This is a Clilstore unit. You can .
UNIT 1 – SECURITY AND INTEGRITY
In this part of the unit we are talking about how to make sure that the communications through a shared channel, like internet, where there are many bad guys, who might intercept the messages, read and modify them, and even usurp the identity of other people with evil intent.
In the activity 1, we will learn how to ensure that nobody except the legitimate receiver will read your communications using encryption
In the activity 2, we will learn how to ensure that the message has not been intercepted and modified by a third person, using digital signature
In the activity 3, we will learn how to ensure that the sender is identified in a reliable way using certificates from an Certifying Authority
All these elements are meant to make sure the communications from a legal standpoint. This concept is also known as to provide LEGAL SECURITY to the Internet
When a communication is carried out through a shared network like Internet, how can you tell that the other part, which could stay wherever in the world, is really the one who tells you he is. This problem is very important front the point of view of tasks made on Internet with legal implications. And can be partially solved with the digital signature.
When you receive a document by a shared channel like Internet, how can I make sure that the document is not intercepted and modified by a third part.
Both problems can be solved using digital signature
To digitally sign a document is to encrypt it using your private key. This allows everybody knowing your public key to successfully decrypt the document, and to ensure that it really comes from you. Well, this statement is not totally true. Actually, it ensures that the document comes from the owner of a public key. But, the problem comes when the public key was not delivered personally by the sender to the receiver, face to face. If it was just sent on internet, it is impossible for the receiver to ascertain who was the real sender. Maybe it was sent by a third person. Or maybe the message was intercepted and changed by an usurper. All this may sound to you very unlikely, but while it is technically feasible, the legal consequences might be really serious
The digital signature, also ensures that the document was not modified by anybody else while travelling through the network, since the document is encrypted by the sender, any change made by a man in the middle would corrupt it, and turn the decrypt process impossible.
As before said, to encrypt a long document using private public key encryption is a process very time costing. So what actually is done is to calculate a HASH from the document and then encrypt it. A Hash is a short character chain obtained from the content of the message through a mathematical function. A message always will produce a single and unique hash. Two different messages, always will produce two different hashes
This is the process broken down in its steps.:
The sender, delivers in a trustworthy way his/her public key to the receiver
A short chain of bytes called the HASH, is worked out using a complex mathematical calculation over the document contents. For a message the hash is unique. Two different documents can't produce the same hash. And a document always will produce the same and single hash.
The sender encrypts the hash using his/her private key. As the hash takes up just some bytes, the encryption process is very quick
The sender sends both the document and the encrypted hash to the receiver
The receiver can ascertain the origin if he/she can successfully decrypt the hash using the sender's public key
Then de receiver calculates the Hash of the received document. If the results matches the received hash, the integrity of the document has been secured
We are facing the following scenario: We have to send an important file to a classmate. It doesn't matter if a third part reads the document, so it is not necessary to send it encrypted. But for legal reason you want to make sure that the document arrives to him with no modification at all. Your partner also have your public key, delivered in a reliable way. In order to verify the origin and the integrity of this document we must sign it digitally, which means, you have to encrypt its hash with your private key
Make a new Libre Office Write document
Search in Internet a number of paragraphs from a random literary text, and copy them to the new document
Write your name at the beginning and at the end of the document
Save the document with your name. For example “documento de jose.odt”
Select the document in Nautilus. Deploy the contextual menu and select the option firmar
A new window pops up allowing you to select one among the secret keys available. Choose the one with your name
Next, you have to input the password protecting your private key
As a result there will be a new file, with the same name and extension .sig This is the signature, (actually this is the original document hash, encrypted with your private key)
Send to your partner both the original document and the signature by email , so that he could verify it
VERIFYING YOUR PAL'S FILE
Your partner in the activity is expected to have sent you a file and its digital signature. In this part of the activity you have to verify it . You must have imported his public key in the previous activity. If you haven't, you won't be able to carry out this part of the activity
Select in Nautilus the file sent to you by email by your partner, and deploy the contextual menu (using the right button)
Select the option Obri amb verifica una firma
This message must appear on your screen upper right corner
CHECKING THAT SIGNING REALLY VERIFIES THE DOCUMENT
It's very easy to check out that the signature really proves the document has not been changed. Open your partner document and make a change. Then save it
Verify the document again using the option Obri amb verifica una firma. Now the message will be the one shown below, stating that the document has been modified
Call your teacher in order to assess the activity.
Short url: http://test.multidict.net/cs/4497