Presentation is loading. Please wait.

Presentation is loading. Please wait.

Digital Signature Algorithm (DSA) Kenan Gençol presented in the course BIL617 Cryptology instructed by Asst.Prof.Dr. Nuray AT Department of Computer Engineering,

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Digital Signature Algorithm (DSA) Kenan Gençol presented in the course BIL617 Cryptology instructed by Asst.Prof.Dr. Nuray AT Department of Computer Engineering,"— Presentation transcript:

1 Digital Signature Algorithm (DSA) Kenan Gençol presented in the course BIL617 Cryptology instructed by Asst.Prof.Dr. Nuray AT Department of Computer Engineering, Anadolu University 19,April,2010

2 Agenda Digital Signature: The Big Picture Digital Signature: The Big Picture Digital Signature Process Digital Signature Process Digital Signature Standard (DSS) Digital Signature Standard (DSS) Digital Signature Algorithm (DSA) Digital Signature Algorithm (DSA) Appendix: Discrete Logarithm Appendix: Discrete Logarithm

3

4 Digital Signature: The Big Picture

5

6 Digital Signature Process: Evolution Signing and verifying algorithms Signing and verifying algorithms Need for keys Need for keys Signing the Digest Signing the Digest Need for CAs (trusted third parties) Need for CAs (trusted third parties)

7

8 Need for CAs (trusted third parties)

9 Services provided Digital Signatures Message Authentication Message Authentication Message Integrity Message Integrity Nonrepudation (CAs) Nonrepudation (CAs) Does not provide privacy (confidentiality) Does not provide privacy (confidentiality)

10 Digital Signature Standard (DSS) US Govt approved signature scheme US Govt approved signature scheme designed by NIST & NSA in early 90's designed by NIST & NSA in early 90's published as FIPS-186 in 1991 published as FIPS-186 in 1991 revised in 1993, 1996 & then 2000 revised in 1993, 1996 & then 2000 uses the SHA hash algorithm (original SHA-1) uses the SHA hash algorithm (original SHA-1) DSS is the standard, DSA is the algorithm DSS is the standard, DSA is the algorithm FIPS 186-2 (2000) includes alternative RSA & elliptic curve signature variants FIPS 186-2 (2000) includes alternative RSA & elliptic curve signature variants Latest version is FIPS 186-3 (June 2009) Latest version is FIPS 186-3 (June 2009)

11 Digital Signature Algorithm (DSA) creates a 320 bit signature creates a 320 bit signature with 512-1024 bit key security with 512-1024 bit key security smaller and faster than RSA smaller and faster than RSA a digital signature scheme only a digital signature scheme only security depends on difficulty of computing discrete logarithms security depends on difficulty of computing discrete logarithms variant of ElGamal [ELGA85] & Schnorr [SCHN91] schemes variant of ElGamal [ELGA85] & Schnorr [SCHN91] schemes

12 Digital Signature Algorithm (DSA)

13 Glossary

14 Digital Signature Algorithm (DSA): Key Generation have shared global public key values (p,q,g): have shared global public key values (p,q,g): choose q, a 160 bit choose q, a 160 bit choose a large prime p = 2 L choose a large prime p = 2 L where L= 512 to 1024 bits and is a multiple of 64 where L= 512 to 1024 bits and is a multiple of 64 and q is a prime factor of (p-1) and q is a prime factor of (p-1) choose g = h (p-1)/q choose g = h (p-1)/q where h 1 where h 1 users choose private & compute public key: users choose private & compute public key: choose x<q choose x<q compute y = g x (mod p) compute y = g x (mod p)

15 Digital Signature Algorithm (DSA): Signing to sign a message M the sender: to sign a message M the sender: generates a random signature key k, k<q generates a random signature key k, k<q nb. k must be random, be destroyed after use, and never be reused nb. k must be random, be destroyed after use, and never be reused then computes signature pair: then computes signature pair: r = (g k (mod p))(mod q) s = (k -1.H(M)+ x.r)(mod q) sends signature (r,s) with message M sends signature (r,s) with message M

16 Digital Signature Algorithm (DSA): Verification having received M & signature (r,s) having received M & signature (r,s) to verify a signature, recipient computes: to verify a signature, recipient computes: w = s -1 (mod q) u1= (H(M).w)(mod q) u2= (r.w)(mod q) v = (g u1.y u2 (mod p)) (mod q) if v=r then signature is verified if v=r then signature is verified

17

18 Correctness of the algorithm

19 Digital Signature Algorithm (DSA): An Example Alice chooses q = 101 and p = 8081. Alice selects e 0 = 3 and calculates e 1 = e 0 (p−1)/q mod p = 6968. Alice chooses d = 61 as the private key and calculates e 2 = e 1 d mod p = 2038. Now Alice can send a message to Bob. Assume that h(M) = 5000 and Alice chooses r = 61: Alice sends M, S 1, and S 2 to Bob. Bob uses the public keys to calculate V.

20 Digital Signature Algorithm (DSA) Please refer to the following document for further information: Please refer to the following document for further information: http://csrc.nist.gov/publications/fips/fips1 86-3/fips_186-3.pdf http://csrc.nist.gov/publications/fips/fips1 86-3/fips_186-3.pdf

21 A last word..

22 Appendix: Discrete Logarithm If g and h are elements of a finite cyclic group G then a solution x of the equation g x = h is called a discrete logarithm to the base g of h in the group G. If g and h are elements of a finite cyclic group G then a solution x of the equation g x = h is called a discrete logarithm to the base g of h in the group G.finitecyclic groupfinitecyclic group

23 Thank You

Download ppt "Digital Signature Algorithm (DSA) Kenan Gençol presented in the course BIL617 Cryptology instructed by Asst.Prof.Dr. Nuray AT Department of Computer Engineering,"

Similar presentations

Public Key Cryptosystem

Public Key Cryptosystem
1 Chapter 7-2 Signature Schemes. 2 Outline [1] Introduction [2] Security Requirements for Signature Schemes [3] The ElGamal Signature Scheme [4] Variants.

1 Chapter 7-2 Signature Schemes. 2 Outline [1] Introduction [2] Security Requirements for Signature Schemes [3] The ElGamal Signature Scheme [4] Variants.
Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.

Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.
Cryptography and Network Security

Cryptography and Network Security
Computer Science&Technology School of Shandong University Instructor: Hou Mengbo Email: houmb AT sdu.edu.cn Office: Information Security Research Group.

Computer Science&Technology School of Shandong University Instructor: Hou Mengbo houmb AT sdu.edu.cn Office: Information Security Research Group.
Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.

Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.
Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings.

Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings.
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
Public Key Advanced Topics. Hash and MAC Algorithms Each of the messages, like each one he had ever read of Stern's commands, began with a number and.

Public Key Advanced Topics. Hash and MAC Algorithms Each of the messages, like each one he had ever read of Stern's commands, began with a number and.
1 Chapter 13 – Digital Signatures & Authentication Protocols Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,

1 Chapter 13 – Digital Signatures & Authentication Protocols Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,
Cryptography and Network Security (CS435) Part Eleven (Digital Signatures and Authentication Protocols)

Cryptography and Network Security (CS435) Part Eleven (Digital Signatures and Authentication Protocols)
Announcements:Questions? This week: Birthday attacks, Digital signatures, DSA Birthday attacks, Digital signatures, DSA DTTF/NB479: DszquphsbqizDay 30.

Announcements:Questions? This week: Birthday attacks, Digital signatures, DSA Birthday attacks, Digital signatures, DSA DTTF/NB479: DszquphsbqizDay 30.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CS470, A.SelcukElGamal Cryptosystem1 ElGamal Cryptosystem and variants CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukElGamal Cryptosystem1 ElGamal Cryptosystem and variants CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Cryptography1 CPSC 3730 Cryptography Chapter 13 Digital Signature Standard (DSS)

Cryptography1 CPSC 3730 Cryptography Chapter 13 Digital Signature Standard (DSS)
1 Information System Security AABFS-Jordan Summer 2006 Digital Signature and Hashing Functions Prepared by: Maher Abu Hamdeh & Adel Hamdan Supervised by:

1 Information System Security AABFS-Jordan Summer 2006 Digital Signature and Hashing Functions Prepared by: Maher Abu Hamdeh & Adel Hamdan Supervised by:
Chapter 3 Encryption Algorithms & Systems (Part C)

Chapter 3 Encryption Algorithms & Systems (Part C)
Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,

Public Key Cryptography RSA Diffie Hellman Key Management Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College,
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

Similar presentations

Ads by Google