- •11.Determined signal's various representation forms
- •12. Casual process,spectral signals representation
- •19. Message sources
- •20. Messages sources various models: discrete, continuous
- •21. Markov's source main characteristics
- •22. Source’s information characteristics: entropy, redundancy
- •27. Noiseproof codes design techniques: code with parity check, code with threefold repetition, Hamming's code.
- •28. Communication channels various models: discrete, continuous.
- •29. Channel's information characteristics: information transfer speed,capacity.
- •30. Hash Codes: codes for efficient information retrieval.
- •31. Monte Carlo Methods
- •32. Error-correcting codes and real channels
- •33. Symmetric cryptography algorithms in channels
- •34. Electronic digital signature for information security
34. Electronic digital signature for information security
A digital signature (standard electronic signature) takes the concept of traditional paper-based signing and turns it into an electronic "fingerprint.” This "fingerprint,” or coded message, is unique to both the document and the signer and binds both of them together. Digital signatures ensures the authenticity of the signer. Any changes made to the document after it has been signed invalidate the signature, thereby protecting against signature forgery and information tampering. As such, digital signatures help organizations sustain signer authenticity, accountability, data integrity and the non-repudiation of signed electronic documents and forms. An electronic signature can be as basic as a typed name or a digitized image of a handwritten signature. Consequently, e-signatures are very problematic with regards to maintaining integrity and security, as nothing prevents one individual from typing another individual's name. Due to this reality, an electronic signature that does not incorporate additional measures of security is considered an insecure way of signing documentation.
Step 1: Getting a Private and Public Key
Step 2: Signing an Electronic Document
Step 3: Validating a Digital Signature
Methods for maintaining integrity include:
Parity bits or cyclical redundancy checking (CRC) functions: CRC functions work well for unintentional modifications, such as wire interference, but they can be circumventedby a clever attacker.One-way hash: A one-way hash creates a fixed-length value, called the hash value or message digest for a message of any length. A hash is like a unique fingerprint. With a hash attached to the original message, a recipient can determine if the message was altered by recomputing the hash and comparing his or her answer to the attached hash. Adobe has adopted the SHA-1 and SHA-256 algorithms because of their wide acceptance as a security standard.Message Authentication Codes (MAC)---A MAC prevents an attacker from obtaining the original message, modifying it, and attaching a new hash. In this case, a symmetric key is connected to the MAC and then hashed (HMAC). Without the key, an attacker cannot forge a new message. Adobe uses HMACs where appropriate.
Notions of security
a hierarchy of attack models against digital signatures[12]:
In a key-only attack, the attacker is only given the public verification key.
In a known message attack, the attacker is given valid signatures for a variety of messages known by the attacker but not chosen by the attacker.
In an adaptive chosen message attack, the attacker first learns signatures on arbitrary messages of the attacker's choice.
They also describe a hierarchy of attack results[12]:
A total break results in the recovery of the signing key.
A universal forgery attack results in the ability to forge signatures for any message.
A selective forgery attack results in a signature on a message of the adversary's choice.
An existential forgery merely results in some valid message/signature pair not already known to the adversary.
The strongest notion of security, therefore, is security against existential forgery under an adaptive chosen message attack.