Digital Signatures and PKCS#11 Smart Cards Concepts, Issues and some Programming Details
With the need for information security in today's digital systems growing, cryptography has become one of its critical components. Digital signatures are one of the many uses of cryptography. PKCS#11, also known as Cryptoki, was defined by RSA and is a generic cryptographic token interface. This article deals with applying digital signatures on documents using cryptographic smart cards and readers. We shall also discuss using MS Crypto API for verifying these digital signatures.
It is assumed that the reader has some idea of cryptography. We will not be explaining the complete PKCS#11 standards, which is available as a part of PKCS documentation. However, some fundamentals will be explained. Readers not inclined to programming details may skip the middle portion of this document.
Public-key cryptography allows one to digitally sign and encrypt information transacted between parties. Public Key Infrastructure (PKI) uses this technology and adds authentication and non-repudiation of the information regarding the parties concerned. Public Key Cryptography Standards (PKCS) is a suite of protocols and algorithms that are used as an industry standard when implementing public-key cryptography and infrastructure. The fundamentals are based on Key Pairs, Message Digests and Certification. These are described....
