CityU Institutional Repository >
4_Student Final Year Projects >
Computer Science - Undergraduate Final Year Projects >
Please use this identifier to cite or link to this item:
|Title: ||Verifying digital signing|
|Authors: ||Lau, Hok Keung|
|Department: ||Department of Computer Science|
|Issue Date: ||2003|
|Supervisor: ||Mr. Lee, C. H. First Reader: Dr. Wang, Lusheng. Second Reader: Dr. Jia, Xiaohua|
|Abstract: ||With the rise of electronic commerce on the Internet and the World Wide Web, the
positive identification of the parties involved, the integrity of the messages exchange
between the parties and the creation of legal document digitally is more significant
than every. In such perspective, digital signatures are frequently thought as the
technology that solves all problems with automation of business processes as well as
an enabler of new processes.
Digital Signature are cryptologic schemes that provide a similar function for digital
messages as handwritten signatures do for messages on paper: They guarantee the
authenticity of a message to its recipient, and the recipient can prove this authenticity
to third parties, such as courts, afterwards. More is that digital signature can verify
integrity of message and non-repudiation of the message content.
As with any evolving technology, PKI-based digital signatures are going though
growing pains. In the PKI-based digital signature world, the signature is a series of
bytes that is derived from the original electronic data and the signer’s private key. The
signature is tied mathematically to the signer’s key (not the signer himself) and the
actual data. If keys are not stored properly, then someone may simply be able to use
the private key and sign data on behalf of you. And receiver of the signed data will
not know the different.
Unlike paper-based signature that signer act a write on paper, signing data digitally is
simply by clicking one or two buttons. A more common case happening everyday is
that the general computer user has carelessly committed a digital sign on some data
and borne unaware legal liability. This is unconscious act of digital signing may lead
to many future controversies in the court, particularly on the issue of non-repudiation.
In this project, we aim to strengthen the evidence of digital signing and try to tie the
digital signature with the signer. We devised a security protocol in which signer’s
voice are incorporated during the generation process of digital signature, and the
entire signing process are supervised by notary. We also formulated basic system
security requirements for the act of signing.|
|Appears in Collections:||Computer Science - Undergraduate Final Year Projects|
Items in CityU IR are protected by copyright, with all rights reserved, unless otherwise indicated.