Types of Signatures Direct digital signature involves only the communicating parties assumed that receiver knows public key of sender v Signature may be formed by(1)encrypting entire message with sender's private key or(2) encrypting hash code of message with sender's private key v Further encryption of entire message signature with receiver's public key or shared private key ensures confidentiality
6 Types of Signatures • Direct digital signature – involves only the communicating parties ✓Assumed that receiver knows public key of sender. ✓Signature may be formed by (1) encrypting entire message with sender’s private key or (2) encrypting hash code of message with sender’ s private key. ✓Further encryption of entire message + signature with receiver’s public key or shared private key ensures confidentiality
Types of Signatures Problems with direct signatures v Validity of scheme depends on the security of the sender's private key sender may later deny sending a certain message v Private key may actually be stolen from X at time T, so timestamp may not help
7 Types of Signatures • Problems with direct signatures: ✓Validity of scheme depends on the security of the sender’s private key sender may later deny sending a certain message. ✓Private key may actually be stolen from X at time T, so timestamp may not help
Types of signatures Arbitrated digital signature involves a trusted third party or arbiter v Every signed message from sender, X,to receiver. Y, goes to an arbiter. A, first v A subjects message t signature to number of tests to check origin content v a dates the message and sends it to y with indication that it has been verified to its satisfaction
8 Types of Signatures • Arbitrated digital signature – involves a trusted third party or arbiter ✓Every signed message from sender, X, to receiver, Y, goes to an arbiter, A, first. ✓A subjects message + signature to number of tests to check origin & content ✓A dates the message and sends it to Y with indication that it has been verified to its satisfaction
Arbitrated digital signatures Requires an unconditionally ttp as part of the signature generation and signature verification Each entity shares a symmetric key with the tTP Symmetric key cryptography results in a very fast algorithm However, this speedup is overshadowed by the TtP as well as communication overhead
9 Arbitrated Digital Signatures • Requires an unconditionally TTP as part of the signature generation and signature verification. • Each entity shares a symmetric key with the TTP • Symmetric key cryptography results in a very fast algorithm • However, this speedup is overshadowed by the TTP as well as communication overhead
Arbitrated digital signatures Sign ature generation(by A) A al U= Eka (h(m)) TTP Ek(h(mIIA
10 Arbitrated Digital Signatures • Signature Generation (by A) A IA , u = EkA(h(m)) TTP s = EkT(h(m)||IA )