3.0 Authentication (Digital Signature)
Another secure-computing need is to ensure that the data has not been corrupted during transmission or encryption. The authentication means verify that the information comes from the trusted source pr not and by this way we can secure our information.
The authentication service is concerned with assuming that a communication is authentic. In case of a single message, such as a warning or alarm signal, the function of the authentication service is to assure the recipients that the message is from the source that is claims to be from. In the case of an on going interaction, such as the connection of a terminal to host, two aspects are involved. First, at the time of connection initiation, the service assures that the two entities are authentic, that is, that each is the entity that it claims to be. Second the service must assure that the connection is not interfered which in such a way that third party can masquerade as one of the two legitimate parties for the purpose of the unauthorized transmission or reception. Two specific authentication services are defined in the standard:
The authentication service is concerned with assuming that a communication is authentic. In case of a single message, such as a warning or alarm signal, the function of the authentication service is to assure the recipients that the message is from the source that is claims to be from. In the case of an on going interaction, such as the connection of a terminal to host, two aspects are involved. First, at the time of connection initiation, the service assures that the two entities are authentic, that is, that each is the entity that it claims to be. Second the service must assure that the connection is not interfered which in such a way that third party can masquerade as one of the two legitimate parties for the purpose of the unauthorized transmission or reception. Two specific authentication services are defined in the standard:
· Peer entity authentication: Provides for the corroboration of the identity of a peer entity in an association. It is provided for use at the establishment of, or at times during the data transfer phase, of connection. It attempts to provide confidence.
· Data origin authentication: Provides for the corroboration of the source of a data unit. It does not provide protection against duplication or modification of data units. This type of service support application like electronic mail where there is no prior interaction between the communicating entities.
Figure:- Digital authentication
In digital authentication if sender want to send a secure message to recipient than sender use it’s own private key to encrypt the message and send to the recipient.
Now at the recipient side recipient use sender’s public key to decrypt the message. By this way recipient can get secure message or information which sender was send.
Now at the recipient side recipient use sender’s public key to decrypt the message. By this way recipient can get secure message or information which sender was send.
1.1 Secure authenticated message
The secure authenticated message use both encryption and signature.
Sender must send recipient a secret & authenticated message M so recipient is sure it was sent by sender or not.
Sender must send recipient a secret & authenticated message M so recipient is sure it was sent by sender or not.
figure:- Secure authenticated message
we can see in the figure that if there are total four keys is required for secure authentication, two key of sender and two key of recipient. If sender want to send a secure message to recipient than sender use first recipient’s public key to encrypt the message and this encrypted message again encrypted by it’s own private key. Now at the recipient side, recipient decrypt this message by using sender’s public key. This decrypted message again decrypted by using recipient means it’s own private key and get original message.
By this way recipient get original message which is send by sender and this message is decrypted and authenticated
By this way recipient get original message which is send by sender and this message is decrypted and authenticated
