Types of Signatures Direct digital signature involves only the communicating parties v Assumed that receiver knows public key of sender Signature may be formed by(1)encrypting entire message with sender's private key or(2 encrypting hash code of message with senders private key. Y Further encryption of entire message signature with receiver's public key or shared private key ensures confidentiality
6 Types of Signatures • Direct digital signature – involves only the communicating parties ✓Assumed that receiver knows public key of sender. ✓Signature may be formed by (1) encrypting entire message with sender’s private key or (2) encrypting hash code of message with sender’ s private key. ✓Further encryption of entire message + signature with receiver’s public key or shared private key ensures confidentiality
Types of signatures Problems with direct signatures Validity of scheme depends on the security of the sender's private key sender may later deny sending a certain message Y Private key may actually be stolen from X at time T, so timestamp may not help
7 Types of Signatures • Problems with direct signatures: ✓Validity of scheme depends on the security of the sender’s private key sender may later deny sending a certain message. ✓Private key may actually be stolen from X at time T, so timestamp may not help
Types of signatures Arbitrated digital signature - involves a trusted third party or arbiter v Every signed message from sender. X, to receiver, Y, goes to an arbiter, A, first v A subjects message signature to number of tests to check origin content v a dates the message and sends it to y with indication that it has been verified to its satisfaction
8 Types of Signatures • Arbitrated digital signature – involves a trusted third party or arbiter ✓Every signed message from sender, X, to receiver, Y, goes to an arbiter, A, first. ✓A subjects message + signature to number of tests to check origin & content ✓A dates the message and sends it to Y with indication that it has been verified to its satisfaction
Arbitrated Digital Signatures Requires an unconditionally Ttp as part of the signature generation and signature verification Each entity shares a symmetric key with the TtP Symmetric key cryptography results in a very fast algorithm However, this speedup is overshadowed by the TTP as well as communication overhead
9 Arbitrated Digital Signatures • Requires an unconditionally TTP as part of the signature generation and signature verification. • Each entity shares a symmetric key with the TTP • Symmetric key cryptography results in a very fast algorithm • However, this speedup is overshadowed by the TTP as well as communication overhead
Arbitrated Digital Signatures Signature Generation(by A) A al u= ek( h(m) TTP s=Ek(h(mIIA)
10 Arbitrated Digital Signatures • Signature Generation (by A) A IA , u = EkA(h(m)) TTP s = EkT(h(m)||IA )