Digital Signatures for Message Authentication and Non-Repudiation

Digital Signatures for Message Authentication and Non-Repudiation
Slide Note
Embed
Share

In the realm of cryptography, digital signatures play a vital role in ensuring message authenticity and integrity between communicating parties. They provide a way for users to verify the source of a message and detect any potential tampering during transmission. This description explores the distinction between digital signatures and message authentication codes, highlighting their respective functions and applications. Additionally, it delves into the concept of non-repudiation and the security measures digital signatures offer against potential adversaries.

  • Digital Signatures
  • Message Authentication
  • Non-Repudiation
  • Cryptography
  • Security
devo_776
devo_776 Follow

Uploaded on Feb 28, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. MIT 6.875 Foundations of Cryptography Lecture 11

  2. TODAY: Digital Signatures

  3. Message Authentication Codes m ?,? = ???(??,?) sk sk Verify(??,?,?) Authenticity: Bob wants to ensure that the message came from Alice. Needs Bob and Alice to share a secret key beforehand.

  4. Alice vk Digital Signatures: Public-key Analog of MACs m ?, Sign(??,?) sk Verify(??,?, ) (Public) verification keys are stored in a directory . Only Alice can produce signatures; but Bob (or indeed, anyone else) can verify them.

  5. Digital Signatures vs. MACs Signatures MACs ? users require ?2keys ? users require ? key-pairs Publicly Verifiable Privately Verifiable Transferable Not Transferable Provides Non-Repudiation (is this a good thing or a bad thing?) Does not provide Non-Rep.

  6. Alice pk,vk Other Applications 1. Certificates, or a public-key directory in practice: Trusted Certificate Authority, e.g. Verisign, Let s Encrypt. When Alice (=www.google.com) wants to register her public (encryption and signing) keys ?? and ??, first check that she is Alice. Issue a certificate ? ????(??????????,?????| ?? |??) Alice can later produce this certificate to prove that she owns ?? and ??. Browsers store ?????????? and check the certificate.

  7. Other Applications 2. Bitcoin and other cryptocurrencies: I am identified by my verification key ??. When I pay you (= ?? ), I sign $x paid to ?? with my ??.

  8. Digital Signatures: Definition A triple of PPT algorithms (???,????,??????) s.t. ??,?? ??? 1?. PPT Key generation algorithm generates a public-private key pair. (possibly probabilistic) Signing algorithm uses the secret signing key to produce a signature ?. ? ???? ??,? . Verification algorithm uses the public verification key to check the signature ? against a message ?. A??(1)/???(0) ?????? ??,?,? . Correctness: For all vk, sk, m: ?????? ??,?,???? ??,? = accept.

  9. Digital Signatures: Security The adversary after seeing signatures of many msgs, should not be able to produce a signature of any new msg. 1. What are the adversary s powers? Request for, and obtain, signatures of (poly many) messages ?1,?2, Chosen-message attack 2. What is her goal? She wins if she produces a signature of any message ? {?1,?2, }. Existential Forgery

  10. EUF-CMA Security (Existentially Unforgeable against a Chosen Message Attack) Challenger ??,?? ??? 1? Eve ?? ?? poly many times ?? ?? ????(??,??) ? ,? Eve wins if Verify(??,? ,? )= 1 and ? {?1,?2, }. The signature scheme is EUF-CMA-secure if no PPT Eve can win with probability better than negl(?).

  11. Strong EUF-CMA Security (Existentially Unforgeable against a Chosen Message Attack) Challenger ??,?? ??? 1? Eve ?? ?? poly many times ?? ?? ????(??,??) ? ,? Eve wins if Verify(??,? ,? )= 1 and (? ,? ) (??,??,(??,??), }. The signature scheme is EUF-CMA-secure if no PPT Eve can win with probability better than negl(?).

  12. Lamport (One-time) Signatures How to sign a bit Signing Key ??: [?0,?1] Verification Key ??: [?0= ?(?0),?1= ?(?1)] Signing a bit b: The signature is ? = ?? ? Verifying (b,?): Check if ? ? = ?? Claim: Assuming ? is a OWF, no PPT adversary can produce a signature of ? given a signature of ?.

  13. Lamport (One-time) Signatures How to sign n bits ??,0 ??,1 ?1,0 ?1,1 ?2,0 ?2,1 ?1,0 ?1,1 Signing Key ??: ??,0 ??,1 ?2,0 ?2,1 Verification Key ??: where ??,?= ?(??,?). Signing an n-bit message (?1, ,??): The signature is ?1,?1, ,??,??. ? Verifying (?, ?): Check if ?:? ?? = ??,??

Related


Evolution of Cryptography: From Ancient Techniques to Modern Security Mechanisms

Evolution of Cryptography: From Ancient Techniques to Modern Security Mechanisms

damari
Security and Authentication in Electronic Filing Systems: Arkansas Subcommittee Report

Security and Authentication in Electronic Filing Systems: Arkansas Subcommittee Report

harri
Overview of Basic Security Properties and Cryptography Fundamentals

Overview of Basic Security Properties and Cryptography Fundamentals

kawhi
DAVA Drugs Authentication & Verification Application by National Informatics Centre

DAVA Drugs Authentication & Verification Application by National Informatics Centre

ruxt_322
Secure Information Transmission in Cryptography

Secure Information Transmission in Cryptography

rene_1
Digital Signatures in Legislation: Estonia's Electronic Process

Digital Signatures in Legislation: Estonia's Electronic Process

ignazioc
Setting Up Multi-Factor Authentication at Moraine Park

Setting Up Multi-Factor Authentication at Moraine Park

leid_3
Authentication Mechanisms and Security Vulnerabilities

Authentication Mechanisms and Security Vulnerabilities

lev_tre
Evolution of User Authentication Practices: Moving Beyond IP Filtering

Evolution of User Authentication Practices: Moving Beyond IP Filtering

rin_fi
Kerberos Authentication in Network Security

Kerberos Authentication in Network Security

pcapp
Proposal for Enhancing S-63 Cybersecurity Management

Proposal for Enhancing S-63 Cybersecurity Management

raup216
Secure Authentication Using ISO 15693 RFID Tags

Secure Authentication Using ISO 15693 RFID Tags

rtrez
Authentication and Authorization in Information Assurance

Authentication and Authorization in Information Assurance

zam_nus
Network Security Fundamentals

Network Security Fundamentals

mckynl
Pipelines in Module 6

Pipelines in Module 6

capelle_j
Authentication and Message Authentication in Network Security

Authentication and Message Authentication in Network Security

lein_aye
Authentication in Networking Environments

Authentication in Networking Environments

bolander_j
Chapter 12

Chapter 12

roc_si
Anti-Shoulder Surfing based Authentication Mechanism using Graphical Passwords

Anti-Shoulder Surfing based Authentication Mechanism using Graphical Passwords

brne727
Authentication Overview: Definition and Means

Authentication Overview: Definition and Means

juliean
Hash-Based Signatures

Hash-Based Signatures

kaylean
Introduction to Entity Authentication and Key Establishment Protocols

Introduction to Entity Authentication and Key Establishment Protocols

arkeem

More Related Content