Reflection Paper

1

Research Paper

Steven A. Bruner (4151593)

American Military University

ISSC642

25 Oct 2022

Authentication/ Digital Signatures

Introduction

A digital signature is a numerical tool used to verify the origin and integrity of data stored in a digital format, such as a message, piece of software, or digital document. A digital signature provides the same level of security as a paper document or a stamped seal, but in digital form. The primary purpose of a digital signature is to prevent tampering and identity theft in electronic transactions. Online transaction security is paramount in today’s age of digital communications, making authentication as well as digital signatures indispensable. Digital signature authentication is the method by which the signer demonstrates to the validator that they are the authorized user of the signature in question (Qian et al., 2022). A digital certificate, a cryptographic key used only to sign the digital signature, is typically employed in this process. When a digital signature is made, it must be validated using the digital certificate.

Better security, less fraud, and happier customers are just a few of the outcomes of adopting authentication including digital signatures (Eka Putra et al., 2022). However, there are also drawbacks to its implementation, such as the requirement for stringent security measures to safeguard the private keys and the possibility of spoofing attacks. It is crucial to select a suitable authentication mechanism and employ digital signatures properly to guarantee the safety of online transactions. The findings of this research will add to the literature on authentication as well as digital signatures. Digital signatures for online financial dealings are the primary topic of this research. Digital signatures in online financial dealings will be investigated to determine their usefulness and potential downsides. In addition, the study will determine whether digital signatures improve the safety of online transactions.

Use of Digital Signatures

An electronic document’s, transaction’s, or message’s digital signature can prove its authenticity and status to the recipient. They can also be used as evidence of the signer’s awareness of the document’s contents. Digital signatures are recognized as legally enforceable in many jurisdictions across the world, including the United States (Davelis et al., 2022). The use of digital signatures has become widespread in many industries to simplify procedures and strengthen the reliability of documents. Three major objectives of information security can be accomplished with the use of digital signatures: integrity, authentication, & non-repudiation.

Data integrity

Postal Service or Message Transferring data without losing any of its original form is of paramount importance. Having data integrity guarantees that the message the receiver receives is the same as the one sent. Due to the nature of wide area networks like the Internet, where communications travel through one node or data network to another before reaching their final destination, there is always the possibility that messages will be corrupted in transit. Mechanisms for ensuring the integrity of data can help reduce the likelihood of such occurrences (Davelis et al., 2022). They will be able to tell if the message they obtained has been altered thanks to a data integrity check.

Authentication

Knowing that a file has been received intact isn’t always enough security when dealing with sensitive data. Someone receiving it could also want to verify that it was sent by the person they believe sent it. To rephrase, they’d need some method of verifying the legitimacy of the source (Alagheband & Mashatan, 2022).

Non-repudiation

Finally, there could be data transfers when recipients would prefer senders not deny responsibility for messages they transmitted in the past. They wouldn’t want, for instance, the sender to deny sending a report if that report turns out to be fake (Beckwith et al., 2022).

Benefits of Digital Signatures

The most significant advantage of using digital signatures is the increased level of safety they provide. Digital signatures have built-in security features that prevent forgery and verify the authenticity of the signer. On the other hand, another perk is that it can record the exact time. Timing-sensitive situations include stock trading, lottery ticket issuing, and legal proceedings, all of which benefit from time stamping because it provides the data and time of a digital signature. It abides by all applicable laws and is widely recognized internationally. Secure generation and storage of vendor-generated keys is guaranteed by the public key infrastructure (PKI) standard. A growing number of nations recognize digital signatures as binding legal because of the international standard (Kovalan et al., 2021).

In addition, there is saving time. With digital signatures, organizations may avoid the time and effort required to physically sign, store, and trade documents. Companies that switch to a paperless system see significant savings in the areas of physical resources, manpower, and real estate. What’s more, it’s usually correlated with a favorable impact on the surrounding ecosystem. Lessening the need to move paper documents also lessens the harmful effect on the environment. Finally, it helps with tracking down the origin of an item. The audit trail created by digital signatures simplifies the maintenance of accurate internal records. A manual signee or record-keeper can make a mistake or lose something, but with everything recorded and stored digitally, those risks are greatly reduced (Esiner et al., 2022).

Challenges of Digital Signatures

Despite the advantages, there are a few dangers that businesses need to think about before using digital signatures:

Risk of fraud & reliability – Organizations still face a high risk of signatory forgery and fraud, even when employing a specific digital signatory software system to address any authentication difficulties with the e-signing process. To combat this, you can take extra anti-fraud precautions, such as confirming your identity over the phone (Dahabiyeh & Constantinides, 2022).

Risk of unauthorized signing – Unauthorized signatures are a serious issue with both wet ink as well as electronic signatures. Because of blockchain technology, businesses can now effectively and securely manage signature lists in real-time while also keeping a comprehensive audit record of any data changes (Dahabiyeh & Constantinides, 2022).

Risk of non-compliance – Organizations must adhere to guidelines for contractual, disclosures, as well as other information at particular stages throughout a transaction, in addition to local, national, and international legislation governing electronic signatures (e.g. MiFID, FCA). Organizations risk regulatory sanctions and fines, loss of accreditation, and harm to their brand equity if they do not comply (Dahabiyeh & Constantinides, 2022).

Impact of Digital Signatures in Security of Electronic Transactions

Users can generate a digital fingerprint through the use of a technology known as digital signatures, which can then be used to verify the authenticity of a user and protect their private information in electronic conversations and files. The message body is included in the digital signature that is attached to an email. A digital signature is a form of electronic signature that can be used to verify the identity of a sender or a signatory and to guarantee that the recipient has received an unaltered copy of a signed document or message. This type of signature can also be used to guarantee that the recipient has received an unaltered copy of a signed document or message. A digital signature in an email serves as an additional layer of protection because it ensures that the sender is the genuine intended recipient and not a spoofing imposter (Velentzas et al., 2022).

Conclusion

For messages to be verified, public-key primitives like digital signatures must be used. It is normal practice in the real world to sign one's name below a written or typed remark. They are used to make the signer legally responsible for the contents of the letter. Digital signatures are useful because they may verify the sender's identity and prevent tampered messages from reaching their intended recipients. The digital signature works best if it is included in the application data and so created at the same time as the message. When the communication is received and processed, the signature is checked. Despite the benefits that come with the use of digital signatures, there are numerous challenges that come with it. By understanding these challenges, it becomes easy to mitigate them for efficiency and convenience (Ilias et al., 2022).

References

Alagheband, M. R., & Mashatan, A. (2022). Advanced digital signatures for preserving privacy and trust management in hierarchical heterogeneous IoT: Taxonomy, capabilities, and objectives.  Internet of Things,  18, 100492.

Beckwith, L., Nguyen, D. T., & Gaj, K. (2022). High-Performance Hardware Implementation of Lattice-Based Digital Signatures. Cryptology ePrint Archive.

Dahabiyeh, L., & Constantinides, P. (2022). Legitimating digital technologies in industry exchange fields: The case of digital signatures.  Information and Organization,  32(1), 100392.

Davelis, A., Butt, U. J., Pender, G., & Hussein, K. E. (2022). Emerging Technologies: Blockchain and Smart Contracts. Blockchain and Other Emerging Technologies for Digital Business Strategies, 143-169.

Eke Putra, T. J., & Resaid, R. (2022). Digital Signatures In the Minutes of Investigation By Investigators. http://eprints.eudl.eu/id/eprint/10180/

Esiner, E., Tewfik, U., Erol, H. S., Mashima, D., Chen, B., Hu, Y. C., ... & Nicol, D. M. (2022). LoMoS: Less-Online/More-Offline Signatures for Extremely Time-Critical Systems.  IEEE Transactions on Smart Grid,  13(4), 3214-3226.

Ilias, M. M., Kumar, K. S., Nandini, K., Arief, M., Rishikesh, M., & Kavya, K. (2022). Biometric Authentication for Cloud Services. JOURNAL OF ALGEBRAIC STATISTICS, 13(3), 2132-2142. https://www.publishoa.com/index.php/journal/article/view/854

Kovalan, K., Omar, S. Z., Tang, L., Bolong, J., Abdullah, R., Ghazali, A. H. A., & Pitchan, M. A. (2021). A Systematic Literature Review of the Types of Authentication Safety Practices among Internet Users. International Journal of Advanced Computer Science and Applications, 12(7). https://pdfs.semanticscholar.org/f173/32605654566b40e0bea1929bc611653de41c.pdf

Qian, Y., Ye, F., & Chen, H. H. (2022). Message Authentication, Digital Signature, and Key Management. https://ieeexplore.ieee.org/abstract/document/9635086/

Velentzas, J., Kiriakoulis, G., Broni, G., Kartalis, N., Panou, G., & Fragulis, G. (2022). Digital and advanced electronic signature: the security function, especially in electronic commerce. In SHS Web of Conferences (Vol. 139, p. 03011). EDP Sciences. https://scholar.archive.org/work/oqlbdctv5zeqnawvbjnmnrbgj4/access/wayback/https://www.shs-conferences.org/articles/shsconf/pdf/2022/09/shsconf_etltc2022_03011.pdf