List of Articles

DIGITAL SIGNATURES - SAFETY ON THE INTERNET

As is clear from the series of articles, that security is of paramount importance in Ecommerce Applications. The basic requirements for conducting Commerce include Confidentiality, Integrity, Authentication and Privacy. Most of these requirements are met by ENCRYPTING the text. Encrypting is similar to languages designed in Indian households which allow elderly people to change alphabets in words. This change will not allow small children to understand the language. So the simplest encryption could be adding 1 alphabet, in the roman set to each alphabet. Thus A will change to B and B will change to C and FANDS would become GBOET, a word that is not easy to decipher.

Two Components of Encryption

Encryption is based on an algorithm and a key. An algorithm is a mathematical function that combines plain text with a string of digits, called a key to produce encryption. The algorithms are difficult to devise and thus are permanent in nature. One can keep changing the keys. The number of keys depend on the length of the key. Thus a 8 bit key, allows for 256 possible numeric configurations (2 8). Naturally long Encryption Keys are more secure.

Public Key Cryptography

It is clear that when you are in the midst of a connection with a server the connection is secured with the help of the server’s encryption algorithm. But there is also a need to secure Email communications with the help of Encryption. With Public key Encryption, the users can secure the Email communication.

Public key Cryptography is based on the concept of a Key pair. Each half of the pair can encrypt information that only the other half can decrypt. One part of the key is known only by the designated owner, called "Private Key" and the other half "Public Key" is published widely but is still associated with the owner.

Let us now see how Ram and sham would communicate with each other.

 

Private

Public

RAM

********

123ASD

SHAM

********

SDF345

 

  1. Ram gets Sham’s public key. Sham’s public key is easily accesible.

  2. Ram encrypts message based on Sham’s Public key.

  3. Ram sends Encrypted message to Sham.

  4. Sham decrypts message using Sham’s private key

 Some Important points to be noted

  1. Placing a public key on the network, makes it easily available and will not endanger the corresponding Private Key.

  2. Using a private key for Encryption is like signing a Document.

  3. Using Public Key slows down the process.

We will now come to the main topic of the discussion – DIGITAL SIGNATURE

Initially E Commerce applications were restricted to EDI (Electronic Date Interchange) Technology. This technology used Private Networks as compared to The Internet for the communications. Naturally using Private networks is costlier compared to the Internet. Thus E Commerce applications were restricted to Business to Business (B2B) Solutions. The Internet has changed all this. A lot of consumer business is also transacted Electronically, which is called as Business to Customer (B2C).

The consumer business needed additional security which is provided by a Digital Signature.

Suppose Ram wants to digitally sign a document it will work in the following manner.

  1. Ram’s document on the basis of his private key generates a unique number called a Digital Signature.

  2. The signature is attached to original message and the document is further encrypted using Ram’s Private key.

  3. Sham receives the Document and Decrypts it using Ram’s Public key.

  4. To verify the authencity of the document and the signature, Sham’s computer does some further computation, involving the original Document, Signature and Ram’s Public Key.

  5. Digital Signatures are not just Unique per person. They are unique for Each Document. So after step 4, the digital signature is reproduced. If it matches to the original one, the authencity is proved.

  6. There are around 3 companies offering Digital Signature Service, with Verisign TM leading the group.

The author, Mr. Sandeep Tapaswi is Director, FANDS TM group, and can be reached at response@fandsindia.com.