Substance
- Higher Education in Cryptography in Indonesia
- History of Cryptography
- Understanding Digital Signatures
- Algorithm Model of Cipher
- Symmetric Key Encryption
- Asymmetric Key Encryption
- Cryptographic Hash Function
- Illustration of the Digital Signature Utilization Process
- Benefits of Digital Signature
- Presentation
Lorenz cipher-SZ42-2
1. Higher Education in Cryptography in Indonesia
Cryptography is a field of study that studies encryption / the art of keeping information secret, namely by changing information into another form that cannot be understood by humans in general, for example in Indonesia is STSN.
STSN (State Cryptography College) is a civil service college in Indonesia organized by the State Cryptography Institute of the Republic of Indonesia. STSN, located at Jl. Raya Haji Usa, Putat Nutug Village, Ciseeng, Bogor -- West Java 16330, is the only cryptography college in Indonesia.
2. History of Cryptography
Before we get into the core material, it would be good if we paid attention to a very famous motto, which was initiated by an important figure of the Republic of Indonesia, namely the late Ir. Soekarno, namely: "jasmerah" = never forget history, so that in this segment, let's first find out about the history of the idea of a digital signature.
Cryptography has been known for a long time, namely from the reign of the Roman Emperor Julius Caesar until World War III.
Communication between generals, combat units, and spies was encrypted to prevent leaks of war strategy plans to the enemy. One example during World War II, the German Army used their own Lorenz cipher-SZ42-2 rotor machine (Example image in the Header). Created and developed by C. Lorenz AG from Berlin. The model name SZ comes from Schlüsselzusatz which means "cipher attachment", This instrument applies the concept of Vernam Stream Cipher.
In 1976, Whitfield Diffie and Martin Hellman were the first scientists to describe the idea of a digital signature scheme, namely a digital signature that reflects the idea of a manual signature, and ultimately created a Symmetric-key Encryption type of cipher algorithm, and from there it was developed into Asymmetric-key Encryption.
Not long after Ronald Rivest, Adi Shamir and Len Adleman discovered the RSA algorithm (taken from the abbreviation of the three inventors' names) which can be used for Digital Signature. In 1984, Shafi Goldwasser, Silvio Micalli, Ronald Rivest and became one to determine the security requirements of the Digital Signature scheme.
3. Understanding Digital Signatures
In general, a digital signature is a mathematical scheme that uniquely identifies a sender, as well as proving the authenticity of the owner of a message or digital document, so that an authentic (valid) digital signature is sufficient reason for the recipient to believe that a message or document received comes from a known sender.
Digital Signature Implements the Concept of Cipher Algorithm
A cipher algorithm is a scheme with a cryptographic purpose. The requirements that must be met in creating a cipher algorithm are as follows:
- Confusion, that is, from clear/obvious text so that it is made difficult to reconstruct directly without a description algorithm.
- Diffusion / melting, which is removing the characteristics of a clear / obvious text.
4. Code Algorithm Model
In the current encryption and decryption process, a certain key is used so that information can be changed and returned exactly the same as its original form, for that a key is needed in the process. There are two types of cipher algorithms in general, namely:
- Symmetric Key
- Asymmetric Key
5. Symmetric-key Encryption
Or also called as conventional cipher algorithm, which is an algorithm scheme where for each encryption and decryption process of data as a whole the same key is used. This scheme is based on the amount of data per process and the data processing flow in it is divided into two classes, namely block-cipher and stream-cipher.
Block Cipher
Block-cipher is a cipher algorithm scheme that will divide the clear text to be sent with a certain size (called blocks) with length t, and each block is encrypted using the same key. In general, block-cipher processes clear text with relatively long blocks of more than 64 bits.
For example, there are 3 known block cipher encryptions:
- DES (Data Encryption Standard), uses a key with a length of 56 bits
- AES (Advance Encryption Standard, uses keys with lengths 128, 192 and 256
- Triple DES, this is the same as DES only done three times.
Cipher Block Chaining (CBC) Encryption Mode
Stream Cipher
Stream-cipher is a cipher algorithm that encrypts data units of data, such as bits, bytes, nibbles or per five bits (when the encrypted data is Boudout data). Each time one data unit is encrypted, a key is used which is the result of the previous key generation.
Stream Cipher
6. Asymmetric-key Encryption
This is an algorithm that uses different keys for the encryption and decryption processes. This scheme is also known as a public key cryptography system because the key for encryption is made publicly known (public key) or can be known by anyone, but the decryption process can only be carried out by those authorized to have the secret key to decrypt it, called a private key.
It can be likened to a mailbox that can only be opened by a postman who has a key but anyone can put a letter into the box. The advantage of this model algorithm is that to correspond secretly with many parties, no secret keys are needed as many as the number of parties, it is enough to create two keys, namely a public key for the correspondents to encrypt messages, and a private key to decrypt messages. Unlike the symmetric-key scheme, the number of keys created is as many as the number of parties being corresponded with.
Some examples of asymmetric-key algorithms:
- Elgamal
- Knapsack
- RSA, Rivert-Shamir-Adelman
- DSA, Diffie-Hellman
- Digital Signature, David Kravitz
7. Cryptographic Hash Function
It is a function that efficiently converts a finite-length input string into a fixed-length output string called a hash value. It has some additional security properties so it can be used for data security purposes. It is commonly used for authentication and data integrity purposes.
Properties of Cryptographic Hash Functions:
- A function that accepts input of a string of arbitrary length and then converts it to a string of fixed length.
- Generally much smaller than the original string size à compression
- If a string represents a message, then any message M of arbitrary size is compressed by a hash function H via the equation:
- h = H(M)
- The output of a hash function is called a hash value or message digest.
Some examples of cryptographic hash function algorithms:
- MD4
- MD5
- SHA-0
- SHA-1
- SHA-256
- SHA-512
One Way Hash Function
In running the Public Key Infrastructure, there are two institutions that have the authority to create and supervise the implementation of public key usage procedures.
CA (Certification Authority)
It is a legal entity that functions as a trusted third party that issues SD (Digital Certificates) and provides security that can be trusted by users in carrying out electronic information exchange, thus fulfilling four aspects of security (privacy/confidentiality, authentication, integrity, non-repudiation).
Official website: www.cacert.org
RA (Registration Authority)
It is an institution that is responsible for verifying the identity data of certificate holders and validating their truth.
8. Illustration of the Digital Signature Utilization Process
Symmetric Illustration
Conventional Encryption (symmetric-key encryption)
Asymmetric Illustration
Direct Public-key : "provide public-key directly to the related party"
Global Public-key: "Share the public-key globally, so that the general public can access it"
In concrete terms, I also apply it to my personal Facebook contacts and basic info.
Encryption Illustration
Encryption Illustration
Implementation on Email
Illustration of Decryption
Illustration Description
Encryption Process Flow Chart - Description
Encryption Process Flow Chart - Description
9. Benefits of Digital Signature
Security Aspects
- Confidentiality: keeping the contents of a message from anyone who is not authorized to read it à encryption
- Data integrity: guarantees that the message is still original or has not been manipulated during delivery.
- Authentication: identification of the truth of the communicating parties or the corresponding parties.
- Non-repudiation: prevents the corresponding identity from denying the message that he has sent, this is a consequence of the first and second points, if the sender's data and identity can be verified, then the sender cannot deny having signed the message, this is usually found in a letter of agreement.
Legal Aspects
UNCITRAL as one of the international organizations that focuses on the development of information technology is the first organization to discuss the important impact of information technology on electronic commerce. The result of UNCITRAL is in the form of a Model Law, although it is not binding but becomes a reference or model for countries to adopt or enforce in national law.
United Nations Commission on International Trade Law
On December 16, 1996, the UN then issued the UNCITRAL Model Law on Electronic Commerce. The Model Law is a legal model intended to offer a legal model to countries that already have or do not have regulations on this material. This Model Law is free for countries to follow or not. It is hoped that through this model law, countries in the world will construct their national laws to adapt to the development of electronic transactions.
UNCITRAL has become the basis and framework for e-commerce law in many countries around the world. This model law was first issued in 1995 which was then approved by the UN General Assembly with Resolution 51/162 on December 16, 1996. The UNCITRAL model law is the basis for regulating the authentication, equipment, and impact of computer-based electronic messages in commerce. Article 5 was later adopted by UNCITRAL as an amendment in June 1998. The entire model law can be obtained on the UNCITRAL website.
This model law consists of:
- Defines electronic contracts and provides for the acceptance and evidentiary force of electronic books,
- Regulations based on the principle of non-discrimination,
- Regulating e-commerce specifically for national legislation or other laws made by countries/states,
- Provides definite rules for electronic-based transactions.
Presentation
Netizens
Q1:
HOLTON Mar 14, 2016, 17:57:00
That was very useful and interesting information Digital signature. A valid Digital signature for Tender offers a recipient reason to believe that the message was created by an authorized person of Coal India Company; such that he or she cannot refute having sent the document or and that the message was not modified in transit. A Digital signature for Tender is commonly used for conducting various tenders through electronically by the company, and in other cases where it is significant to identify tampering or forgery.
Microsoft electronic signature
A1:
Hi Holton,
All right but, in My country there are not many agencies that utilize this technology for ease of transactions, either for government or business interests and I have the ambition to provide a change in my country related to this technology