Confidentiality
You want to be sure the information you are sending, such as credit card information when purchasing goods online, or sensitive business information in e-mail can't be read by anyone other than the intended recipient

Integrity
You want to make sure no one has intercepted information and changed it in any way. So tampering of the information by anybody should be difficult and evident

Authentication
You want to be able to check on the identity of users. For example, you wouldn't want a competitor to download your company information from an Extranet, or in the case of a very large financial transaction, you want to feel certain of who placed the order. As a user, you also want to be certain if you are buying goods from an online store, that the store is legitimate, that you'll actually get the goods you are paying for

Non-Repudiation
In the real world, a contract with a written signature is generally binding. There is no real equivalent on the Internet. Someone might buy some stock over the Internet, the price falls, and then they say they never placed the order. There isn't a way to sign a contract electronically except with a certificate

Interoperability
Finally, whatever solution you have needs to be interoperable and universal, because the benefits of this model is that everyone can work together and share information across the network transparently. The adoption of standards by Internet vendors has provided this interoperability

Symmetric Key Cryptography
Symmetric, or secret key, cryptography is where you use the SAME "key" (think of this as a mathematical formula) to both encrypt and decrypt data. This is the kind of cryptography used in WW-II, where code was "cracked" by the enemy so confidential information about troop movements could be gathered

To summarize Symmetric Key Cryptography Assuming to users Bob and Alice, if Bob wants to send Alice an encrypted messages -> Bob has one secret key -> If Alice wants to send Bob a secret message -> Bob Sends Alice a copy of his secret key -> Alice encrypts message with Bob's secret key -> Bob decrypts message with his secret key

Problems:

• How does Bob get secret key to Alice?
• What if Alice is a double agent?
• What if Alice, Bob, Charley, & Dan need to exchange messages? Need n! Keys

With single-key cryptography you have the problems of

• how to share the secret key,
• how does Bob get the secret key to Alice safely,
• and of managing a large number of secret keys

Moreover if too many people share the same secret key, then if even one of them is bad, a mole, all messages are compromised. So A Better method: Public Key Cryptography

Asymmetric Key (Public Key) Cryptography
In public key cryptography, a public and private key are created simultaneously using the same algorithm (a popular one is known as RSA) by a certificate authority (CA). The private key is given only to the requesting party and the public key is made publicly available (as part of a digital certificate) in a directory that all parties can access. The private key is never shared with anyone or sent across the Internet. You use the private key to decrypt text that has been encrypted with your public key by someone else (who can find out what your public key is from a public directory). Thus, if I send you a message, I can find out your public key (but not your private key) from a central administrator and encrypt a message to you using your public key. When you receive it, you decrypt it with your private key. In addition to encrypting messages (which ensures privacy), you can authenticate yourself to me (so I know that it is really you who sent the message) by using your private key to encrypt a digital certificates. When I receive it, I can use your public key to decrypt it

A certifying Authority (CA) is an authority in a network that issues and manages security which works as a trusted third party who validates the identity, of a user/organization, and issues the certificates attesting to the identity of the user/organization. Depending on the public key infrastructure implementation, the certificate includes the owner's public key, the expiration date of the certificate, the owner's name, and other information about the public key owner.

A digital certificate is an electronic "Identity" that establishes your credentials when doing business or other transactions on the Web. It is issued by a Certifying Authority (CA). It contains your name, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting messages and digital signature), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. Some digital certificates conform to a standard, X.509. Digital certificates can be kept in registries so that authenticating users can look up other users' public keys.

SSL
Short for Secure Sockets Layer, a protocol developed by Netscape for transmitting private documents via the Internet. SSL works by using a public key to encrypt data that's transferred over the SSL connection. Both Netscape Navigator and Internet Explorer support SSL, and many Web sites use the protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an SSL connection start with https: instead of http

X.509
It is the most widely used standard for defining digital certificates. Both Netscape and Microsoft use X.509 certificates to implement SSL in their Web servers and browsers

How legal is it all?
India is one of a select band of nations that has Digital Signature Legislation. The Act grants Digital Signatures issued by a licensed Certifying Authority in India the same status as a Physical Signature. The technology specified to deploy Digital Signatures is Public Key Infrastructure (PKI)

A digital signature functions for electronic documents like a handwritten signature does for printed documents. The signature is an unforgeable piece of data that asserts that a named person wrote or otherwise agreed to the document to which the signature is attached.

A digital signature actually provides a greater degree of security than a handwritten signature. The recipient of a digitally signed message can verify both that the message originated from the person whose signature is attached and that the message has not been altered either intentionally or accidentally since it was signed. Furthermore, secure digital signatures cannot be repudiated; the signer of a document cannot later disown it by claiming the signature was forged.

In other words, digital signatures enable "authentication" of digital messages, assuring the recipient of a digital message of both the identity of the sender and the integrity of the message

A Digital ID is issued by a Certification Authority (CA) and signed with the CA's private key

A Digital ID typically contains the:

• Owner's public key
• Owner's name
• Expiration date of the public key
• Name of the issuer (the CA that issued the Digital ID)
• Serial number of the Digital ID
• Digital signature of the issuer

The most widely accepted format for Digital IDs is defined by the CCITT X.509 international standard; thus certificates can be read or written by any application complying with X.509. Further refinements are found in the PKCS standards and the PEM standard.

In other words, digital signatures enable "authentication" of digital messages, assuring the recipient of a digital message of both the identity of the sender and the integrity of the message.

Normally, a key expires after some period of time, such as one year, and a document signed with an expired key should not be accepted. However, there are many cases where it is necessary for signed documents to be regarded as legally valid for much longer than two years; long-term leases and contracts are examples. By registering the contract with a digital time-stamping service at the time it is signed, the signature can be validated even after the key expires.

If all parties to the contract keep a copy of the time-stamp, each can prove that the contract was signed with valid keys. In fact, the time-stamp can prove the validity of a contract even if one signer's key gets compromised at some point after the contract was signed. Any digitally signed document can be time-stamped, assuring that the validity of the signature can be verified after the key expires.

A digital time-stamping service (DTS) issues time-stamps which associate a date and time with a digital document in a cryptographically strong way. The digital time-stamp can be used at a later date to prove that an electronic document existed at the time stated on its time-stamp. For example, a physicist who has a brilliant idea can write about it with a word processor and have the document time-stamped. The time-stamp and document together can later prove that the scientist deserves the Nobel Prize, even though an arch rival may have been the first to publish.

Here's one way such a system could work. Suppose Alice signs a document and wants it time-stamped. She computes a message digest of the document using a secure hash function and then sends the message digest (but not the document itself) to the DTS, which sends her in return a digital time-stamp consisting of the message digest, the date and time it was received at the DTS, and the signature of the DTS. Since the message digest does not reveal any information about the content of the document, the DTS cannot eavesdrop on the documents it time-stamps. Later, Alice can present the document and time-stamp together to prove when the document was written. A verifier computes the message digest of the document, makes sure it matches the digest in the time-stamp, and then verifies the signature of the DTS on the time-stamp.

The use of a DTS would appear to be extremely important, if not essential, for maintaining the validity of documents over many years. Suppose a landlord and tenant sign a twenty-year lease. The public keys used to sign the lease are set to expire after two years. Solutions such as recertifying the keys or resigning every two years with new keys require the cooperation of both parties several years after the original signing. If one party becomes dissatisfied with the lease, he or she may refuse to cooperate. The solution is to register the lease with the DTS at the time of the original signing; both parties would then receive a copy of the time-stamp, which can be used years later to enforce the integrity of the original lease.

In the future, it is likely that a DTS will be used for everything from long-term corporate contracts to personal diaries and letters. Today, if an historian discovers some lost letters of Mark Twain, their authenticity is checked by physical means. But a similar find 100 years from now may consist of an author's computer files; digital time-stamps may be the only way to authenticate the find.

The term algorithm (pronounced al-go-rith-um) is a procedure or formula for solving a problem. A computer program can be viewed as an elaborate algorithm. In mathematics and computer science, an algorithm usually means a small procedure that solves a recurrent problem.

What is a hash algorithm?
A hash function is a math equation that uses text (such as an e-mail message) to create a code called a message digest. Examples of well-known hash functions are MD4, MD5, and SHA. A hash function used for digital authentication must have certain properties that make it secure enough for cryptographic use. Specifically, it must be infeasible to find:

• Text that hashes to a given value. That is, if you know the message digest, you should not be able to figure out the message.
• Two distinct messages that hash to the same value.

The ability to find a message that hashes to a given value would enable an attacker to substitute a fake message for a real message that was signed. It would also enable someone to falsely disown a message by claiming that he or she actually signed a different message hashing to the same value, thus violating the non-repudiation property of digital signatures. The ability to find two distinct messages that hash to the same value could enable an attack whereby someone is tricked into signing a message that hashes to the same value as another message with a quite different meaning.

Two of the most popular hash algorithms are the MD5 and SHA1 algorithms.

MD5: is an algorithm that is used to verify data integrity through the creation of a 128-bit message digest from data input (which may be a message of any length) that is unique to that specific data as a fingerprint is to the specific individual.

SHA1: The Secure Hash Algorithm (SHA), the algorithm specified in the Secure Hash Standard (SHS, FIPS 180), was developed by NIST is a revision to SHA that was published in 1994; the revision corrected an unpublished flaw in SHA SHA-1 is also described in the ANSI X9.30 (part 2) standard. The algorithm takes a message of less than 264 bits in length and produces a 160-bit message digest. The algorithm is slightly slower than MD5 but the larger message digest makes it more secure against brute-force collision and inversion attacks

What is Message Digest?
A message digest is the results you get when you run text (such as an e-mail message) through a hash algorithm. A message digest concisely represents a longer message or document. You can think of a message digest as the "digital fingerprint" of a larger document. A message digest is used to create a digital signature that's unique to a particular document. A message digest does not reveal the contents of a document. That is, if you can view the message digest, you cannot figure out what the original message was. MD2, MD4 and MD5 (MD stands for Message Digest) are widely used hash functions designed specifically for cryptographic use. They produce 128-bit digests and there is no known attack faster than exhaustive search.

The Cryptographic Service Provider (CSP) is the software that generates the public/private key pair, which is the basis of digital certificate technology. The CSP also performs all cryptographic operations such as encryption and digital signature. CSP's are present in common Internet applications like the IE or Netscape browser and for devices such as cryptographic USB Tokens and Smart Cards.

The CRL is a list of subscribers paired with digital certificate status. A CRL allows clients and servers to check whether the entity they are dealing with has a valid certificate. The CRL is a binary file and contains the following information:

• A list of revoked certificates and the reason for their revocation
• The issuer of the CRL
• When it was issued
• When the next version of the CRL will be published

Every certificate hierarchy has a different CRL. The CRL is created and published on a periodic basis, often determined by settings in the CA software. You must have the current CRL when verifying signatures. As the CRL is a file, your application must retrieve a new CRL if the copy on its local system is outdated.

Every Digital Certificate has a corresponding CRL source. This source is a URL that is embedded in the Digital Certificate itself. This link is also known as the CDP or CRL Distribution Point.

When you digitally sign information, you are giving the recipients the ability to determine that the contents of the document have not been altered since you signed it. In other words, data integrity is guaranteed.

Even if there is a minor alteration in digitally signed information, the verification process fails, warning recipients that the information has changed since it was signed.

In order to sign a file, you must have a public/private key pair and a certificate associated with the pair.

When you sign a file, first a message digest is created of that file. A message digest is essentially a digital fingerprint of a specific file. It is created using the Hash Algorithm that you specify e.g. MD4, MD5 or SHA1. The message digest is then encrypted using your private key. The resultant file is your Digital Signature for that specific file.

The signature and a copy of the original file are placed into one file. The recipient can then verify the signature to establish your identity and data integrity of the file. If the file has been altered, then the verification process fails.

A digitally signed file can be verified to check Data Integrity, Certificate Trust, Certificate Validity and Certificate Revocation Status.

Data Integrity: The data signed by the sender and data received by the recipient is same

Certificate Trust: During the verification process, the CA (Certificate Authority) database is first checked for the CA (e.g. SafeScrypt) that issued the signer certificate. If SafeScrypt is a Root CA, then the certificate is trusted only if SafeScrypt is trusted. If SafeScrypt is an intermediate CA, the verification application looks for the next CA (VeriSign, which has issued the certificate of SafeScrypt), and so on till it finds the Trusted Root Certificate Authority.

This process is called chaining up.. If a chain cannot be formed (e.g., a certificate in the chain was missing or not trusted), then the verification process fails.

Certificate Validity: The certificate has not expired

Certificate Revocation Status: The certificate is not revoked. A Certificate revocation List(CRL) is published on CA's site and the certificate is validated against it.