28-06-2012, 11:19 AM
Digital Signatures & Authentication Protocols
[attachment=25867]
Digital Signatures
have looked at message authentication
but does not address issues of lack of trust
digital signatures provide the ability to:
verify author, date & time of signature
authenticate message contents at the time of signature
Must be verifiable by third parties to resolve disputes
Digital Signature Properties
must depend on the message signed
must use information unique to sender
to prevent both forgery and denial
must be relatively easy to produce
must be relatively easy to recognize & verify
be computationally infeasible to forge
with new message for existing digital signature
with fraudulent digital signature for given message
be practical save digital signature in a storage
Direct Digital Signatures
involves only the parties: sender and receiver
assumed receiver has sender’s public-key
digital signature made by sender signing entire message or hash with private-key
can encrypt using receivers public-key
important that sign first then encrypt message & signature
security depends on sender’s private-key
Arbitrated Digital Signatures
involves use of arbiter A
Sender sends the signed message to arbiter
validates any signed message
then dated and sent to recipient
requires suitable level of trust in arbiter
can be implemented with either private or public-key algorithms
arbiter may or may not be able to see message
Authentication Protocols
used to convince parties of each others identity and to exchange session keys
may be one-way or mutual
key issues in authenticated key exchange:
confidentiality – to protect session keys
timeliness – to prevent replay attacks
published protocols are often found to have flaws and need to be modified
Replay Attacks
where a valid signed message is copied and later resent
simple replay (simply copy and replay later)
repetition that can be logged (replay a timestamped message within its valid time window)
repetition that cannot be detected (the original message is suppressed and only replayed message arrives at the destination)
backward replay without modification (a message is replayed back to the sender; can work if symmetric encryption is used)
[attachment=25867]
Digital Signatures
have looked at message authentication
but does not address issues of lack of trust
digital signatures provide the ability to:
verify author, date & time of signature
authenticate message contents at the time of signature
Must be verifiable by third parties to resolve disputes
Digital Signature Properties
must depend on the message signed
must use information unique to sender
to prevent both forgery and denial
must be relatively easy to produce
must be relatively easy to recognize & verify
be computationally infeasible to forge
with new message for existing digital signature
with fraudulent digital signature for given message
be practical save digital signature in a storage
Direct Digital Signatures
involves only the parties: sender and receiver
assumed receiver has sender’s public-key
digital signature made by sender signing entire message or hash with private-key
can encrypt using receivers public-key
important that sign first then encrypt message & signature
security depends on sender’s private-key
Arbitrated Digital Signatures
involves use of arbiter A
Sender sends the signed message to arbiter
validates any signed message
then dated and sent to recipient
requires suitable level of trust in arbiter
can be implemented with either private or public-key algorithms
arbiter may or may not be able to see message
Authentication Protocols
used to convince parties of each others identity and to exchange session keys
may be one-way or mutual
key issues in authenticated key exchange:
confidentiality – to protect session keys
timeliness – to prevent replay attacks
published protocols are often found to have flaws and need to be modified
Replay Attacks
where a valid signed message is copied and later resent
simple replay (simply copy and replay later)
repetition that can be logged (replay a timestamped message within its valid time window)
repetition that cannot be detected (the original message is suppressed and only replayed message arrives at the destination)
backward replay without modification (a message is replayed back to the sender; can work if symmetric encryption is used)