Digital Signature should be: not forgeable authentic cannot be modify after sending not reusable prevent repudiation The simpler properties are: AUTHENTICITY The importance of authenticity is to prevent authorized intervention. Using the public-key cryptosystems, the recipient will be confident that the sender is real and the message is valid. INTEGRITY Both sender and receiver will be confident that the message sent has not been altered during the transmission. The encryption ensures that no third party can view or read the message. NON-REPUDIATION
Repudiation means the act of denying association with a message as in claming a third party sent it. This is true when a recipient of the message assert that the sender attach a signature to avoid any later repudiation. Digital Signature functions maybe possible using Direct or Arbitrated Digital Signature. The Direct approach relies only on communicating parties for their security using the public-key cryptosystems. The problem with Direct Digital Signature approach is the validation, wherein the security of the communication depends only on the senders private key.
It means that when senders security is breach, the whole transaction fails. Furthermore, the sender can also use the repudiation excuse and say that the he never sent a message or say his private keys were forged or stolen. The Arbitrated approach is better, unlike Direct Digital Signature, This approach employ an arbiter to test the senders messages and signatures to verify its content and origin. The arbiter, when fully satisfied, stamp the message with date and sent it to its final destination.
Arbitrated digital signatures can be implemented using conventional and public-key encryption. In a conventional approach, it assumed that sender S and the assigned arbiter A. Both arbiter and sender will now share a secret key, say KSA and later the recipient R will share secret key as KRA. The sender creates a message and computer it against its hash value M(H) then S submits the message to A. Arbiter will now decrypt the signature, check its hash value, validate the message, and send the message to R.
Recipient decrypts the message and restores the original message (M). An arbitrated digital signature using public-key encryption has a different approach wherein the arbiter cannot see the message. At first, the sender S encrypts the message with its own private key and encrypts it again with the recipient R private key thereby producing a secret signed message. This signed message will be encrypted again with the senders ID, together the message will be sent to the arbiter. The inner double encrypted message is secure from the arbiter and from anybody except the recipient.
The arbiter can only see the outer messages to check the origin of the message and ensure that the sender private and public key is still valid. A replay attack is a type of network attack where valid data transmission is maliciously or fraudulently repeated or delayed. It can be the originator itself or an adversary who intercepts the data and re-transmits it. A simple replay attack immediately sends the same message soon enough that it will arrive within the recipients window.
A suppress replay attack is when an attacker breach security by initiating a message interception and withhold it for future replay. The attacker will wait for the proper time to effectively replay the message without detection from the recipient.
Data Security 2003, Digital Signatures,[online], http://www. cs. uku. fi/~junolain/secu2003/secu2003. html#digital Wikipedia, Digital Signatures, [online], http://en. wikipedia. org/wiki/Digital_signature Wikipedia, Replay Attack, [online], http://en. wikipedia. org/wiki/Replay_attack