07: Digital Signatures
DON'T provide PK cryptograhpy, AUTHENTICATION
Bob Signs a message: Digital Signature Generation Algorithm
Message + Bob's PK --> signature
Alice Verify's signature: Verification Algorithm
Message + Bob's PU + signature --> valid or naw?
To get the key to verify the signature you need a public key certificate which is verified by another PU certificate,…and so on... Til you get the root certificate. If anyone knows your private signing key by your private root certificate you can be MIM’d D:
Digital Signature Properties
Digital signatures provide authentication between parties:
Must verify the author, date and time of the signature
Must authenticate the contents at the time of the signature
Verifyable by third parties to resolve disputes
Attacks
A = user whose signature method is being attacked
C = attacker
Forgeries (Adversarial Goals)
Breaking a digital signature scheme successfully
Digital Signature Requirements
Satisfied by a secure hash function:
The signature must be a bit pattern that depends on the message being signed
The signature must use some information unique to the sender to prevent both forgery and denial
It must be relatively easy to produce the digital signature
It must be relatively easy to recognize and verify the digital signature
It must be computationally infeasible to forge a digital signature, either by constructing a new message for an existing digital signature or by constructing a fraudulent digital signature for a given message
It must be practical to retain a copy of the digital signature in storage