocol that is used to securely identify users and devices
on a network. It is designed to prevent attacks such as eavesdropping and replay attacks,
and to allow users to securely access network resources without transmitting their
passwords over the network.
LDAP (Lightweight Directory Access Protocol) is a network protocol used to access and
manage directory services, such as those provided by Active Directory or Open LDAP.
LDAP is designed to be a simple, fast, and secure protocol for accessing directory services
over a network.
OAuth2 (Open Authorization 2.0) is an open standard for authorization that enables users
to grant third-party applications access to their resources (such as data or services) without
sharing their passwords. OAuth2 is used to enable secure authorization from web, mobile,
and desktop applications.
The Most Common Authentication Protocols are:
What is 2FA ?
Two-factor authentication (2FA) is an identity and access management security method that requires two
forms of identification to access resources and data. 2FA gives businesses the ability to monitor and help
safeguard their most vulnerable information and networks.
Benefits of 2FA
Businesses use 2FA to help protect their employees’ personal and business assets. This is important
because it prevents cybercriminals from stealing, destroying, or accessing your internal data records for
their own use.
Authentication methods for 2FA
Hardware Tokens - Businesses can give their employees hardware tokens in the form of a
key fob that produces codes every few seconds to a minute. This is one of the oldest forms
of two-factor authentication.
Push Notifications - Push two-factor authentication methods require no password. This type
of 2FA sends a signal to your phone to either approve/deny or accept/decline access to a
website or app to verify your identity.
• Here are some tips to ensure your two-factor authentication implementation goes as
smoothly as possible.
• Consider using the most common method of implementation, SMS authentication. It’s
convenient and ensures that all user identities are verified via a reliable phone number.
• Remember that most users can implement 2FA through the security settings of their
smartphone or electronic device.
• Find the right two-factor authentication provider.
Lesson 4: Digital Certificates
A digital certificate is a form of electronic credential that can prove the authenticity of a user,
device, server, or website. It uses PKI to help exchange communications and data securely
over the internet.
Security - Digital certificates can keep internal and external communications confidential and
protect the integrity of the data. It can also provide access control, ensuring only the intended
recipient receives and can access the data.
Authentication - With a digital certificate, users can be sure that the entity or person they
are communicating with is who they say they are and makes sure that communications reach
only the intended recipient.
Scalability - Digital certificates can be used across a variety of platforms for individuals and
large and small businesses alike. They can be issued, renewed, and revoked in a matter of
seconds.
Reliability - A digital certificate can only be issued by a publicly trusted and rigorously vetted
CA, meaning that they cannot be easily tricked or faked.
Public trust - The use of a digital certificate proves authenticity of a website, documents, or
emails. It can assure users and clients that the company or individual is genuine and
respects privacy and values security.
Different types of digital certification
Public certificate authorities are required to adhere to a set of baseline requirements. Most
web browsers are set up to trust a pre-selected list of CAs, which are set by the browser
itself or the operating system of the device. The verification of a digital certificate often
happens behind the scenes and quickly, without a user even being aware of the process.
Digital certificates are also used in e-commerce to protect sensitive, identification, and
financial information. Online shopping, stock trading, banking, and gaming all use digital
certificates. Digital certificates can be used for electronic credit card holders and merchants
to protect the financial transaction.
Criticisms of digital certificates
While digital certificates are designed to invoke public trust and prove security and validity,
they are not infallible. Digital certificates do have potential weaknesses that bad actors have
exploited.
Organizations can be breached, for example, and cybercriminals can steal certifications and
private key information, allowing them to then distribute malware. An illegitimate certificate
can configure an infected system to trust it opening the door to attack.
The MITM (man-in-the-middle) attack has also been known to intercept SSL/TLS traffic to
gain access to sensitive information by either creating a fake root CA certificate or installing
a rogue certificate that can then bypass security protocols. Overall, however, the use of
digital certificates to secure websites is considered to be more secure than not using them.
THANK YOU!!!