Whitfield Diffie Martin Hellman: Key Generation
Whitfield Diffie Martin Hellman: Key Generation
Whitfield Diffie Martin Hellman: Key Generation
A digital signature or digital signature scheme is a mathematical scheme for demonstrating the
authenticity of a digital message or document. A valid digital signature gives a recipient reason
to believe that the message was created by a known sender, and that it was not altered in transit.
Digital signatures are commonly used for software distribution, financial transactions, and in
other cases where it is important to detect forgery and tampering.
Digital signatures are often used to implement electronic signatures, a broader term that refers to
any electronic data that carries the intent of a signature,[1] but not all electronic signatures use
digital signatures.[2][3][4] In some countries, including the United States, India, and members of the
European Union, electronic signatures have legal significance. However, laws concerning
electronic signatures do not always make clear whether they are digital cryptographic signatures
in the sense used here, leaving the legal definition, and so their importance, somewhat confused.
Digital signatures employ a type of asymmetric cryptography. For messages sent through an
insecure channel, a properly implemented digital signature gives the receiver reason to believe
the message was sent by the claimed sender. Digital signatures are equivalent to traditional
handwritten signatures in many respects; properly implemented digital signatures are more
difficult to forge than the handwritten type. Digital signature schemes in the sense used here are
cryptographically based, and must be implemented properly to be effective. Digital signatures
can also provide non-repudiation, meaning that the signer cannot successfully claim they did not
sign a message, while also claiming their private key remains secret; further, some non-
repudiation schemes offer a time stamp for the digital signature, so that even if the private key is
exposed, the signature is valid nonetheless. Digitally signed messages may be anything
representable as a bitstring: examples include electronic mail, contracts, or a message sent via
some other cryptographic protocol.
A key generation algorithm that selects a private key uniformly at random from a set of
possible private keys. The algorithm outputs the private key and a corresponding public
key.
A signing algorithm that, given a message and a private key, produces a signature.
A signature verifying algorithm that, given a message, public key and a signature, either
accepts or rejects the message's claim to authenticity.
Two main properties are required. First, a signature generated from a fixed message and fixed
private key should verify the authenticity of that message by using the corresponding public key.
Secondly, it should be computationally infeasible to generate a valid signature for a party who
does not possess the private key.\\
EXAMPLE OF PASSWORD SNIFFING:The most powerful password sniffer and password
monitoring utility. Password Sniffer can listen on your LAN and enables network administrators
or parents to capture passwords of any network user. Currently, Password Sniffer can monitor
and capture passwords through FTP, POP3, HTTP, SMTP, Telnet, and etc.
Password Sniffer works passively and don't generate any network traffic, therefore, it is very
hard to be detected by others. And you needn't install any additional software on the target PCs
or workstations. If your network is connected through switch, you can run the sniffer on the
gateway or proxy server, which can get all network traffic. But if your switch supports Port
Mirroring, or Management Port, it is easier to make it work.
This stealth-monitoring utility is useful to recover your network passwords, to receive network
passwords of children for parents, and to monitor passwords abuse for server administrators.
Features
Features
Efficient
You can see the passwords as soon as it appeared on LAN.
Support Various Protocols
Fully support application protocols of FTP, SMTP, POP3, TELNET, etc. That means user
names and passwords used to send and receive emails, to log on a web site, or to log on a
server, can be fully captured and saved.
Support HTTP Protocol
Support HTTP protocol, including proxy password, basic http authenticate authoriation and
most passwords submitted through HTML, no matter they are encoded by MIME or base64.
Verify whether the captured passwords are valid
It can tell whether the passwords captured are right. You can even get the replies from the
server for the login. And it always keeps trying to get valid user name and password pairs.
EX2)
SDBot is known as the first computer worm with the ability eavesdrop on network traffic
following infection. Its primary intent is to scan active traffic on interconnected network
computers in search of passwords and financial data. SDBot is able to propagate by exploiting a
number of vulnerabilities in the Windows operating system. From there, it attempts to
compromise other machines on the network using a dictionary attack of obvious passwords such
as "1234" or "administrator1."
When installed, SDBot executes a specially designed network sniffing program, the feature that
allows it to thieve critical data. It then makes a connection to an IRC (Internet Chat Relay)
network. This gives the malicious writer the opportunity to seize complete control of the infected
computer or harvest data from it. Being that it mainly depends on older software bugs, SDBot
can be easily contained. The best remedy is system patches, software updates and strong
password schemes.