Copyright 1998, GTE and FSTC Overview of Cryptography used in the FSTC US Treasury Electronic Checking Market Trial

Copyright 1998, GTE and FSTC

Overview of Cryptography used inthe FSTC US Treasury Electronic Checking

Market Trial


Enter PIN

SmartcardReader

Whenever a newecheck payment isto be made, a blankecheck can be brought up onto the payer’s screen

Creating anElectronic Check Payment

Payee

6/30/98

100.00

One Hundred and no/100s

Invoice # 593281

The date, payee, memo fieldsand amount are all filled in; the sequence number isautomatically provided

To sign the echeck, the payerinserts their electronic checkbook(smartcard) and enters their PIN to unlock the checkbook

Finally, the electronic checkbook readsin the entire echeck, attaches the digitalsignature, logs the echeck information, and returns the signed echeck

ElectronicCheckbook

Note: a digital signature is a unique dataitem that can be appended to the signeddocument—it is not a handwritten signaturenor a representation of handwriting

For illustrativepurposes only

7 8 9 –

4 5 6 +

1 2 3

0 •=

c = / *

7

5

9

1 32

64

8

0=

74B71299CA302AE7F1601338211DE3A014D9FF429B3A


Viewing the Checkbook Register and echecks

SmartcardReader

Checkbook Register

Invoice # 593281

Payee 100.00

One hundred and no/100s

6/30/98

Every echeck issuedcan be retained bythe originator for theirrecords and remainsa “perfect copy”

Since only one copyof an echeck will bepaid by the payer’sbank, copies can bekept by anyone andeven resent


Receiving & Endorsing anElectronic Check Payment

SmartcardReader

Email Inbox

Invoice # 593281

Payee 100.00

One hundred and no/100s

6/30/98 Typically, echecks willbe received via emailand can be opened like email messages

But, the digital signatureson echecks can bevalidated at any time toconfirm the originatorand that the echeck hasnot been modified

Enter PIN

7 8 9 –

4 5 6 +

1 2 3

0 •=

c = / *

7

5

9

1 32

64

8

0=

VALIDDo Not Write Below This Line

For Deposit Only

Acct # 345-1435-2

And, an echeck canbe endorsed fordeposit just like a paper check, but witha digital signature


Some Basic Questions

What is a digital signature?

How can a digital signature be validated?


Digital Signaturesand Cryptography

Digital signatures depend on a class of numerical algorithms known as “public key cryptography”

In public key cryptography, there are actually two keys required: A “private key” that is held by the “signer” and

never disclosed (a secret) A “public key” that can be freely disclosed to any

third parties


Public/Private Keys

A “public key cryptographic algorithm” takes as input data to be transformed and either a public or private key When data is transformed using the private key,

the corresponding public key is required to transform the data back into its original form

Public/private keys exist as pairs—for each private key, there is one, and only one, public key that can reverse the transformation


Electronic documents of any type and any lengthcan be digitally signed as follows...

An electronic document is fed into a one-way hash algorithm (SHA-1) toproduce a fixed-length “hash value”

HashHash

Forming a Digital Signature

PRIV

PrivateKey

DigitalSignatureAlgorithm

The “hash value” is a fixed number thatis extremely sensitive to any changes inthe document—even a single bit changedwill result in a different hash value

The resulting hash value is next fed intothe Digital Signature Algorithm (DSA)using the signer’s private key

The output of the Digital SignatureAlgorithm is the actual digital signaturethat can be attached to the originaldocument to form a signed document

Signed Document

SHA-1


SHA-1

PUB

PublicKey

DigitalSignatureAlgorithm

The original document is used to re-compute the one-way hash value

Signed Document

Validating a Digital Signature

The signature is fed into the Digital Signature Algorithm using the public key of the signer (from their certificate) and producing what should be the same hash value

Finally, the two hash values are compared to see if they are equalIf the hash values are equal, then the signature is valid—i.e., the source is authenticated and the document has not been modified

If the hash values are not equal, then the signature is invalid—i.e., either the source is not who they claim to be or the document has been modified

NO

YES

=? HashHash


Electronic Checkbook

ElectronicCheckbook

Device• Electronic checkbooks are tamper resistant and difficult to

attack from a network

• They can be simple smartcards, PC cards, palmtop devices,and even high-assurance, specialized “signing boxes”

Electronic checkbooks are hardware and softwaredevices that provide the basic echeck signing andendorsing functions, while protecting private keys


To illustrate how electronic checkbooks are producedan example based on a smartcard will be presented

• Same size, shape as typical credit or ATM card

• Can include mag stripe for traditional use

First, a blank plastic card is prepared for use

ElectronicCheckbook

DigitalSigningCard

Electronic Checkbook Example: a SmartCard


• Chip is programmed with electronic checkbook functionality

•Performs digital signatures and endorsements

•Maintains abbreviated on-chip log of echecks signed

Next, a microchip with gold contact pads is embedded into plastic card stock

ElectronicCheckbook

DigitalSigningCard



• The “private key” never leaves the microchip

• The “public key,” however, can be retrieved

After programming, the microchip is commandedto generate a public/private key pair forfuture check signing operations

ElectronicCheckbook

DigitalSigningCard


PUBPRIV


• A “Certificate Authority” is operated by the Bankto register a public key for each “checkbook”

• Each account can have multiple “checkbooks”

The “Issuing Bank” takes care of registeringthe checking account, the electronic checkbookcard, and the checkbook holder

ElectronicCheckbook

DigitalSigningCard


PUBPRIV

Issuing BankCertificateAuthority


• The Bank will then map this public key to thecorresponding checking account and also to thecheckbook holder

The public key from the checkbookis sent in a secure manner to theBank’s Certificate Authority

ElectronicCheckbook

DigitalSigningCard


PUBPRIV


PUB


• The Bank digitally signs thecertificate using its own private key

After verifying all account information andauthenticating the source of the public key,the Bank issues a certificate for the checkbook

ElectronicCheckbook

DigitalSigningCard


PRIV

Issuing BankCertificateAuthorityCertificate

PUB


Certificate

PUB

The Checkbook Card Producer confirms theintegrity of the certificate received from the Bank,and then places the certificate on the card

ElectronicCheckbook

DigitalSigningCard


PRIV

Certificate

PUB


• The Bank-issued certificate also includes account-specific information• “Blinded” Electronic Checking Account Number• Account and Checkbook restrictions


A “certificate” is merely an electronic document that provides the public key of the checkbook holder alongwith the holder’s account number and bank name

ElectronicCheckbook

DigitalSigningCard


PRIV

Certificate

PUB


• Checkbook certificates are sent with echecks so the recipients canextract the public key to validate the checkbook's digital signature

• The public key can be trusted, because the issuing Bank CA signedthe certificate claiming this public key goes with the indicated account


Bank CACertificat

ePUB

Bank CACertifica

tePUB

The Bank’s Certificate Authority also has a certificate that was issued to the Bankby the US Treasury

ElectronicCheckbook

DigitalSigningCard


PRIV

CheckbookCertificate

PUB


• The Bank’s certificate is providedto the electronic checkbook cardproducer for inclusion on the card


Bank CACertifica

tePUB

The Bank’s certificate is placed on theelectronic checkbook card along withthe checkbook certificate

ElectronicCheckbook

DigitalSigningCard


PRIV


PUBBank CACertificat

ePUB

• The Bank’s certificate provides the public keyneeded to verify the Bank’s digital signature onthe Checkbook certificate


PUB


• Treasury publishes “to the world” a certificate containing the public key needed to verify itssignature on Bank Certificates

The US Dept. of the Treasury also operatesa Certificate Authority, but for issuingcertificates to Banks

ElectronicCheckbook

DigitalSigningCard


PRIV



ePUB

United StatesDepartment

of the Treasury

CertificateAuthority

“Root”Certificat

ePUB


Any party can use the public key containedin the Treasury Root Certificate to verifyTreasury’s signatures on Bank Certificates

ElectronicCheckbook

DigitalSigningCard


PRIV



ePUB

“Root”Certificat

ePUB

United StatesDepartment

of the Treasury

CertificateAuthority

PUBPUB

• Treasury’s Certificate is known as a “Root”Certificate since it is not signed by a higherauthority—Treasury signs its own certificate



ElectronicCheckbook

Cardholder’s Name123-456

Issuing BankName & Logo

The checkbook card is finished by printing theBank name/logo and cardholder’s name on theface along with an identifying number



ElectronicCheckbook



InitialPIN(s)

PINMailer

An initial set of PINs is randomly generated andinstalled on the Microchip

PINs are printed onto blind PIN Mailer for user



ElectronicCheckbook



CardMailer

PINMailer

Cardholder

The finished Checkbook Card is mailed to thedesignated Cardholder

Later, the PIN mailer is sent to Cardholder


Electronic Checkbook Activation

A Checkbook card sent to Cardholder is not active, and cannot be used to sign echecks

The Cardholder must initiate a request to their Bank for activation of Checkbook Card Request is sent electronically using the

Checkbook card The one-time, initial PINs are used to activate

card, but user must enter their own PINs The Electronic Checkbook signs Activation

Request using Private Key embedded on Card

Thank You

Questions?Please visit our web site at

www.FSTC.org

Documents

Copyright 1998, GTE and FSTC Overview of Cryptography used in the FSTC US Treasury Electronic Checking Market Trial