DSS: Digital Signature Standard and DSA Algorithm

SAJENDRA KUMAR, AP, IIMT IET, MEERUT What is a Digital Signature? Digital signatures are essential in todays modern world to verify the sender of a documents identity. A digital signature is represented in a

computer as a string of binary digits. The signature is computer using a set of rules and parameters (algorithm) such that the identity of the person signing the document as well as the originality of the data can be verified. The signature is generated by the use of a private key. A private key is

known only to the user. The signature is verified makes use of a public key which corresponds to (but not the same, i.e. mathematically infeasible to deduct private key from public) the private key. With every user having a public/private key pair, this is an example of public-key cryptography. Public keys, which are known by everyone, can be used to verify the signature of a user. The private key, which is never shared, is used in

signature generation, which can only be done by the user.

Digital signatures are used to detect unauthorized modifications to data. Also, the recipient of a digitally signed document in proving to a third party that the document was indeed signed by the person who it is claimed to be signed by. This is known as nonrepudiation, because the person who signed the document cannot repudiate the signature at a later time. Digital

2 signature algorithms can be used in e-mails, electronic funds transfer, electronic data interchange, software distribution, data storage, and just about any application that would need to assure the integrity and originality of data.

What is in the Standard? There are three algorithms that are suitable for digital signature generation under the DSS standard. They are the Digital Signature

Algorithm (DSA, which I will talk about more in depth later), the RSA algorithm, and the Elliptic Curve Digital Signature Algorithm (ECDSA). Also in this standard is a hash function to be used in the signature generation process. It is used to obtain a condensed version of the data, which is called a message digest. This message digest is then put into the digital signature algorithm to generate the digitally signed message. The same hash function is used in the verification process as well. The hash function used in the

DSS standard is specified in the Secure Hash Standard (SHS), which are the specifications for the Secure Hash Algorithm (SHA). The SHA is based on principles similar to those used by Professor Ronald L. Rivest of MIT when designing the MD4 message digest algorithm and is closely modeled after that algorithm. When a message of any length < 264 bits is input, the SHA produces a 160-bit output (message digest). Signing the message digest

rather than the message often improves the efficiency of the process

3 because the message digest is usually much smaller in size than the message. THE DSA ALGORITHM DSA Parameters: p = a prime modulus, where 2L-1 < p < 2L for 512 L 1024 and L is a multiple of 64. So L will be one member of the set {512, 576, 640, 704, 768, 832, 896, 960, 1024} q = a prime divisor of p-1, where 2159 < q < 2160

DSA is a variant on the ElGamal and Schnorr algorithms description of DSA p = 2L a prime number, where L= 512 to 1024 bits and is a multiple of 64 q a 160 bit prime factor of p-1 g = h(p-1)/q where h is any number less than p-1 with h(p-1)/q(mod p)> 1 x a number less than q y = gx(mod p) To sign a message M generate random k, k<q Compute r = (gk(mod p))(mod q) s = k-1.SHA(M)+ x.r (mod q) the signature is (r,s) To verify a signature: w = s-1(mod q) u1= (SHA(M).w)(mod q)

4 u2= r.w(mod q) v = (gu1.yu2(mod p))(mod q)

If v=r then the signature is verified Example A small example, we will take q = 101 and p = 7879 (notice q divides p 1). H=3 is a generator mod 7879, so we can take g = 378 mod 7879 = 170. Alice now picks a private key x = 75 and computes her public key y like so: y = g x mod 7879 = 4567 Alice wants to sign the message m = 22; she chooses a random number k = 50 and finds the inverse to be k 1 mod 101 = 99 . She then calculates (r, s): r = (17050 mod 7879) mod 101 = 2518 mod 101 = 94 s = (22 + 75 94) 99 mod 101 = 97 Alice then sends the triple (22, 94, 97) on to Bob, who performs the following computations to verify the signature: w = 971 mod 101 22 *25 mod 101 =45 94 *25 mod 101 =27 (17045456727 mod 7879) mod 101 = 2518 mod 101 = 94 R=94 Thus, Bob has verified that the signature came from Alice.