This is a Clilstore unit. You can link all words to dictionaries.

UNIT 1 SECURITY AND PRIVACY ACTIVITY 2 DIGITAL SIGNATURE 4 ESO

 

UNIT 1 – SECURITY AND INTEGRITY



INTRODUCTION



In this part of the unit we are talking about how to make sure that the communications through a shared channel, like internet, where there are many bad guys, who might intercept the messages, read and modify them, and even usurp the identity of other people with evil intent.



All these elements are meant to make sure the communications from a legal standpoint. This concept is also known as to provide LEGAL SECURITY to the Internet

ACTIVITY 2

DIGITAL SIGNATURE

 

1. THE PROBLEM OF THE VERIFICATION OF ORIGIN

 

When a communication is carried out through a shared network like Internet, how can you tell that the other part, which could stay wherever in the world, is really the one who tells you he is. This problem is very important front the point of view of tasks made on Internet with legal implications. And can be partially solved with the digital signature.

 



 

 

 

2. THE PROBLEM OF VERIFICATION OF INTEGRITY

 

 

When you receive a document by a shared channel like Internet, how can I make sure that the document is not intercepted and modified by a third part.

 

 



Both problems can be solved using digital signature

 

3. THE DIGITAL SIGNATURE A SOLUTION FOR BOTH PROBLEMS

 

To digitally sign a document is to encrypt it using your private key. This allows everybody knowing your public key to successfully decrypt the document, and to ensure that it really comes from you. Well, this statement is not totally true. Actually, it ensures that the document comes from the owner of a public key. But, the problem comes when the public key was not delivered personally by the sender to the receiver, face to face. If it was just sent on internet, it is impossible for the receiver to ascertain who was the real sender. Maybe it was sent by a third person. Or maybe the message was intercepted and changed by an usurper. All this may sound to you very unlikely, but while it is technically feasible, the legal consequences might be really serious



 

The digital signature, also ensures that the document was not modified by anybody else while travelling through the network, since the document is encrypted by the sender, any change made by a man in the middle would corrupt it, and turn the decrypt process impossible.

 

As before said, to encrypt a long document using private public key encryption is a process very time costing. So what actually is done is to calculate a HASH from the document and then encrypt it. A Hash is a short character chain obtained from the content of the message through a mathematical function. A message always will produce a single and unique hash. Two different messages, always will produce two different hashes

 

This is the process broken down in its steps.:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

ACTIVITY 2. SIGNING A DOCUMENT

 

We are facing the following scenario: We have to send an important file to a classmate. It doesn't matter if a third part reads the document, so it is not necessary to send it encrypted. But for legal reason you want to make sure that the document arrives to him with no modification at all. Your partner also have your public key, delivered in a reliable way. In order to verify the origin and the integrity of this document we must sign it digitally, which means, you have to encrypt its hash with your private key

 

 





 

VERIFYING YOUR PAL'S FILE

 



CHECKING THAT SIGNING REALLY VERIFIES THE DOCUMENT

 

 

It's very easy to check out that the signature really proves the document has not been changed. Open your partner document and make a change. Then save it

Verify the document again using the option Obri amb verifica una firma. Now the message will be the one shown below, stating that the document has been modified

 



 

Call your teacher in order to assess the activity.

 

 

 

Short url:   http://multidict.net/cs/4497