Understanding Digital Signatures and Certificates
The second Back2Basics post, this time covering how the CIA triad is applied and what comes of it.
We know of the CIA triad when it comes to security, but there are additional things that must take place to ensure that the documents came from the correct person as well. These can be done by a combination of digital signatures and digital certificates. However, those three goals are not necessarily enough anymore and thus have had a few things tacked on as the years have passed. But the most important one is “non-repudiation” and it essentially ensures that a party cannot deny that a certain thing has happened. This can mean logs and auditing software tracking what a user has done. Another example is when someone signs for a credit card transaction, thus ensuring that the person in fact has taken responsibility for the transaction (but it doesn’t cover the case if the credit card was stolen and signature forged). With things like these comes with a lot of trivialities and little details that actually have to be followed. There needs to be careful and precise methods to be taken care of to ensure that any information is confidential, with integrity, available, and with non-repudiation. In fact, you could say it’s like this little rocket landing on this little barge.
Although we know of these security goals to strive for, one of the more difficult concepts afterward is how to apply all three of them together. In order to do that, we have to bring up a concept of encryption (I’ll cover that more in-depth eventually). Encryption itself is the science on how to scramble the contents of information (for the sake of simplifying it, let’s just use a message). As a result, the content is still in plain site, but an algorithm has been applied to the message to ensure that it is not “readable”. A common confusion is encryption and cryptography, and understandably so. Encryption is making a message unable to be deciphered. Cryptography is making a message unable to be found. Cryptography can often incorporate encryption elements, but cryptography itself is hiding the meaning for messages that are known to exist. I won’t go into the specifics on cryptography and encryption, but let’s skip along to the idea of public key and private key encryption. For a long time, private key encryption was the method of use but the problem behind it was the key distribution itself and how they could safely transfer the keys without there being any possible situations of compromise. The problem is that there are too many variables that could happen with a one private key system. However, in the 1970’s, Whitfield Diffie came up with a very simple concept that was never really even thought of or discovered before, which eventually led to the public key encryption system being developed! Instead, the key shouldn’t be sent and there should be two different keys, one to encrypt and one to decrypt. Although it might be more of a hassle and brings about more combinations of very difficult math, it proved to be the successor of private key encryption!
One of the cryptography algorithms, hash functions are now really only used for one purpose, message integrity checking, because there is no key associated with the hash function. The message digest that is created or the one-way encryption that is formed makes it difficult to reverse engineer the contents and it also creates a fixed-length hash value, regardless of the length of the original plaintext. Because it is used to ensure message integrity, it provides a “digital fingerprint” of what the message’s content was like and what it should look like if the plaintext was run through the same hashing function, if it does not, then it means that the message, somewhere along the way has been altered. Hash Source
Two keys, one public and one private. Public encrypts and private key decrypts. Two numbers secret and two numbers public. Public key ciphers are determined by treating the message as numbers and transforming into a one-way function that can be used to generate the private key for both users. It is calculated and ends up becoming the same private key. However it exchanged symmetric keys and required that both users have information from the other. Below are some notes that I took while taking an introductory cybersecurity class on encryption. Something to note though, confidentiality ensures that the appropriate person receives the message, while authentication ensures that the appropriate person sent the message.
- Confidentiality – Public key encrypts, private key decrypts
- Authentication – Private key encrypts, public key decrypts
- Confidentiality but no Authentication
- Exchange public keys, use each other’s public key and use their own private key to check. But there is no authentication because it was the public key used to encrypt the message.
- Authentication but no Confidentiality
- Using private keys to exchange and decrypt with public key, but no confidentiality because it could be deciphered by using the public key.
- Integrity and Authentication, but no confidentiality Can’t be reverse engineered.
- Plaintext through hash function for hash, encrypted with private key for digital signature. Plaintext and signature to Bob, Bob hashes message for hash. Bob uses Alice’s public key to decrypt signature to view hash. Bob verifies if hashes match. Verifies that private key was used to sign the message, still possible that attacker is pretending after stealing private key. Private Key and Message are hashed together.
- Anyone that uses Alice’s public could reveal hash, but no one could change without the private key. One Way function, so a private key must be used to decrypt a public key and vice versa.
- If hashes match, has not changed. And whoever signed as Alice’s private key.
- Alice runs plaintext through hashing function for hash. Encrypts to Bob with Bob’s public key, encrypts hash with private key. (instead of the plaintext message, encrypted with Bob’sPublicKey Alice sends encrypted message and signature to Bob. Decrypts with secret key, and hashes decrypted to obtain own hash. Bob uses Alice’s public key to decrypt digital signature, and Bob compares hashes.
- Authentication problem, enforce non repudiation? CERTIFICATES
- Digital Certificates – Ensures signature and public key belong to sender. Exchanges public key. Certificate server and Public Key Infrastructure help. CA uses PKI to bind parts of certificates (user’s public key) with secret certification key, decrypt using CA’s public verification key to obtain user’s public key.
As a result, a digital signature can be used to provide integrity and authentication, but there is no confidentiality that that no one stole the private key in creating the digital signature. The final element of confidentiality is achieved through digital certificates because it allows the certificate authority to ensure that the user’s public key is in fact that user’s, thus allowing for the confidentiality in the user for the person that decrypts the message. A common scenario has two users, Bob and Alice. As they are conversing, here is how the digital signature and certificate can come into play. Message has not been changed since signed, used Alice’s private key. Bob obtained public key through digital certificate that bound key to Alice’s identity. Alice can’t deny due to secret key used to create digital signature.
Digital Signature: Suppose Alice wants to send a signed document or message to Bob. The first step is generally to apply a hash function to the message, creating what is called a message digest. The message digest is usually considerably shorter than the original message. In fact, the job of the hash function is to take a message of arbitrary length and shrink it down to a fixed length. To create a digital signature, one usually signs (encrypts) the message digest as opposed to the message itself.
Digital Certificate: In addition, someone could pretend to be Alice and sign documents with a key pair he claims is Alice’s. To avoid scenarios such as this, there are digital documents called certificates that associate a person with a specific public key. Certificates help determine if signature and public key actually belong to the sender, allows exchange of public key. Distributed through certificate servers or a public key infrastructure so that the trusted parties themselves are not known. The certificate authority, which uses one of the two methods, binds parts of the certificates using its own secret key to ensure that it is “trusted”.
tl;dr – a digital signature is used to ensure that the message was created by a known sender and not altered. a digital certificate verifies that the message came from the correct sender. A digital signature is used to bind the identity to their public key. A digital signature just proves that a document hasn’t been tampered with whereas a digital certificate proves that the document actually came from you.