What is a digital signature? A digital signature functions for electronic documents like a handwritten signature does for printed documents. The signature is an un-forgeable piece of data that asserts that a named person wrote or otherwise agreed to the document to which the signature is attached. A digital signature actually provides a greater degree of security than a handwritten signature. The recipient of a digitally signed message can verify both that the message originated from the person whose signature is attached and that the message has not been altered either intentionally or accidentally since it was signed. Furthermore, secure digital signatures cannot be repudiated; the signer of a document cannot later disown it by claiming the signature was forged. In other words, digital signatures enable "authentication" of digital messages, assuring the recipient of a digital message of both the identity of the sender and the integrity of the message. How is a digital signature used for authentication? Suppose Arjun wants to send a signed message to Bharath. Arjun creates a message digest by using a hash function on the message. The message digest serves as a "digital fingerprint" of the message; if any part of the message is modified, the hash function returns a different result. Arjun then encrypts the message digest with his private key. This encrypted message digest is the digital signature for the message. Arjun sends both the message and the digital signature to Bharath. When Bharath receives them, he decrypts the signature using Arjun's public key, thus revealing the message digest. To verify the message, he then hashes the message with the same hash function Arjun used and compares the result to the message digest he received from Arjun. If they are exactly equal, Bharath can be confident that the message did indeed come from Arjun and has not changed since she signed it. If the message digests are not equal, the message either originated elsewhere or was altered after it was signed. Note that using a digital signature does not encrypt the message itself. If Alice wants to ensure the privacy of the message, she must also encrypt it using Bob's public key. Then only Bob can read the message by decrypting it with his private key. It is not feasible for anyone to either find a message that hashes to a given value or to find two messages that hash to the same value. If
�either were feasible, an intruder could attach a false message onto Alice's signature. Specific hash functions have been designed to have the property that finding a match is not feasible, and are therefore considered suitable for use in cryptography. One or more Digital IDs can accompany a digital signature. If a Digital ID is present, the recipient (or a third party) can check the authenticity of the public key. How long do digital signatures remain valid? Normally, a key expires after some period of time, such as one year, and a document signed with an expired key should not be accepted. However, there are many cases where it is necessary for signed documents to be regarded as legally valid for much longer than two years; long-term leases and contracts are examples. By registering the contract with a digital time-stamping service at the time it is signed, the signature can be validated even after the key expires. If all parties to the contract keep a copy of the time-stamp, each can prove that the contract was signed with valid keys. In fact, the timestamp can prove the validity of a contract even if one signer's key gets compromised at some point after the contract was signed. Any digitally signed document can be time-stamped, assuring that the validity of the signature can be verified after the key expires. Can using digital signatures help detect altered documents and transmission errors? A digital signature is superior to a handwritten signature in that it attests to the contents of a message as well as to the identity of the signer. As long as a secure hash function is used, there is no way to take someone's signature from one document and attach it to another, or to alter the signed message in any way. The slightest change in a signed document will cause the digital signature verification process to fail. Thus, authentication allows people to check the integrity of signed documents. Of course, if signature verification fails, it may be unclear if there was an attempted forgery or simply a transmission error.
�What are authentication and encryption? SSL server authentication allows users to confirm a Web server's identity. SSL-enabled client software, such as a Web browser, can automatically check that a server's certificate and public ID are valid and have been issued by a certificate authority (CA) - such as SafeScrypt - listed in the client software's list of trusted CAs. SSL server authentication is vital for secure e-commerce transactions in which users, for example, are sending credit card numbers over the Web and first want to verify the receiving server's identity. An encrypted SSL connection requires all information sent between a client and a server to be encrypted by the sending software and decrypted by the receiving software, protecting private information from interception over the Internet. In addition, all data sent over an encrypted SSL connection is protected with a mechanism for detecting tampering - that is, for automatically determining whether the data has been altered in transit. This means that users can confidently send private data, such as credit card numbers, to a Web site, trusting that SSL keeps it private and confidential. What is a Digital ID? Digital IDs are the electronic counterparts to driver licenses, passports, and membership cards. You can present a Digital ID electronically to prove your identity or your right to access information or services online. Digital IDs, bind an identity to a pair of electronic keys that can be used to encrypt and sign digital information. A Digital ID makes it possible to verify someone's claim that they have the right to use a given key, helping to prevent people from using phony keys to impersonate other users. Used in conjunction with encryption, Digital IDs provide a more complete security solution, assuring the identity of all parties involved in a transaction. For more information about key pairs, refer to the document on Technical Questions about Digital IDs A Digital ID is issued by a Certification Authority (CA) and signed with the CA's private key. A Digital ID typically contains the: Owner's public key Owner's name
�Expiration date of the public key Name of the issuer (the CA that issued the Digital ID) Serial number of the Digital ID Digital signature of the issuer The most widely accepted format for Digital IDs is defined by the CCITT X.509 international standard; thus certificates can be read or written by any application complying with X.509. Further refinements are found in the PKCS standards and the PEM standard. How do Digital IDs work? Digital IDs use public key encryption techniques that use two related keys, a public key and a private key. In public key encryption, the public key is made available to anyone who wants to correspond with the owner of the key pair. The public key can be used to verify a message signed with the private key or encrypt messages that can only be decrypted using the private key. The security of messages encrypted this way relies on the security of the private key, which must be protected against unauthorized use.
A Digital ID is signed by the Certification Authority that issued the Digital ID. Multiple digital certificates can be attached to a message or transaction, forming a certification chain where each Digital ID testifies to the authenticity of the previous Digital ID. The top-level certification authority must be independently known and trusted by the recipient.
�Why do I need a Digital ID? Virtual malls, electronic banking, and other electronic services are becoming more commonplace, offering the convenience and flexibility of round-the-clock service direct from your home. However, your concerns about privacy and security might be preventing you from taking advantage of this new medium for your personal business. Encryption alone is not enough, as it provides no proof of the identity of the sender of the encrypted information. Without special safeguards, you risk being impersonated online. Digital IDs address this problem, providing an electronic means of verifying someone's identity. Used in conjunction with encryption, Digital IDs provide a more complete security solution, assuring the identity of all parties involved in a transaction. How do I use Digital IDs? When you receive digitally signed messages, you can verify the signer's Digital ID to determine that no forgery or false representation has occurred. When you send messages, you can sign the messages and enclose your Digital ID to assure the recipient of the message that the message was actually sent by you. Multiple Digital IDs can be enclosed with a message, forming a hierarchical chain, wherein one Digital ID testifies to the authenticity of the previous Digital ID. At the end of a Digital ID hierarchy is a top-level Certification Authority, which is trusted without a Digital ID from any other Certification Authority. The public key of the top-level Certification Authority must be independently known, for example by being widely published. The more familiar you are to the recipient of the message, the less need there is to enclose Digital ID. You can also use a Digital ID to identify yourself to secure servers such as membership-based web servers. This is called authentication. Generally, once you've obtained a Digital ID, you can set up your security-enhanced web or E-mail application to use the Digital ID automatically.
�What is meant by Online Contracts? E-commerce portals usually specify detailed transaction rules in accordance with which any specific transaction can be initiated, conducted and concluded. A contract concluded over the Internet involves:
The dispatch and receipt of a proposal in an "electronic record" from one contracting party i.e., the proposer / offerer, to the other party, i.e., the acceptor, and The acceptance of the proposal in such electronic record, by the acceptor and the dispatch of such acceptance, in an electronic record by the acceptor to the proposer.
Section 13 of the IT Act specifies the manner and time when dispatch and receipt of an electronic record occur. Dispatch of an electronic record occurs, "when it enters a computer resource outside the control of the originator", unless agreed to the contrary between the originator and the addressee. What is a Public Key Infrastructure? Public-key infrastructure (PKI) is the combination of software, encryption technologies, and services that enables enterprises to protect the security of their communications and business transactions on networks. PKI integrates digital certificates, public-key cryptography, and certificate authorities into a total, enterprise-wide network security architecture. A typical enterprise's PKI encompasses the issuance of digital certificates to individual users and servers; enduser enrollment software; integration with certificate directories; tools for managing, renewing, and revoking certificates; and related services and support. The DOD PKI is a portion of the security management infrastructure dedicated to the management of keys and certificates used by public key-based security services. PKI assures the trustworthiness of public key-based cryptographic security services. A common PKI infrastructure provides cost savings and operational benefits by avoiding service duplication and consolidating procurements. In addition, the need for interoperability requires commonality and standards coordination of implementations. PKI leads to better services at lower cost through the ability to process more sensitive data in shared networks, the automation of sensitive functions previously kept off-line, and the use of the Internet for business purposes.
�Uses of PKI include:
Remote access to systems and resources through identification and authentication vs. password protection systems Securing financial transactions Secure messaging ensuring confidentiality and integrity of transmitted data Enhanced client-server transaction security through PKI session keys. Software (code) signing, ensuring the authenticity and integrity of publicly transmitted software
What PKI services can I expect? Non-repudiation Activities such as command and control, official release of procurement documents, and travel reimbursement approvals are accompanied by legal requirements for non-repudiation. The DOD PKI will satisfy these legal requirements for non-repudiation by deploying digital signature technology. Identification and Authentication Closely related to digital signatures is authentication: One way to authenticate identity, if a public key is available, is to obtain a signed challenge. If the signature is verified with a public key, it must have been signed by the holder of the private key (public private key pair.) Authentication is useful for remote access to information on a server, protecting network management from masqueraders, or for gaining physical access to a restricted area among other uses. Confidentiality Various types of transactions that occur over networks require confidentiality, including web-based access, file transfers, network management, Telnet, and payment transactions. Typically PKI facilities are used to support the establishment of a session key using a key exchange algorithm. The session key can be encrypted using recipients' public keys to ensure that only valid recipients can decrypt the session key and in turn, decrypt the transaction. Key exchange is the process of establishing a secure communications channel. Prior to communications, a symmetric key (often called a session key or message key) must be agreed upon by both parties. There are many variations, but in the simplest form, a symmetric key known as a session key (or message key for messaging applications) is generated and protected by the recipient's public key. That way, only an intended recipient can obtain the session key and
�decrypt the data. Public keys can be obtained from directories or through an exchange between the communicating parties. Integrity Integrity is a component of digital signatures. In contrast to handwritten signatures, a digital signature proves that the data is unchanged (integrity) as well as the source (who signed the data.) A digital signature is a message digest encrypted with the signer's private key. A message digest is a mathematical function and can be thought of as a fingerprint of the document. Anyone can compute a message digest of a document. It is much smaller than the message itself, but it is computationally infeasible to find an alternative message that would produce an identical digest. The signer's private key is then used to encrypt the message digest of signed document. A change to the document would result in a different digest and therefore a different signature. Therefore, knowing the digest has not changed is tantamount to knowing the message has not changed. The digital signature also verifies that the originator was indeed the sender of the message, because only the originator's public key could be used to decrypt the signature into the correct message digest of the document. Data and Key Recovery Reasons for data recovery may include an employee forgetting a password to unlock an encrypted file, the death of an employee who has encrypted some information, or someone attempting to hide criminal activity from law enforcement officials. Key recovery is a particular form of data recovery. With key recovery, a protected copy of the key is generally made available. The protection may involve a split key, where two organizations must both cooperate to decrypt the message. In contrast, data recovery generally refers to any alternative that provides a copy of the data to the authorized official. Privilege/Authorization It is possible for certificates to vouch for a user's identity and also specify privileges the user has been granted. Privileges might include authority to view classified information or permission to modify material on a Web server among other privileges. In the near term, however, the DOD plans to provide only identity certificates via the PKI because identity would typically be long-lived while privileges would vary more frequently.
�ACRONYMS
AES Advanced encryption Standard ARL Authority Revocation List CA Certification Authority CP Certificate Policy CPS Certification Practice Statement CRL Certificate Revocation List CSR Certificate Signing Request DN Distinguished Name DES Data Encryption Standards e-mail Electronic Mail FAQ Frequently Asked Querstions FTP File Transfer Protocol HTTP Hypertext Transfer Protocol IEEE Institution of Electrical and Electronics Engineers IETF Internet Engineering Task Force ISDN Integrated Service Digital Network ITU International Telecommunications Union LAN Local Area Network PIN Personal Identification Number PKI Public Key Infrastructure PKIX Public Key Infrastructure X.509 RSA Rivest Shamir Alderman SHA Secure Hash Algorithm SSL Secure Socket Layer URL Uniform Resource Locator WAN Wide Area Network
�