1
play

1 Arbitrated Digital Signatures Digital Signature Standard (DSS) - PDF document

CPE 542: CRYPTOGRAPHY & NETWORK SECURITY Digital Signatures have looked at message authentication but does not address issues of lack of trust Chapter 13 Digital Signatures digital signatures provide the ability to:


  1. CPE 542: CRYPTOGRAPHY & NETWORK SECURITY Digital Signatures • have looked at message authentication • but does not address issues of lack of trust Chapter 13 – Digital Signatures • digital signatures provide the ability to: • verify author, date & time of signature • authenticate message contents • be verified by third parties to resolve disputes Dr. Lo’ai Tawalbeh • hence include authentication function with additional Computer Engineering Department capabilities Jordan University of Science and Technology Jordan Dr. Lo’ai Tawalbeh Fall 2005 Dr. Lo’ai Tawalbeh Fall 2005 Digital Signature Properties Direct Digital Signatures • involve only sender & receiver • must depend on the message signed • must use information unique to sender • assumed receiver has sender’s public-key • to prevent both forgery and denial • digital signature made by sender signing entire • must be relatively easy to produce and to recognize & verify message or hash with private-key • be computationally infeasible to forge • can encrypt using receivers public-key • important that sign first then encrypt message & signature • security depends on sender’s private-key Dr. Lo’ai Tawalbeh Fall 2005 Dr. Lo’ai Tawalbeh Fall 2005 1

  2. Arbitrated Digital Signatures Digital Signature Standard (DSS) • US Govt approved signature scheme FIPS 186 • involves use of arbiter A • uses the SHA1 hash algorithm • validates any signed message • then dated and sent to recipient • designed by NIST & NSA in early 90's • DSS is the standard, DSA is the algorithm • requires suitable level of trust in arbiter • creates a 320 bit signature (s and r, each of 120-bits), but with 512- • can be implemented with either private or public-key 1024 bit security algorithms • security depends on difficulty of computing discrete logarithms • arbiter may or may not see message Dr. Lo’ai Tawalbeh Fall 2005 Dr. Lo’ai Tawalbeh Fall 2005 Digital Signature Standard (DSS) DSA Key Generation • have shared global public key values (p,q,g): • a large prime p = 2 L • where L= 512 to 1024 bits and is a multiple of 64 • choose q, a 160 bit prime factor of p-1 • choose g = h (p-1)/q • where h<p-1, h (p-1)/q (mod p) > 1 • users choose private & compute public key: • choose x<q compute y = g x (mod p) • Dr. Lo’ai Tawalbeh Fall 2005 Dr. Lo’ai Tawalbeh Fall 2005 2

  3. DSA Signature Creation DSA Signature Verification • to sign a message M the sender: • having received M & signature (r,s) • generates a random signature key k, k<q • to verify a signature, recipient computes: • nb. k must be random, be destroyed after use, and never be w = s -1 (mod q) reused u1= (SHA(M).w)(mod q) • then computes signature pair: u2= (r.w)(mod q) r = (g k (mod p))(mod q) v = (g u1 .y u2 (mod p)) (mod q) s = (k -1 .SHA(M)+ x.r)(mod q) • if v=r then signature is verified • sends signature (r,s) with message M • see book web site for details of proof why Dr. Lo’ai Tawalbeh Fall 2005 Dr. Lo’ai Tawalbeh Fall 2005 Digital Signature Algorithm (DSA) Digital Signature Algorithm (DSA) Dr. Lo’ai Tawalbeh Fall 2005 Dr. Lo’ai Tawalbeh Fall 2005 3

Recommend


More recommend