Page 241 - DCAP403_Operating System
P. 241
Operating System
Notes The advantages of asymmetric encryption are:
Only one party needs to know the private key; and knowledge of the public key by a third party
does not compromise the security of message transmissions.
The crack a mere 40 or 56 bit asymmetric key would be trivially simple, because there are far
fewer of keys available (or, expressed more technically, the ‘key-space’ is relatively ‘sparse’). It is
currently conventional to regard a 1024-bit asymmetric key-length as being necessary to provide
security. Because of the much greater key-length, encryption and decryption require mush core
processing power, or, for a given processor, significantly more processing time. Messages are
sent in large volumes; so the rsulting delays are of considerable consequence.
Task Discuss the use of Triple-DES for security purpose.
12.9 Digital Signature
Like the conventional signature, the digital signature assures all concerned that the contents of
the electronic messages are authentic, are really sent by the sender on the date and time recorded.
All these functions can be performed using the public-key encryption techniques and the message
digest techniques. As the message exchange and electronic commerce applications grow, the
importance of digital signatures will increase. Let us take the case that you ordered a few dresses
from an electronic store. The seller wants to make sure that your order is genuine and has come
from you, the information in the order is accurate and has been modified on the network, and
finally you will not disown the order.
12.9.1 Signing Process
1. Prepare the message. All the mail and messaging software including messaging programs
like Microsoft exchange have all the needed software for handling digital signatures.
2. Create a message digest for the message using the secret key, which the sender is sharing
with the recipient.
3. Encrypt the message and the digest with the private key of the sender. At this stage the
document is signed as the message is authenticated with the private key of the sender.
If required, send also the digital certificate of the sender, as it contains the public key of
the sender. The sender should not encrypt this digital certificate, so as top facilitate easy
retrieval of the sender’s public key by the recipient.
4. Send the cipher text and the digital certificate to the recipient
5. The recipient retrieves the public key of the sender using his/her private key.
6. The recipient decrypts the cipher text
7. Recipient runs the message digest algorithm on the message, using the secret key shared
with the sender.
8. Compare the computed message digest with the received message digest. If they are the
same, then the message reached intact. Otherwise the message was tampered.
234 LOVELY PROFESSIONAL UNIVERSITY
