What is a digital signature. Explain any digital signature algorithm in detail.
1 Answer

Why digital Signature?

  • The concept of message authentication protects two parties who exchange messages from any third party.
  • It cannot however protect the two parties from acting against each other by fraudulently creating or denying creation. ( A sends a message to B; later A says I didn’t send any message request; this is a drawback of message authentication)
  • A digital signature is analogous to handwritten signature. Just as a signature is a unique identification mark of an individual to a second-person (e.g. bank checks are passed using signature)
  • A digital signature should provide the ability to :
    • verify author, date & time of signature
    • authenticate message contents be verified by third parties to resolve disputes

enter image description here

  • The above diagram is a generic model for digital signatures:

Some basic requirements that needs to be satisfied by the digital signatures are:

  • The signature must be bit pattern that depends on the message being sent.
  • The signature must have some info unique to the sender so as to prevent forgery.
  • The process of producing and verifying must be relatively easy.

There are different types of signature schemes available e.g. El-gammaal scheme, schnorr signature scheme, DSA approach.

Let’s analyze the DSA approach:

  • The DSA (or Digital Signature Algorithm) is based on the difficulty on computing discrete logarithms and is based on schemes originally presented by ElGamaaal and Schnorr.
  • It creates a 320-bit signature with 512-1024 bit security.
  • It is samller and faster than RSA. However, unlike RSA it cannot be used for encryption or key-exchange.
  • DSA Key – Generation:
    • We have three global parameters that are shared (p,q,g).
    • q: Chose a 160-bit prime number q
    • p: Choose a large prime p with 2L-1 < p < 2L .. (where L= 512 to 1024 bits and is a multiple of 64)
    • g: choose g = h(p-1)/q
    • Then each DSA chooses a random private key x, and computes their public key as y = gx mod p
  • DSA Signature Creation:
    • To sign a message M, we generate a random signature key k (k<q).< li="">
    • To create a signature, a user calculates two quantities, r and s as:
    • r = (gk mod p)mod q
    • s = [k-1(H(M)+ xr)] mod q
    • Now we send signature (r,s) with message M
  • DSA Signature Verification:
    • To verify a signature the receiver computes the following values:
    • w = s-1 mod q
    • u1= [H(M)w ]mod q
    • u2= (rw)mod q
    • v = [(gu1 yu2)mod p ]mod q
    • if the value of v and r (signature) is same, its verified.
Please log in to add an answer.