4/24/2018 Understanding Cisco Cybersecurity Fundamentals

4.11 Understanding Basic Cryptography Concepts

Digital Signatures

Open Transcript

Suppose that a customer sends transaction instructions via an email to a stockbroker, and the transaction turns out badly
for the customer. It is conceivable that the customer could claim never to have sent the transaction order or that someone
forged the email. The brokerage could protect itself by requiring the use of digital signatures before accepting instructions
via email.

Handwritten signatures have long been used as a proof of authorship of, or at least agreement with, the contents of a
document. Digital signatures can provide the same functionality as handwritten signatures, and much more.

The idea of encrypting a file with your private key is a step toward digital signatures. Anyone who decrypts the file with your
public key knows that you were the one who encrypted it. But, since asymmetric encryption is computationally expensive, it
is not optimal. Digital signatures leave the original data unencrypted. It does not require expensive decryption to simply read
the signed documents. In contrast, digital signatures use a hash algorithm to produce a much smaller fingerprint of the
original data. This fingerprint is then encrypted with the signer’s private key. The document and the signature are delivered
together. The digital signature is validated by taking the document and running it through the hash algorithm to produce its
fingerprint. The signature is then decrypted with the sender’s public key. If the decrypted signature and the computed hash
match, then the document is identical to what was originally signed by the signer.

Usually asymmetric algorithms, such as RSA and DSA, are used for digital signatures.

RSA Digital Signatures 35%

Initializing...
https://ondemandelearning.cisco.com/cybersec-nil/secfnd/sections/4/pages/11 1/5
4/24/2018 Understanding Cisco Cybersecurity Fundamentals
Initializing...
The current signing procedures of digital signatures are not simply implemented by public key operations. In fact, a modern
digital signature is based on a hash function and a public key algorithm, as illustrated below.

The signature process is as follows:

1. The signer makes a hash, or fingerprint, of the document, which uniquely identifies the document and all its contents.

2. The signer encrypts the hash with only the private key of the signer.

3. The encrypted hash, which is known as the signature, is appended to the document.

The verification process is as follows:

1. The verifier obtains the public key of the signer.

2. The verifier decrypts the signature using the public key of the signer. This step unveils the assumed hash value of the
signer.

3. The verifier makes a hash of the received document, without its signature, and compares this hash to the decrypted
signature hash. If the hashes match, the document is authentic. The match means that the document has been signed
by the assumed signer and has not changed since it was signed.

The example illustrates how the authenticity and integrity of the message is ensured, even though the actual text is public.
Both encryption and digital signatures are required to ensure that the message is private and has not changed.

Note

The RSA algorithm is currently the most common method for signature generation, and is used widely in that role by
e-commerce systems and interactive purchasing systems.

Digital signatures provide three basic security services in secure communications:

https://ondemandelearning.cisco.com/cybersec-nil/secfnd/sections/4/pages/11 2/5
4/24/2018 Understanding Cisco Cybersecurity Fundamentals

• Authenticity of digitally signed data: Digital signatures authenticate a source, proving that a certain party has seen
and has signed the data in question.

• Integrity of digitally signed data: Digital signatures guarantee that the data has not changed from the time it was
signed.

• Nonrepudiation of the transaction: The recipient can take the data to a third party, and the third party accepts the
digital signature as a proof that this data exchange did take place. The signing party cannot repudiate that it has signed
the data.

To achieve these goals, digital signatures have the following properties:

• The signature is authentic: The signature convinces the recipient of the document that the signer signed the
document.

• The signature is not forgeable: The signature is proof that the signer, and no one else, signed the document.

• The signature is not reusable: The signature is a part of the document and cannot be moved to a different document.

• The signature is unalterable: After a document is signed, it cannot be altered.

• The signature cannot be repudiated: Signers cannot claim later that they did not sign it.

Practical Example: Digitally Signed Cisco Software

The Digitally Signed Cisco Software feature (added in Cisco IOS Software Release 15.0(1)M for the Cisco 1900, 2900, and
3900 Series routers) facilitates the use of Cisco IOS Software that is digitally signed, with the use of secure asymmetrical
(public key) cryptography.

Digitally signed Cisco IOS Software is identified by a three-character extension in the image name. The Cisco software build
process creates a Cisco IOS image file that contains a file extension that is based on the signing key that was used to sign
images. These file extensions are:

• SPA

• SSA

The first S indicates that the software is digitally signed. The second character specifies a production (P) or special (S)
image. The third character indicates the key version that was used to sign the image. Currently, key version A is used.
When a key is replaced, the key version will be incremented alphabetically to B, C, and so on.

A digitally signed image carries an encrypted (with a private key) hash of itself. Upon check, the device decrypts the hash
with the corresponding public key from the keys it has in its key store and also calculates its own hash of the image. If the
decrypted hash matches the calculated image hash, the image has not been tampered with and can be trusted.

Digitally signed Cisco software keys are identified by the type and version of the key. A key can be a special, production, or
rollover key type. Production and special key types have an associated key version that increments alphabetically whenever
the key is revoked and replaced. ROMMON and regular Cisco IOS images are both signed with a special or production key
when you use the Digitally Signed Cisco Software feature. The ROMMON image is upgradable and must be signed with the
same key as the special or production image that is loaded.

The first command that is shown below is used by the router administrator to verify the integrity of the running IOS image.
The second command is used to verify the integrity of the c2900-universalk9-mz.SPA.153-1.T.bin image that is stored in the
flash memory.

https://ondemandelearning.cisco.com/cybersec-nil/secfnd/sections/4/pages/11 3/5
4/24/2018 Understanding Cisco Cybersecurity Fundamentals

Partner-ISR#show software authenticity running

SYSTEM IMAGE
------------
Image type : Production
Signer Information
Common Name : CiscoSystems
Organization Unit : C2900
Organization Name : CiscoSystems
Certificate Serial Number : 50B3F3FE
Hash Algorithm : SHA512
Signature Algorithm : 2048-bit RSA
Key Version : A

Verifier Information
Verifier Name : ROMMON 1
Verifier Version : System Bootstrap, Version 15.0(1r)M16, RELEASE SOFTWARE (
Technical Support: http://www.cisco.com/techsupport

Partner-ISR#show software authenticity file flash:c2900-universalk9-mz.SPA.153-1.T.bin

File Name : flash:c2900-universalk9-mz.SPA.153-1.T.bin
Image type : Production
Signer Information
Common Name : CiscoSystems
Organization Unit : C2900
Organization Name : CiscoSystems
Certificate Serial Number : 50B3F3FE
Hash Algorithm : SHA512
Signature Algorithm : 2048-bit RSA
Key Version : A

Content Review Question

To communicate that a document is using a digital signature, which one of the following is the next step in the
process after a hash of the document is calculated by the sender?

The hash is appended to the end of the document.

The hash is stored by the sender.

The hash is encrypted using the private key of the sender.

The hash is encrypted using a symmetric encryption algorithm.

The hash is signed using the public key of the receiver.

https://ondemandelearning.cisco.com/cybersec-nil/secfnd/sections/4/pages/11 4/5
4/24/2018 Understanding Cisco Cybersecurity Fundamentals

Submit

Content Review Question

Which three security services do digital signatures provide? (Choose three.)

confidentiality

integrity

non-repudiation

authenticity

availability

Submit

Answer

The correct answers are "integrity," "non-repudiation," and "authenticity."

https://ondemandelearning.cisco.com/cybersec-nil/secfnd/sections/4/pages/11 5/5