3.2.

2 Digital Signature
 Confidentiality ensures that messages cannot be intercepted and read by
eavesdroppers, i.e., encryption protects against passive attack
 A different requirement is to protect against active attack (falsification of
data and transactions). Protection against such attacks is known as
message authentication
 A message, file, document, or other collection of data is said to be
authentic when it is genuine(not altered) and comes from its alleged
source
 A digital signature is not used to ensure the confidentiality of a message,
but rather to guarantee who sent the message, i.e.,
authentication(nonrepudiation); it proves who the sender is
 Nonrepudation can be source repudiation(denial of transmission of
message by source) or destination repudiation(denial of receipt of message
by destination)
1
 Digital signature is also used for Data Integrity; it ensures that messages are protected
against modification
 Note: authentication may mean both nonrepudiation and data integrity and sometimes
only data integrity
 Masquerade: The creation of messages by an opponent that are purported to come from an
authorized entity.
 In real world, the receiver of message needs assurance that the message belongs to the
sender and he should not be able to repudiate the origination of that message.
 Digital Signature for Assurance
 Consider the situation where Bob has just sold Alice something for 500 Birr
through a
deal that is made by e-mail
 Alice sends an e-mail accepting to pay 500 Birr
 Two issues need to be taken care of in addition to authentication
 Alice needs to be assured that Bob will not modify the amount and show that Alice
promised
to pay more than 500 Bir
 Bob needs to be assured that Alice will not deny that she sends the message, i.e., source
repudiation
2
 Digital signature reverses the asymmetric encryption process

 Alice encrypts the message using her private key:

 Sends the encrypted message to Bob
 Bob then decrypts the signature using Alice’s public key:
 If successful, he ensures that it comes from Alice
 If Bob can decrypt it with Alice’s public key, the message must have been
encrypted by Alice; No one else has Alice’s private key, and therefore no one
else could have created a ciphertext that could be decrypted with Alice’s public
key
 Therefore, the entire encrypted message serves as a digital signature
 In addition, it is impossible to alter the message without access to Alice’s
private key, so the message is authenticated both in terms of source and data
integrity 3
 But anyone can decrypt the message using Alice’s public key if it is
not important that the message be kept secret
 To combine both confidentiality and authentication
 Alice has to first encrypt the message using her private key
 Then encrypt the message with Bob’s public key

 Sends the encrypted message to Bob

 Bob decrypts the message using his private key
 Bob then decrypts the message using Alice’s public key

4
 Disadvantage: The public-key algorithm must be applied four times rather than
two in each communication which has an impact on efficiency.
 It is also possible with symmetric encryption, as far as the key is shared in
secured way.
5
Digital Signature Using Message Digest
 Problems in Digital Signature
 Alice may claim that her private key has been stolen before the message
was sent
 Alice may change her private key; a solution could be to have a central
authority that keeps track of changes in keys and that signed messages
be timestamped
 Alice’s entire message is encrypted which may be expensive in terms of
processing requirements
 It also requires a great deal of storage. Each document must be kept in
plaintext to be used for practical purposes. A copy also must be stored in
ciphertext so that the origin and contents can be verified in case of a
dispute
 A better and cheaper method is to use a message digest

6
 Hash function
 A hash function H takes a message m of arbitrary length and produces a
bit string h, h= H(m)
 When the hash value h is sent with the message m, it enables to determine
whether m has been modified or not; the principal objective of a hash
function is data integrity.
 It is similar to cyclic-redundancy check(CRC) and Checksum
 When a hash function is used to provide message authentication (integrity), the
hash function value is often referred to as a message digest
 The two most common hashing algorithms are
 MD5(Message Digest version 5) and
 Secure Hash Algorithm or SHA(SHA-1 and later versions like SHA-256) by NIST.
 h = H(m) is sent along m (not encrypted), where H is a cryptographic
hash function

7
 If m is changed to m’, its hash
H(m’)will be different from h =
H(m) and can be easily detected
 Alice first computes a message
digest and encrypts it with her
private key
 E(𝐾𝐴−, H(m)) is sent so that
Bob knows that it comes from
Alice by decrypting it with her
public key
 Bob decrypts the digest and
calculates the message digest; if
they match he knows the
message has not.

Digitally signing a message using a message digest – for data

integrity only 8
 M can be sent as plaintext or if confidentiality is required

 E(𝐾𝐵+, E(𝐾𝐴− ,H(m))) is sent so that Bob knows

can be encrypted using Bob’s public key

that it comes from Alice by decrypting it with her

public key
 Bob decrypts the digest and calculates the message digest;
if they match he knows it has not been altered.
 The public-key approach has two advantages:
 It provides a digital signature as well as message
authentication.
 It does not require the distribution of keys
to communicating parties
9
MD5 Algorithm
 MD5 message-digest algorithm is the 5th version of the Message-Digest Algorithm developed by Ron
Rivest to produce a 128-bit message digest.
 MD5 is quite fast than other versions of the message digest, which takes the plain text of 512-bit blocks,
which is further divided into 16 blocks, each of 32 bit and produces the 128-bit message digest, which is a
set of four blocks, each of 32 bits.
 MD5 produces the message digest through five steps, i.e. padding, append length, dividing the input into
512-bit blocks, initializing chaining variables a process blocks and 4 rounds, and using different constant it
in each iteration.
 It was developed with the main motive of security as it takes an input of any size and produces an output if
a 128-bit hash value.
 To be considered cryptographically secure, MD5 should meet two requirements:
1. It is impossible to generate two inputs that cannot produce the same hash function.
2. It is impossible to generate a message having the same hash value. 10
How do the MD5 Algorithm works?
 As we all know that MD5 produces an output of 128-bit hash value.
 This encryption of input of any size into hash values undergoes 5 steps, and each step has its predefined task.
 Step1: Append Padding Bits
 Assume that we have a message x with a length of l bit. To obtain an overall message size of a
multiple of 512 bits, we append a single “1” followed by k zero bits and the binary 64-bit
representation of l.
Consequently, the number of required zeros k is given by
k≡512−64−1−l  448−(l+1) mod 512. =443 assume if =24, representing each character in 8 bit.

 Step 2: Append Length

 After padding, 64 bits are inserted at the end, which is used to record the original input length.
 At this point, the resulting message has a length multiple of 512 bits.
 Step 3: Initialize MD buffer.
 A four-word buffer (A, B, C, D) is used to compute the values for the message digest
 Step 4: Processing message in 16-word block
 MD5 uses the auxiliary functions, which take the input as three 32-bit numbers and produce
32-bit output.
 These functions use logical operators like OR, XOR, NOR.
 Step 5 : Output- After all, rounds have performed, the buffer A, B, C, D contains the MD5 output
 MD5starting with lower bit A and ending with higher bit D.
algorithm with example 11
SHA Algorithm
 SHA algorithm is Secure Hash algorithm developed by the National Institute of Standards and
Technology along with NSA, previously released as a Federal Information Processing Standard,
later in 1995,
 It was named as SHA algorithm, design to modify the MD4
 In the field of cryptography and crypt analytics, the SHA-1 algorithm is a crypt-formatted hash
function that is used to take a smaller input and produces a string that is 160 bits, also known as 20-
byte hash value long.
 The hash value therefore generated, is known as a message digest which is typically rendered and
produced as a hexadecimal number which is specifically 40 digits long.
 The Different Types of SHA algorithm include the ones:

12
Properties of Hash Function
 One-way function: It is computationally infeasible to find m that
corresponds to a known output of h
 Or given a hash value h it should be difficult to find the message m such that h =
H(m)
 That means you cannot “unhash” something
 Collision resistance
 Weak-collision resistance: It is computationally infeasible, given m and H, to
find m’
≠m such that H(m) = H(m’)
 Strong-collision resistance: Given H, it is computationally infeasible to find any
two
different input values m and m’, such that H(m) = H(m’)
 The output is of fixed-length no matter what input is given. This is exactly
how Windows stores passwords. For example, if the password is password,
then Windows will first hash it producing something like:
0BD181063899C9239016320B50D3E896693A96DF
13
3.3.4 Public Key Distribution
 Public Announcement of Public Keys
 Send a public key to any other participant or broadcast the key to
the community
 But anyone can forge such a public announcement, i.e., some user could
pretend to be a legitimate user and send a public key to another participant
or broadcast it, so mechanism is required.
 Public-key Infrastructure
 We need a body that certifies the public key is that of the party we wish to
communicate with, i.e., Certification/ Certificate Authority (CA) that
signs (certifies) the public key.
 Public-Key Infrastructure(PKI) is the set of hardware, software, people,
policies, and procedures needed to create, manage, store, distribute, and
revoke digital certificates based on asymmetric cryptography
14
 Users publish certificates with the X.509 standard (for formatting
certificates)
 A certificate is a public key and some naming “stuff”, digitally signed
by someone you trust (third party), i.e., the CA
 The resulting certificate will contain information like user’s name/ID,
user’s public key, name of CA, start date of certificate, and length of
time it is valid
 The Internet Engineering Task Force (IETF) Public Key
Infrastructure
X.509 (PKIX) working group has been the driving force for deploying
a certificate-based architecture on the Internet

15
 Elements of the PKIX model
 End entity: Denotes end users, devices (e.g., servers, routers); end
entities typically consume and/or support PKI-related services
 Certification Authority(CA): The issuer of certificates and (usually)
certificate revocation lists (CRLs)
 Registration Authority(RA): An optional component that
can assume a number of administrative functions from the
CA
 CRL issuer: An optional component that a CA can delegate
to publish CRLs
 Repository: Any method for storing certificates and CRLs so that
they can be retrieved by end entities

16
 Read about symmetric key distribution
 Using symmetric key encryption
 Using asymmetric key encryption
17
Concluding Remarks about Encryption
 Advantages and disadvantages
 Advantage of private-key (symmetric/secret-key) cryptography is that it provides better
secrecy but needs prearranged key exchange

 Symmetric key cryptography is impractical for exchanging messages with a large group of
previously unknown correspondents over a public network, e.g., in e-commerce, for a
merchant to conduct transactions securely with millions of customers, each customer would
need a distinct key assigned by that merchant and transmitted over a separate secure
channel

 Advantage of public-key (asymmetric) cryptography is that, it allows for secrecy between

two parties who have not arranged in advance to have a shared key (or trusted some third
party to give it to them) and the disadvantage is overhead and speed

 Therefore, in practice, hybrid systems use public-key to establish session key for private key
18