1
00:00:00,900 --> 00:00:05,400
Now that we've created a hash we can move on to the next stage.

2
00:00:05,400 --> 00:00:13,710
We'll show you how to force the non repudiation of a message to do this we need a digital signature.

3
00:00:13,740 --> 00:00:15,100
Let's see how it works.

4
00:00:16,420 --> 00:00:23,070
The initial point is a message as you know we can compute a fixed length hash like sh or to from any

5
00:00:23,070 --> 00:00:25,970
variable length message.

6
00:00:26,190 --> 00:00:32,820
Once the hash has been successfully generated encrypted using asymmetrical cryptography but don't use

7
00:00:32,820 --> 00:00:33,950
a public key.

8
00:00:34,950 --> 00:00:38,920
Instead we'll be using a private key to encrypt the hash.

9
00:00:38,950 --> 00:00:43,810
The result is a signature or a digital signature.

10
00:00:43,940 --> 00:00:52,090
It's the output calculated from encrypting a hash function using a private key.

11
00:00:52,120 --> 00:00:58,200
What should you do to be able to determine that a challenge has been set by a specific user you can

12
00:00:58,200 --> 00:01:03,830
calculate a hash from the received message for example by using the SHC to hash function.

13
00:01:03,900 --> 00:01:09,110
It's obvious now you have the hash of the message you've received.

14
00:01:11,220 --> 00:01:16,890
The message was complemented with an encrypted signature the digital signature.

15
00:01:16,950 --> 00:01:20,020
It was also encrypted using the sender's private key.

16
00:01:21,400 --> 00:01:27,920
You can now take the sender's public key which can be accessed by everyone and decrypt the hash received

17
00:01:27,920 --> 00:01:28,940
in the message.

18
00:01:30,110 --> 00:01:33,410
There will always be some result.

19
00:01:33,430 --> 00:01:39,160
Now you can compare the output from the public key decryption against the output you calculated if they

20
00:01:39,160 --> 00:01:39,660
match.

21
00:01:39,670 --> 00:01:43,500
It means that you have proof that the message has not been modified after it was sent.

22
00:01:45,070 --> 00:01:49,920
And also another vital aspect has been established.

23
00:01:50,060 --> 00:01:56,510
The sender is unable to dispute the claim that they had sent in the message they or someone who had

24
00:01:56,510 --> 00:02:03,570
access to their private key in any other case decryption using that sender's public key would have produced

25
00:02:03,570 --> 00:02:14,250
a different output.

26
00:02:14,260 --> 00:02:17,140
This is exactly how the RSA signature works.

27
00:02:19,090 --> 00:02:26,650
It's based on the assumption that the private key and part of the public key the value e are symmetric.

28
00:02:26,800 --> 00:02:33,830
They can be used to encrypt and decrypt data the operations that are performed using the private key

29
00:02:33,830 --> 00:02:36,170
and the public directly reversed.

30
00:02:37,160 --> 00:02:39,440
This produces an interesting result.

31
00:02:40,630 --> 00:02:45,190
Since the private key and a part of the public key can be used interchangeably to encrypt and decrypt

32
00:02:45,190 --> 00:02:46,280
data.

33
00:02:46,540 --> 00:02:48,660
A peculiar kind of attack can be mounted

34
00:02:53,260 --> 00:02:59,140
if an attacker sends you a specially crafted message and you encrypted using your private key the message

35
00:02:59,140 --> 00:03:04,660
sender will be able to sign their arbitrary message using your signature on your behalf.

36
00:03:06,000 --> 00:03:07,950
There will also be able to impersonate you

37
00:03:11,140 --> 00:03:13,660
before we'll show you how this attack proceeds.

38
00:03:13,660 --> 00:03:20,660
A few words on what this should mean if you receive weird looking pseudo random strings.

39
00:03:20,660 --> 00:03:24,560
Don't be so reckless as to instantly encrypt it using your private key.

40
00:03:26,540 --> 00:03:31,220
This is the only thing you should keep in mind to prevent an attack of this type.

41
00:03:31,440 --> 00:03:33,680
The attack itself works as follows.

42
00:03:36,470 --> 00:03:42,390
An attacker needs to generate the message m a contract or anything else they want you to sign.

43
00:03:44,830 --> 00:03:49,280
Next the attacker calculates a hash of the message.

44
00:03:49,490 --> 00:03:54,110
The next step is to generate the random message x.

45
00:03:54,320 --> 00:03:59,340
Then the attacker generates the message based on the expression Z times x to the power e.

46
00:03:59,750 --> 00:04:01,450
Where is your public key.

47
00:04:02,620 --> 00:04:05,850
The public key is by very definition freely available.

48
00:04:07,890 --> 00:04:13,850
Once you have received this message your encrypted using your private key to do this.

49
00:04:13,840 --> 00:04:17,450
You perform the following operation.

50
00:04:17,580 --> 00:04:24,810
If you take a look at the encryption process and decompose it into factors this operation is Z to the

51
00:04:24,810 --> 00:04:25,520
power of D.

52
00:04:25,520 --> 00:04:26,460
Times x

53
00:04:29,280 --> 00:04:33,760
the attacker needs only to divide the value that you have encrypted by x.

54
00:04:34,060 --> 00:04:40,710
The random message that the attacker knows since they generated it in this way the attacker obtains

55
00:04:40,710 --> 00:04:48,140
the victim's signature under the message m or practical piece of advice don't encrypt anything that

56
00:04:48,140 --> 00:04:57,780
is sent to you using your private key.

57
00:04:57,810 --> 00:05:04,380
They all Gama'a algorithm can also be used to create a digital signature even if the private kids in

58
00:05:04,380 --> 00:05:08,600
public he's used in it are not symmetric.

59
00:05:08,690 --> 00:05:12,850
They cannot be used for both operations.

60
00:05:12,870 --> 00:05:17,330
The procedure looks as follows to sign some data.

61
00:05:17,330 --> 00:05:20,610
You need to pick a random value k.

62
00:05:20,820 --> 00:05:26,040
It has to be the coprime integer from P minus one with a part of the public key.

63
00:05:28,630 --> 00:05:29,740
Calculate the equation.

64
00:05:29,740 --> 00:05:39,460
R equals G to the power k mod p then sign the message hash using your private key all as integer to

65
00:05:39,460 --> 00:05:40,150
hash functions.

66
00:05:40,150 --> 00:05:41,230
Follow this scheme

67
00:05:43,990 --> 00:05:46,120
the airport has a digital signature.

68
00:05:46,420 --> 00:05:48,700
A pair of values are in S.

69
00:05:51,260 --> 00:05:53,600
You can of course also verify the signature.