Hash Functions and Authentication Applications Essay Example for Free

Hash Functions and Authentication Applications Es positdigital theme song or Public- profound digital signature is a method of authenticating digital information comparable to common good deals personal signature on documents. The digital signature process is using techniques taken from public-key cryptography. Digital Signature is actually the output of public-key cryptography for signing and verification and is assorted from ordinary electronic signature like cable, telex, and fax. Since digital signatures are based cryptographic techniques, a digital signature should have the future(a) properties.Digital Signature should be non forgeable authentic rout outnot be modify after sending not reusable prevent repudiation The simpler properties are AUTHENTICITY The importance of authenticity is to prevent authorized intervention. victimisation the public-key cryptosystems, the recipient ordain be confident that the vector is real and the message is valid. INTEGRITY Both sender and receiver will be confident that the message sent has not been altered during the transmission. The encryption ensures that no third party can view or read the message. NON-REPUDIATIONRepudiation means the act of denying sleeper with a message as in claming a third party sent it. This is true when a recipient of the message assert that the sender attach a signature to avoid any ulterior repudiation. Digital Signature functions maybe possible using Direct or Arbitrated Digital Signature. The Direct shape up relies only on communicating parties for their security using the public-key cryptosystems. The problem with Direct Digital Signature start out is the validation, wherein the security of the communication depends only on the senders private key.It means that when senders security is breach, the whole transaction fails. Furthermore, the sender can also use the repudiation excuse and say that the he never sent a message or say his private keys were forged or stol en. The Arbitrated approach is better, unlike Direct Digital Signature, This approach employ an arbiter to test the senders messages and signatures to verify its content and origin. The arbiter, when fully satisfied, stamp the message with date and sent it to its final destination.Arbitrated digital signatures can be implemented using conventional and public-key encryption. In a conventional approach, it assumed that sender S and the as sign arbiter A. Both arbiter and sender will now share a secret key, say KSA and later the recipient R will share secret key as KRA. The sender creates a message and computer it against its hash value M(H) then S submits the message to A. Arbiter will now decrypt the signature, check its hash value, validate the message, and send the message to R.Recipient decrypts the message and restores the original message (M). An arbitrated digital signature using public-key encryption has a different approach wherein the arbiter cannot see the message. At first , the sender S encrypts the message with its own private key and encrypts it again with the recipient R private key thereby producing a secret signed message. This signed message will be encrypted again with the senders ID, together the message will be sent to the arbiter. The inner double encrypted message is secure from the arbiter and from anybody except the recipient.The arbiter can only see the outer(a) messages to check the origin of the message and ensure that the sender private and public key is still valid. A replay attack is a type of network attack where valid selective information transmission is maliciously or fraudulently repeated or delayed. It can be the originator itself or an adversary who intercepts the data and re-transmits it. A simple replay attack immediately sends the same message soon enough that it will arrive within the recipients window.A suppress replay attack is when an attacker breach security by initiating a message interception and withhold it for f uture replay. The attacker will wait for the proper time to efficaciously replay the message without detection from the recipient.ReferencesData Security 2003, Digital Signatures,online, http//www. cs. uku. fi/junolain/secu2003/secu2003. htmldigital Wikipedia, Digital Signatures, online, http//en. wikipedia. org/wiki/Digital_signature Wikipedia, reproduce Attack, online, http//en. wikipedia. org/wiki/Replay_attack