Saturday, June 8, 2019
Hash Functions and Authentication Applications Essay Example for Free
Hash Functions and Authentication Applications EssayDigital key signature or Public-key digital signature is a method of authenticating digital information comparable to super acid peoples personal signature on documents. The digital signature process is using techniques taken from public-key cryptanalysis. Digital Signature is actually the output of public-key cryptography for signing and verification and is different from ordinary electronic signature like cable, telex, and fax. Since digital signatures ar based cryptographic techniques, a digital signature should agree the following properties.Digital Signature should be not forgeable authentic cannot be modify after sending not reusable prevent repudiation The simpler properties are AUTHENTICITY The importance of authenticity is to prevent authorized intervention. Using the public-key cryptosystems, the pass catcher will be confident that the vector is real and the mental object is valid. INTEGRITY both(preno minal) vector and receiver will be confident that the meat sent has not been altered during the transmission. The encryption ensures that no third party can affect or read the message. NON-REPUDIATIONRepudiation means the act of denying association with a message as in claming a third party sent it. This is professedly when a recipient of the message assert that the sender attach a signature to avoid any later repudiation. Digital Signature functions maybe likely using Direct or Arbitrated Digital Signature. The Direct approach relies only on communicating parties for their security using the public-key cryptosystems. The problem with Direct Digital Signature approach is the validation, wherein the security of the communication depends only on the senders unavowed key.It means that when senders security is breach, the whole transaction fails. Furthermore, the sender can also use the repudiation excuse and say that the he never sent a message or say his private keys were risk y or stolen. The Arbitrated approach is better, unlike Direct Digital Signature, This approach employ an arbiter to test the senders messages and signatures to verify its content and origin. The arbiter, when fully satisfied, hurl the message with date and sent it to its final destination.Arbitrated digital signatures can be implemented using conventional and public-key encryption. In a conventional approach, it assumed that sender S and the assigned arbiter A. Both arbiter and sender will now share a secret key, say KSA and later the recipient R will share secret key as KRA. The sender creates a message and computer it against its hash value M(H) then S submits the message to A. Arbiter will now decrypt the signature, check its hash value, validate the message, and send the message to R.Recipient decrypts the message and restores the original message (M). An arbitrated digital signature using public-key encryption has a different approach wherein the arbiter cannot design the me ssage. At first, the sender S encrypts the message with its own private key and encrypts it again with the recipient R private key thereby producing a secret signed message. This signed message will be encrypted again with the senders ID, together the message will be sent to the arbiter. The inner double encrypted message is secure from the arbiter and from anybody except the recipient.The arbiter can only see the outer messages to check the origin of the message and ensure that the sender private and public key is still valid. A replay attack is a slip of network attack where valid data transmission is maliciously or fraudulently repeated or delayed. It can be the originator itself or an opponent who intercepts the data and re-transmits it. A simple replay attack immediately sends the same message soon enough that it will arrive within the recipients window.A inhibit replay attack is when an attacker breach security by initiating a message interception and withhold it for future replay. The attacker will wait for the proper epoch to effectively replay the message without detection from the recipient.ReferencesData Security 2003, Digital Signatures,online, http//www. cs. uku. fi/junolain/secu2003/secu2003. htmldigital Wikipedia, Digital Signatures, online, http//en. wikipedia. org/wiki/Digital_signature Wikipedia, Replay Attack, online, http//en. wikipedia. org/wiki/Replay_attack
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment