Upload
derick-moody
View
216
Download
0
Embed Size (px)
Citation preview
Copyright 1998, GTE and FSTC
Overview of Cryptography used inthe FSTC US Treasury Electronic Checking
Market Trial
Copyright 1998, GTE and FSTC
Enter PIN
SmartcardReader
Whenever a newecheck payment isto be made, a blankecheck can be brought up onto the payer’s screen
Creating anElectronic Check Payment
Payee
6/30/98
100.00
One Hundred and no/100s
Invoice # 593281
The date, payee, memo fieldsand amount are all filled in; the sequence number isautomatically provided
To sign the echeck, the payerinserts their electronic checkbook(smartcard) and enters their PIN to unlock the checkbook
Finally, the electronic checkbook readsin the entire echeck, attaches the digitalsignature, logs the echeck information, and returns the signed echeck
ElectronicCheckbook
Note: a digital signature is a unique dataitem that can be appended to the signeddocument—it is not a handwritten signaturenor a representation of handwriting
For illustrativepurposes only
7 8 9 –
4 5 6 +
1 2 3
0 •=
c = / *
7
5
9
1 32
64
8
0=
74B71299CA302AE7F1601338211DE3A014D9FF429B3A
Copyright 1998, GTE and FSTC
Viewing the Checkbook Register and echecks
SmartcardReader
Checkbook Register
Invoice # 593281
Payee 100.00
One hundred and no/100s
6/30/98
Every echeck issuedcan be retained bythe originator for theirrecords and remainsa “perfect copy”
Since only one copyof an echeck will bepaid by the payer’sbank, copies can bekept by anyone andeven resent
Copyright 1998, GTE and FSTC
Receiving & Endorsing anElectronic Check Payment
SmartcardReader
Email Inbox
Invoice # 593281
Payee 100.00
One hundred and no/100s
6/30/98 Typically, echecks willbe received via emailand can be opened like email messages
But, the digital signatureson echecks can bevalidated at any time toconfirm the originatorand that the echeck hasnot been modified
Enter PIN
7 8 9 –
4 5 6 +
1 2 3
0 •=
c = / *
7
5
9
1 32
64
8
0=
VALIDDo Not Write Below This Line
For Deposit Only
Acct # 345-1435-2
And, an echeck canbe endorsed fordeposit just like a paper check, but witha digital signature
Copyright 1998, GTE and FSTC
Some Basic Questions
What is a digital signature?
How can a digital signature be validated?
Copyright 1998, GTE and FSTC
Digital Signaturesand Cryptography
Digital signatures depend on a class of numerical algorithms known as “public key cryptography”
In public key cryptography, there are actually two keys required: A “private key” that is held by the “signer” and
never disclosed (a secret) A “public key” that can be freely disclosed to any
third parties
Copyright 1998, GTE and FSTC
Public/Private Keys
A “public key cryptographic algorithm” takes as input data to be transformed and either a public or private key When data is transformed using the private key,
the corresponding public key is required to transform the data back into its original form
Public/private keys exist as pairs—for each private key, there is one, and only one, public key that can reverse the transformation
Copyright 1998, GTE and FSTC
Electronic documents of any type and any lengthcan be digitally signed as follows...
An electronic document is fed into a one-way hash algorithm (SHA-1) toproduce a fixed-length “hash value”
HashHash
Forming a Digital Signature
PRIV
PrivateKey
DigitalSignatureAlgorithm
The “hash value” is a fixed number thatis extremely sensitive to any changes inthe document—even a single bit changedwill result in a different hash value
The resulting hash value is next fed intothe Digital Signature Algorithm (DSA)using the signer’s private key
The output of the Digital SignatureAlgorithm is the actual digital signaturethat can be attached to the originaldocument to form a signed document
Signed Document
SHA-1
Copyright 1998, GTE and FSTC
SHA-1
PUB
PublicKey
DigitalSignatureAlgorithm
The original document is used to re-compute the one-way hash value
Signed Document
Validating a Digital Signature
The signature is fed into the Digital Signature Algorithm using the public key of the signer (from their certificate) and producing what should be the same hash value
Finally, the two hash values are compared to see if they are equalIf the hash values are equal, then the signature is valid—i.e., the source is authenticated and the document has not been modified
If the hash values are not equal, then the signature is invalid—i.e., either the source is not who they claim to be or the document has been modified
NO
YES
=? HashHash
Copyright 1998, GTE and FSTC
Electronic Checkbook
ElectronicCheckbook
Device• Electronic checkbooks are tamper resistant and difficult to
attack from a network
• They can be simple smartcards, PC cards, palmtop devices,and even high-assurance, specialized “signing boxes”
Electronic checkbooks are hardware and softwaredevices that provide the basic echeck signing andendorsing functions, while protecting private keys
Copyright 1998, GTE and FSTC
To illustrate how electronic checkbooks are producedan example based on a smartcard will be presented
• Same size, shape as typical credit or ATM card
• Can include mag stripe for traditional use
First, a blank plastic card is prepared for use
ElectronicCheckbook
DigitalSigningCard
Electronic Checkbook Example: a SmartCard
Copyright 1998, GTE and FSTC
• Chip is programmed with electronic checkbook functionality
•Performs digital signatures and endorsements
•Maintains abbreviated on-chip log of echecks signed
Next, a microchip with gold contact pads is embedded into plastic card stock
ElectronicCheckbook
DigitalSigningCard
Electronic Checkbook Example: a SmartCard
Copyright 1998, GTE and FSTC
• The “private key” never leaves the microchip
• The “public key,” however, can be retrieved
After programming, the microchip is commandedto generate a public/private key pair forfuture check signing operations
ElectronicCheckbook
DigitalSigningCard
Electronic Checkbook Example: a SmartCard
PUBPRIV
Copyright 1998, GTE and FSTC
• A “Certificate Authority” is operated by the Bankto register a public key for each “checkbook”
• Each account can have multiple “checkbooks”
The “Issuing Bank” takes care of registeringthe checking account, the electronic checkbookcard, and the checkbook holder
ElectronicCheckbook
DigitalSigningCard
Electronic Checkbook Example: a SmartCard
PUBPRIV
Issuing BankCertificateAuthority
Copyright 1998, GTE and FSTC
• The Bank will then map this public key to thecorresponding checking account and also to thecheckbook holder
The public key from the checkbookis sent in a secure manner to theBank’s Certificate Authority
ElectronicCheckbook
DigitalSigningCard
Electronic Checkbook Example: a SmartCard
PUBPRIV
Issuing BankCertificateAuthority
PUB
Copyright 1998, GTE and FSTC
• The Bank digitally signs thecertificate using its own private key
After verifying all account information andauthenticating the source of the public key,the Bank issues a certificate for the checkbook
ElectronicCheckbook
DigitalSigningCard
Electronic Checkbook Example: a SmartCard
PRIV
Issuing BankCertificateAuthorityCertificate
PUB
Copyright 1998, GTE and FSTC
Certificate
PUB
The Checkbook Card Producer confirms theintegrity of the certificate received from the Bank,and then places the certificate on the card
ElectronicCheckbook
DigitalSigningCard
Electronic Checkbook Example: a SmartCard
PRIV
Certificate
PUB
Issuing BankCertificateAuthority
• The Bank-issued certificate also includes account-specific information• “Blinded” Electronic Checking Account Number• Account and Checkbook restrictions
Copyright 1998, GTE and FSTC
A “certificate” is merely an electronic document that provides the public key of the checkbook holder alongwith the holder’s account number and bank name
ElectronicCheckbook
DigitalSigningCard
Electronic Checkbook Example: a SmartCard
PRIV
Certificate
PUB
Issuing BankCertificateAuthority
• Checkbook certificates are sent with echecks so the recipients canextract the public key to validate the checkbook's digital signature
• The public key can be trusted, because the issuing Bank CA signedthe certificate claiming this public key goes with the indicated account
Copyright 1998, GTE and FSTC
Bank CACertificat
ePUB
Bank CACertifica
tePUB
The Bank’s Certificate Authority also has a certificate that was issued to the Bankby the US Treasury
ElectronicCheckbook
DigitalSigningCard
Electronic Checkbook Example: a SmartCard
PRIV
CheckbookCertificate
PUB
Issuing BankCertificateAuthority
• The Bank’s certificate is providedto the electronic checkbook cardproducer for inclusion on the card
Copyright 1998, GTE and FSTC
Bank CACertifica
tePUB
The Bank’s certificate is placed on theelectronic checkbook card along withthe checkbook certificate
ElectronicCheckbook
DigitalSigningCard
Electronic Checkbook Example: a SmartCard
PRIV
CheckbookCertificate
PUBBank CACertificat
ePUB
• The Bank’s certificate provides the public keyneeded to verify the Bank’s digital signature onthe Checkbook certificate
Issuing BankCertificateAuthority
PUB
Copyright 1998, GTE and FSTC
• Treasury publishes “to the world” a certificate containing the public key needed to verify itssignature on Bank Certificates
The US Dept. of the Treasury also operatesa Certificate Authority, but for issuingcertificates to Banks
ElectronicCheckbook
DigitalSigningCard
Electronic Checkbook Example: a SmartCard
PRIV
CheckbookCertificate
PUBBank CACertificat
ePUB
United StatesDepartment
of the Treasury
CertificateAuthority
“Root”Certificat
ePUB
Copyright 1998, GTE and FSTC
Any party can use the public key containedin the Treasury Root Certificate to verifyTreasury’s signatures on Bank Certificates
ElectronicCheckbook
DigitalSigningCard
Electronic Checkbook Example: a SmartCard
PRIV
CheckbookCertificate
PUBBank CACertificat
ePUB
“Root”Certificat
ePUB
United StatesDepartment
of the Treasury
CertificateAuthority
PUBPUB
• Treasury’s Certificate is known as a “Root”Certificate since it is not signed by a higherauthority—Treasury signs its own certificate
Copyright 1998, GTE and FSTC
Electronic Checkbook Example: a SmartCard
ElectronicCheckbook
Cardholder’s Name123-456
Issuing BankName & Logo
The checkbook card is finished by printing theBank name/logo and cardholder’s name on theface along with an identifying number
Copyright 1998, GTE and FSTC
Electronic Checkbook Example: a SmartCard
ElectronicCheckbook
Cardholder’s Name123-456
Issuing BankName & Logo
InitialPIN(s)
PINMailer
An initial set of PINs is randomly generated andinstalled on the Microchip
PINs are printed onto blind PIN Mailer for user
Copyright 1998, GTE and FSTC
Electronic Checkbook Example: a SmartCard
ElectronicCheckbook
Cardholder’s Name123-456
Issuing BankName & Logo
CardMailer
PINMailer
Cardholder
The finished Checkbook Card is mailed to thedesignated Cardholder
Later, the PIN mailer is sent to Cardholder
Copyright 1998, GTE and FSTC
Electronic Checkbook Activation
A Checkbook card sent to Cardholder is not active, and cannot be used to sign echecks
The Cardholder must initiate a request to their Bank for activation of Checkbook Card Request is sent electronically using the
Checkbook card The one-time, initial PINs are used to activate
card, but user must enter their own PINs The Electronic Checkbook signs Activation
Request using Private Key embedded on Card
Thank You
Questions?Please visit our web site at
www.FSTC.org