Digital Signature Algorithm
-
Upload
ashalizajohn -
Category
Documents
-
view
17 -
download
1
description
Transcript of Digital Signature Algorithm
![Page 1: Digital Signature Algorithm](https://reader034.fdocuments.us/reader034/viewer/2022042513/5695d1401a28ab9b0295c463/html5/thumbnails/1.jpg)
Presented By
Asha Liza John
MPhil CS3, IIITMK
Digital Signature Algorithm
![Page 2: Digital Signature Algorithm](https://reader034.fdocuments.us/reader034/viewer/2022042513/5695d1401a28ab9b0295c463/html5/thumbnails/2.jpg)
Digital Signature Standard (DSS)
US Govt. approved signature scheme
Designed by NIST in early 90’s
Published as FIPS 186 in 1991
Revised in 1993, 1996, 2000, 2009, 2013
Uses the SHA hash algorithm
DSS is the standard. DSA is the algorithm
DSA algorithm is used for digital signature only
![Page 3: Digital Signature Algorithm](https://reader034.fdocuments.us/reader034/viewer/2022042513/5695d1401a28ab9b0295c463/html5/thumbnails/3.jpg)
DSS vs. RSA Signature
![Page 4: Digital Signature Algorithm](https://reader034.fdocuments.us/reader034/viewer/2022042513/5695d1401a28ab9b0295c463/html5/thumbnails/4.jpg)
Digital Signature Algorithm (DSA)
Creates a 320-bit signature
Variant of ElGamal
Security depends on difficulty in computing
discrete logarithms.
![Page 5: Digital Signature Algorithm](https://reader034.fdocuments.us/reader034/viewer/2022042513/5695d1401a28ab9b0295c463/html5/thumbnails/5.jpg)
DSA Key Generation
Shared global public key values (p,q,g) :
Choose 160-bit prime number q
Choose a large prime p with 2L-1 < p < 2L
Where 512 ≤ L ≤ 1024 and L≡ 0 (mod 64)
Also, q is a 160 - bit prime factor of (p-1)
Choose g = h(p-1)/q mod p
Where 1 < h < p-1 and h(p-1)/q mod p >1
Users choose private key & compute public key :
Choose random private key x < q
Compute public key y = gx mod p
![Page 6: Digital Signature Algorithm](https://reader034.fdocuments.us/reader034/viewer/2022042513/5695d1401a28ab9b0295c463/html5/thumbnails/6.jpg)
DSA Signature Generation
To sign a message M the sender :
Generates a random signature key k, k < q
Note : k is destroyed after use and never reused
Then computes signature pair :
r = (gk mod p) mod q
s = [k-1(H(M) + xr)] mod q
Sends signature (r,s) with message M
![Page 7: Digital Signature Algorithm](https://reader034.fdocuments.us/reader034/viewer/2022042513/5695d1401a28ab9b0295c463/html5/thumbnails/7.jpg)
DSA Signature Verification
To verify a signature recipient
computes :
w = (s’)-1 mod q
u1 = [H(M’)w] mod q
u2 = (r’w) mod q
v = [ (gu1yu2) mod p] mod q
If v=r’ then signature is
verified
![Page 8: Digital Signature Algorithm](https://reader034.fdocuments.us/reader034/viewer/2022042513/5695d1401a28ab9b0295c463/html5/thumbnails/8.jpg)
Example
Key Generation
Let q=3, x=2,k=1, H(M) = 11
q is a prime factor of p-1. So p=nq+1 = 2(3)+1 = 7
g = h(p-1)/q mod p
= 26/3 mod 7
= 22 mod 7 = 4
y = gx mod p
= 42 mod 7
= 16 mod 7 = 2
![Page 9: Digital Signature Algorithm](https://reader034.fdocuments.us/reader034/viewer/2022042513/5695d1401a28ab9b0295c463/html5/thumbnails/9.jpg)
Signature Generation
Send r=1, s=1 and message M.
r = (gk mod p) mod q
= (41 mod 7) mod 3
= 4 mod 3 = 1
s = [k-1(H(M)+xr)] mod q
= [4*(11+(2*1))] mod 3
= [4*13] mod 3
= 52 mod 3 = 1
Note : k*k-1 ≡ 1 mod q
⇒ 1* k-1≡ 1 mod 3
⇒ k-1 = 4 ;
Example
![Page 10: Digital Signature Algorithm](https://reader034.fdocuments.us/reader034/viewer/2022042513/5695d1401a28ab9b0295c463/html5/thumbnails/10.jpg)
Signature Verification
Receives values M’= M, s’=s, r’=r.
Calculate w, u1, u2 and v as follows and check if v=r :
Example
w = (s)-1 mod q
= (1)-1 mod 3
= 4 mod 3 = 1
u1 = [ H(M)*w] mod q
= [11*1] mod 3
= 11mod 3 = 2
u2 = (r*w) mod q
= (1*1) mod 3
= 1 mod 3 = 1
v = [(gu1yu2) mod p] mod q
= [(42*21) mod 7] mod 3
= [32 mod 7] mod 3
= 4 mod 3 = 1 Here, v=r so signature is verified.
![Page 11: Digital Signature Algorithm](https://reader034.fdocuments.us/reader034/viewer/2022042513/5695d1401a28ab9b0295c463/html5/thumbnails/11.jpg)
How v = r ??
![Page 12: Digital Signature Algorithm](https://reader034.fdocuments.us/reader034/viewer/2022042513/5695d1401a28ab9b0295c463/html5/thumbnails/12.jpg)
y(rw) mod q mod p = g(xrw) mod q mod p
Proof
How v = r ??
![Page 13: Digital Signature Algorithm](https://reader034.fdocuments.us/reader034/viewer/2022042513/5695d1401a28ab9b0295c463/html5/thumbnails/13.jpg)
For any integer t, if g = h(p–1)/q mod p then gt mod p = gt mod q mod p
Proof
By Fermat's theorem (Chapter 8), because h is relatively prime to
p, we have Hp–1 mod p = 1. Hence, for any nonnegative integer n
How v = r ??
![Page 14: Digital Signature Algorithm](https://reader034.fdocuments.us/reader034/viewer/2022042513/5695d1401a28ab9b0295c463/html5/thumbnails/14.jpg)
For any integer t, if g = h(p–1)/q mod p then gt mod p = gt mod q mod p
Proof (Cont’d…)
How v = r ??
![Page 15: Digital Signature Algorithm](https://reader034.fdocuments.us/reader034/viewer/2022042513/5695d1401a28ab9b0295c463/html5/thumbnails/15.jpg)
For nonnegative integers a and b:
g(a mod q + b mod q) mod p = g(a+b) mod q mod p
Proof
How v = r ??
![Page 16: Digital Signature Algorithm](https://reader034.fdocuments.us/reader034/viewer/2022042513/5695d1401a28ab9b0295c463/html5/thumbnails/16.jpg)
((H(M) + xr)w) mod q = k
Proof(Cont’d)
How v = r ??
![Page 17: Digital Signature Algorithm](https://reader034.fdocuments.us/reader034/viewer/2022042513/5695d1401a28ab9b0295c463/html5/thumbnails/17.jpg)
((H(M) + xr)w) mod q = k
Proof
How v = r ??
![Page 18: Digital Signature Algorithm](https://reader034.fdocuments.us/reader034/viewer/2022042513/5695d1401a28ab9b0295c463/html5/thumbnails/18.jpg)