BIT244 Digital Signature Assignment Sample

• Subject Code : BIT244
• University : Melbourne Polytechnic My Assignment Services is not sponsored or endorsed by this college or university.
• Subject Name : IT Computer Science

I.T. and Business Fraud

Executive Summary of Digital Signature

The digital signature is used to sign a particular document which is transmitted over the electronic media. The digital signature enables the digital transaction. The present report is based on the concept of digital signature and its benefits. The benefits though of the digital signature are multifold, there is a tradeoff, and the limitations that come along with this new technology must be dealt with. Proper measures should be taken so that the issues can be resolved and the digital signature can perform to the best of its efficiency.

The technical, social and legal aspects of the digital signature are discussed, and the issues related to them are detailed. There is a dire need to solve these issues and measures must be taken to resolve them. The case studies from Asia and Europe exemplify the point adequately. The two case studies show how the forgery of the digital signature has created problems and how they were resolved.

Table of Contents

Introduction.

Digital Signature.

Overview of Digital Signature.

Technical Aspect

Social Aspect

Legal Aspect

Issues with digital signatures.

Case Studies.

Conclusion.

References.

Introduction to Digital Signature

The present report is based on the concept of a digital signature. The idea of the digital signature is significant and has brought a revolution in the digital world. The digital signature is used to sign a particular electronic document digitally. Thus the digital transaction can be enabled using the name and facilitates and eases the operations to be done online. Therefore, there are several technical, social and legal aspects of the digital signature, and they will be discussed in detail. The digital signature, along with the advantages has a lot of limitations too that make it difficult for the digital transactions to take place smoothly (Mohassel et al. 2019). Various issues should be taken into consideration and steps be taken to solve them for the benefit of the society as well. The report takes the help of specific case studies and thus puts forth how malicious users can forge the digital signatures and create chaos and havoc in the digital world. The report also stresses that the issues that come along with new technologies should be dealt with smartly and cleverly. The optimal use of the novel technologies should be ensured so that they cannot be misused and be used for a useful purpose

Digital Signature

Overview of Digital Signature

The technology is developing at a fast pace. Innovation is at its peak and at the same time relevance of digital technology is rising at a quicker pace. The process of the Digital Signature gives the assurance that during the transit, the contents of the message remain intact and are not changed. The process is that when a server digitally signs a document, there is an addition or inclusion of one-way hash encryption of the message content with the assistance of the public and private key pair. The client can still read the message, but additionally, a signature is created by the process that only the server’s public key can decrypt. After this, the client can validate the sender and also ensure that the message is intact (Goldwasser, Micaliand Rivest 2019).

Furthermore, there is a brilliant technique to evaluate whether the transmitted message is intact or has been altered on the way. The method is that be it an email, online order or even a watermarked photograph, if the digital signature is different from the public key that comes with the digital certificate, then it can be inferred that the message has been altered.

The main difference between the traditional and digital signature is that the electronic signature is digitized and it too can be used for the verification of a document. It also consists of features like fingerprints, and that can secure a particular material (Haron, Daudand Mohamad2019). There are two types of digital signatures, namely the visible and invisible digital signature.

The digital signature has gained worldwide acceptance and praise because of its unique features. The traditional names are written by hand and represent the identity of an individual uniquely. The use of signature is imperative in the matters related to law, and in some other situations it also holds a legal position in a document, and this is because the signature implies two things namely the identity of the individual and secondly the intent to it. The name holds the character which is used in daily transactions. In case of individuals that are not literate the fingerprints act as a substitute. The signature done by hand can be forged by anyone and is not secure (CWI et al.2018). Therefore, it is not suitable for the online transaction and contracts. In the case of online purchase, a unique and robust security mechanism is desired, and the digital signature serves this.

Technical Aspect of Digital Signature

The Public Key Infrastructure (PKI) is used to create and verify the digital signature. The PKI requires two keys, one of which is the public key, and the other one is the private key. These keys are used for encryption and decryption of the message or information. For the encryption of the word, the public key is used, and for the decryption purpose, the corresponding private key is utilized and vice versa. The unique feature of the PKI is that in this case, both the keys that are the public and private keys are related to each other. Only the public key is used for the encryption of the message, which can then be decrypted only using the corresponding private key (Alkim et al. 2019).

The private key is known only by the possessor and the public key, on the contrary, is shared. The digital signature is wholly based on the concept of cryptography which is a well-known concept in technology. The cryptography works on the principle that the encryption of the word secures the communication of the message. This means that the signal that is to be transferred is converted into an unreadable format that can be understood only after the received message is decrypted, and then the message can be read and grasped.

The process is known as encryption-decryption, and it mainly works with the assistance of some technical features.The cryptography systems can be widely segregated into the two types, which are the symmetric-key and asymmetric.In the symmetric systems works on the principle, both the sender and receiver have the same keys (Ghosh et al. 2019). On the other hand, in the asymmetric systems, each of the two, the sender and the receiver have two keys that are the public key which everyone knows and the private key that is known only by the individual who receives the message.

Social Aspect of Digital Signature

There are social aspects also related to the digital signature. The social issues are the privacy and security of the people of the society. The society has accepted the digital signature technology gracefully and is also content with the functioning of the technology (CWI et al. 2018). The digital signature has made possible the digital transactions very smooth and easy. This is no doubt beneficial to the society as well. The digital sales have solved the traditional problems to a great extent. This is no doubt, true. But at the same time, the digital signature has posed challenges for society, especially in the context of security and privacy. Malicious users can forge the digital signature, and at the same time, a lot of problems can be created because of this. The privacy of the people also is at stake (Hoffsteinet al. 2017). Thus the social aspects of the digital signature must be taken into consideration and at the same time, the society should strive hard and prevent the forgery of the digital signature by all means. The factors if taken care of will avoid the social issues and at the same time, give rise to a society that will be free from all the problems related to privacy and security.

Legal Aspect of Digital Signature

The legal aspects of the digital signature imply that the use of a digital signature is necessary for the authentication of the electronic records. The legal issue of the digital signature also lays down the technology requirements for the digital signature. The use of an asymmetric cryptosystem is suggested, and the use of a hash function is recommended for the authentication purpose of the electronic records (Blinn 2019). The authentication of the electronic files is necessary because it ensures that the message is not mishandled or tampered with and is secure. It also confirms the identity of the individual who has created the word. The sender thus cannot deny the creation of the message by him (Medina III 2019). The authentication is attained by using an asymmetric system and a hash function. This function converts the e-message into a format that is not readable, and thus the goal of the prevention of the tampering of the electronic record is assured. A hash function can be defined as a method or scheme that is used for encryption and decryption of the digital signatures. The hash function works in a definite way. That is initially the hash function produces a unique value called the hash value. It is also called as the message digest (Miao, Yan and Authority 2016). This value has a unique role in ensuring that the message is secure and is not tampered with. This also gives the assurance that the information that needs to be sent is in safe and reliable hands.

The Digital Signature Certificates are the certificate in the digital format. They prove the identity in the digital world. These certificates are issued by the Certifying Authorities which are under the control of the Controller of Certifying Authorities (Shaker and Jumaa 2017). It is an electronic document that can be used for proving the identity of the individual and that the public key belongs to the particular individual.

Issues with digital signatures

There are several issues related to digital signatures. The first problem that is faced is that technology is fast-changing, and the older one may soon become obsolete gradually, and this can create a lot of problems.

The other prominent issue is that the purchase of the digital certificates may cost money to both the sender and the recipients as these certificates are purchased from the trusted Certificate Authorities. Apart from these, many other issues need to be resolved. The transaction of the digital certificates is done using special software. Thus, the signature verification software needs to be purchased, and this will eventually this will lead to more cost. Also, this software should be used by both the sender and the recipients (Hoffstein et al. 2017).

One more technical issue that arises is that there are certain regions where the digital signatures are not recognized officially. Such areas the parties should be extra cautious while handling digital transactions as this may lead to serious problems and thus should be avoided. The digital transactions in such territories should be lessened to avoid the risk.

A major issue is that the protocols related to digital signature vary from country to country around the globe. This further gives rise to problems (TAN and LI 2018). These standards are different in the various regions and hence there is a high possibility of incompatibility with each other. This may eventually lead to the complication of the sharing of the digitally signed documents and also the transmission of the digital documents may get complex.

The technical issues involve the verification of the cryptography. The signer can be any individual. The signer if is valid then it will initially apply the hash function in the software of the signer. This hash function will calculate the hash result which is of a standard length. This is then converted to the digital signature by making use of the signer’s private key. It is difficult to break this technicality but if anyone tries to break the technical aspect the issues should be solved. To solve the issue the subscriber at the other end should be well equipped and the signer should be identified and prevent it from being tampered or misused (Blinn 2019).

Apart from the technical issues, there are legal issues also that should be solved practically. The legal issue is that the possibility of anyone going in for the signing of the electronic record on behalf of someone else. This is a grave issue and needs to be resolved anyhow. There is always a doubt whether the signature is done by an authentic person (Goswami, et al. 2019). It should be ensured that the signature is not done by anyone else than the one who is authorized for the signature.

To control this issue, the Central Government has the power of framing rules and protocols for the electronic signature and also the security that the signature is not forged by anyone else. These rules set up will surely prevent the signature from being forged and thus the issue can be solved (Mansour 2017).

The growing online transactions and contracts require a very high level of protection and this at present is fulfilled by the use of digital signatures. But the cyber community will be highly benefited if the Government takes an initiative and allow the multiple methods of authentication. These methods can include the use of fingerprint (Rochman, Raharjana and Taufik 2017).

These multiple methods would be highly beneficial and simultaneously permit the identification of individuals efficiently and easily. Thus, the frauds can be prevented and avoided. I will also assist in preventing the online forgery and the online transaction can be made secure. Furthermore, the online security of users can be enhanced at the same time (Ibraimi et al. 2017). The fact is that even today the online frauds are on the rise and need to be prevented by any means.

Thus, the problems that are arising due to the various technical, legal and social issues need to be resolved and thus the proper measures are taken to solve them.

Case Studies of Digital Signature

Fraud using digital signature in Europe (Italy)

A particular case of fraud using the digital signature was reportedly found in Italy, Europe. The case took place due to the unlawful use of a digital signature. This is a good example in front of the world that the digital signature if used maliciously can give rise to great issues.

The report states that the plight of a businessman from Rome. The businessman found out that all the shares of his company have been registered and all this happened without him being aware of this at all. This was shocking for him (Ding 2016). Later on, he found out that this happened because a certain man David Henry who by false means, became the sole director of the company and authorized himself to transfer the headquarters of the company.

The deeds of conveyance were passed to the Chamber of Commerce using the electronic media at the office of the accountant. This was done by digitally signing an electronic smart card. The smart card was on the name of Rome’s businessman but the request was not initiated by him.

After a lot of probing it was found by the I.T. investigation that three suspects were found and a court case was then filed against them (Jaya Sharma 2017).

The investigation proved that the fraud was initiated by the one who owned the firm of consultancy. The accused had used the photocopy of the I.D. card of the businessman and used it to activate two smart cards after filling the required form. The owner of the agency cleared that the men came to him and just lied to him that the businessman was abroad somewhere and so he could not be present in-person to sign the smart cards, and they have come on his behalf. The judges were convinced that the accountant as well as the agency owner were innocent and were not found to b guilty (Yao, et al. 2019). Although they have shown a careless behaviour for which they were warned. The case indicates that digital signature at times can be forged and therefore the digital transactions must be done with utmost care and concern. The technology is beneficial but of used maliciously can lead to major problems and hence should be taken care of.

The Case of Sanjay Gupta in Mumbai (India, Asia)

The case is from the city of Mumbai, India (Asia).In this case, the complaint is lodged by a police officer. The complaint done by the police officer states that he noticed that a certain website of the Internet that the company of the applicant was ready to launch a new film on 29^th February 2012. It is stated in the report that the one who applied had utilized a letter that was perceived to be written by Mumbai’s Commissioner of Police.It was further stated by the complainant that he doubted something fishy in this. He asserted that the applicant had forged the Commissioner’s signature and was planning to cheat general people (Jaya Sharma 2017).

The offence mentioned above is punishable, and forgery should be avoided by all means.

The Learned Counsel appearing for the applicant stated that the applicant was ready to send a letter of apology to the Commissioner and others who were concerned with the case. He would also request the company on whose website the document was displayed to remove the document from the website (Chiou 2016).

Thus, the two case studies that are taken from the various regions such as Europe and Asia are providing a good example of how the forgery of the digital signature can lead to several problems which can be dangerous for the society also. Thus, the issue needs to be tackled properly and thereby lead to the success of the new technology of the digital signature.

The above two cases indicate that although the novel technologies have been beneficial to a great extent but at the same time has its limitations. The digital signature is beneficial while dealing with online transactions. It has been accepted gracefully all over the world. Still, at the same time, the cases mentioned above also indicate that technology can be misused and forged and create disastrous results (Tripathi and Gupta 2018). This should be taken care of, and all the possible ways through which the digital signature can be forged should be prevented. Correct measures should be taken to prevent forgery, and thus, the digital transactions can be made secure.

Conclusion on I.T. and Business Fraud

The report presented has been successful in explaining the concept of the digital signature. Initially, the report focuses on a brief description of the new digital technologies and specifically the digital signature concept. It also focuses on the benefits of the digital signature and has put forth the advantages in a detailed manner. It then properly analyses the technical aspects of the digital signature. Apart from this, it also throws light on the social and legal aspects of technology. The issues that the technology faces are well put forth and solution to resolve the issues are also presented in a great manner. The report further exemplifies the issues with the help of case studies in the European and Asian regions. The report thus successfully analyses the digital signature concept and the issues related to it. The case studies are also instrumental in understanding the concept in a proper way.

References for I.T. and Business Fraud

Alkim, E., Barreto, P.S., Bindel, N., Longa, P. and Ricardini, J.E., 2019. The Lattice-Based Digital Signature Scheme qTESLA. IACR Cryptology ePrint Archive, 2019, p.85.

Blinn, A., Go Daddy Group Inc, 2019. Script verification using a digital signature. U.S. Patent 10,333,716.

Chiou, S.Y., 2016. Novel digital signature schemes based on factoring and discrete logarithms. International Journal of Security and Its Applications, 10(3), pp.295-310.

CWI, L.D., Kiltz, E., Lepoint, T., Lyubashevsky, V., Schwabe, P., Seiler, G. and Stehlé, D., 2018. CRYSTALS-Dilithium: A Lattice-Based Digital Signature Scheme.

Ding, J., 2016. Improvements on multivariate digital signature schemes based on hfev-and new applications of multivariate digital signature schemes for white-box encryption.

Ghosh, S., Sastry, M., Iyer, P. and Lu, T., Intel Corp, 2019. Digital signature verification engine for reconfigurable circuit devices. U.S. Patent Application 16/456,368.

Goldwasser, S., Micali, S. and Rivest, R.L., 2019. A" paradoxical" solution to the signature problem. In Providing Sound Foundations for Cryptography: On the Work of Shafi Goldwasser and Silvio Micali (pp. 265-284).

Goswami, A., Mukherjee, R., Chowdhury, S. and Ghoshal, N., 2019. Digital Signature Protocol for Visual Authentication. INTERNATIONAL ARAB JOURNAL OF INFORMATION TECHNOLOGY, 16(4), pp.712-719.

Haron, G.R., Daud, N.I. and Mohamad, M.S., 2019. Narrative of Digital Signature Technology and Moving Forward.

Hoffstein, J., Pipher, J., Schanck, J.M., Silverman, J.H. and Whyte, W.J., SECURITY INNOVATION Inc, 2017. Digital signature method. U.S. Patent 9,722,798.

Hoffstein, J., Schanck, J.M., Silverman, J.H. and Whyte, W.J., SECURITY INNOVATION Inc, 2017. Digital signature technique. U.S. Patent 9,634,840.

Ibraimi, L., Asim, M. and Petkovic, M., Koninklijke Philips NV, 2017. Attribute-based digital signature system. U.S. Patent 9,806,890.

Jaya Sharma, 2017. Socio-legal impact of paperless signing in today’s world:An Indian perspective[Online] Available through <https://thecompaniesact2013.com/article_detail.php?id=22> [Accessed on 20^th April, 2020]

Mansour, A.H., 2017. Analysis of RSA Digital Signature Key Generation using Strong Prime. International Journal of Computer, 24(1), pp.28-36.

Medina III, R., United Services Automobile Association (USAA), 2019. Systems and methods for digital signature detection. U.S. Patent 10,354,235.

Miao, S., Yan, Z. and Authority, B.C., 2016. An EMR Electronic Evidence Curing Method Based on Digital Signature and Time Stamp. Information Security and Technology, (1), p.18.

Mohassel, P., Garay, J. and Fan, X., Verizon Media LLC, 2019. Method and system for digital signature-based adjustable one-time passwords. U.S. Patent 10,461,932.

Rochman, F.F., Raharjana, I.K. and Taufik, T., 2017. Implementation of Q.R. Code and Digital Signature to Determine the Validity of KRS and KHS Documents. Scientific Journal of Informatics, 4(1), pp.8-19.

Shaker, S.H. and Jumaa, G.G., 2017. Digital Signature Based on Hash Functions. International Journal Of Advancement In Engineering Technology, Management and Applied Science (IJAETMAS), 4(1), pp.88-99.

TAN, D.L. and LI, J.L., 2018. A Two-dimension Bar Code Technology with Digital Signature. Computer Technology and Development, (3), p.30.

Tripathi, S.K. and Gupta, B., 2018. An Extension to Modified Harn Digital Signature Scheme with the Feature of Message Recovery. In Networking Communication and Data Knowledge Engineering (pp. 183-193). Springer, Singapore.

Yao, X., Liu, X., Xue, R., Wang, H., Li, H., Wang, Z., You, L., Huang, Y. and Zhang, W., 2019. Multi-bit quantum digital signature based on quantum temporal ghost imaging. arXiv preprint arXiv:1901.03004.

Remember, at the center of any academic work, lies clarity and evidence. Should you need further assistance, do look up to our Computer Science Assignment Help