Digital Signatures
The RSA algorithm, developed by Rivest, Shamir, and Adelman, is often used for digital
signature verification. This is a large prime number algorithm. An example is
included at the end of this chapter.
Akey can be established between two consenting devices or two consenting people
or between a device and a network or a person and a network or between multiple
devices accessing multiple networks. Key administration can therefore become quite
tricky. Keys can be organized in such a way that they all become part of a trust hierarchy.
Trust in the key is implied by the fact that the key was signed by another trusted
key. One key must be a root of the trust hierarchy. This is used in centralized key infrastructures
using a Certification Authority and providing the basis for the Public Key
Infrastructure (PKI), which we cover later.
The network can in effect provide an additional level of verification value by identifying
the user by his international mobile subscriber identity (IMSI), the user’s equipment
reference (equipment identity number), and a system frame number timestamp.
The network then becomes an intermediary in the authentication process.
Senders can also be spenders and may be engaging in micro- or macro-payments
(authorizing, for example, large financial transactions). The network can verify the
claimed identity of the sender/spender. The sender/spender cannot later repudiate
the contents of the message. For example, if the sender/spender has ordered a thousand
garden forks, it can be proved that he ordered a thousand garden forks and has to
pay for them.
Digital signatures also have the useful ability to replace handwritten signatures but
are more flexible. For example, we can sign pictures without making the signature visible
to the user.
Network operators also have a legal obligation to make traffic passing through their
network available to legitimate eavesdropping authorities—government security
agencies, for example. The traffic (voice, image, video, data) has to be available as
plaintext.
For this to happen, each user must deposit knowingly or unknowingly his or her
secret key with a central authority—a trusted third party from whom the key can be
recovered, provided a case for legitimate eavesdropping has been put forward and
agreed upon.
90 times read
|
Related news
|
| No matching news for this article |
|
Did you enjoy this article?
(total 0 votes)
|
Sections
Comments (0 posted)
Syndication
