1 / 8

Overview of Digital Signature Standard (DSS) and Digital Signature Algorithm (DSA)

The Digital Signature Standard (DSS) is a US government-approved cryptographic signature scheme. Designed by NIST and NSA in the early 1990s, it was published as FIPS-186 in 1991 and has undergone revisions in 1993, 1996, and 2000. DSS employs the Digital Signature Algorithm (DSA) to create 320-bit signatures with 512-1024 bit security, significantly smaller and faster than RSA. The security relies on the challenge of computing discrete logarithms. This overview also covers key generation and signature creation and verification processes in the DSA.

adie
Télécharger la présentation

Overview of Digital Signature Standard (DSS) and Digital Signature Algorithm (DSA)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CPSC 3730 Cryptography Chapter 13 Digital Signature Standard (DSS) Cryptography

  2. Digital Signature Standard (DSS) • US Govt approved signature scheme • designed by NIST & NSA in early 90's • published as FIPS-186 in 1991 • revised in 1993, 1996 & then 2000 • uses the SHA hash algorithm • DSS is the standard, DSA is the algorithm • FIPS 186-2 (2000) includes alternative RSA & elliptic curve signature variants Cryptography

  3. Digital Signature Algorithm (DSA) • creates a 320 bit signature • with 512-1024 bit security • smaller and faster than RSA • a digital signature scheme only • security depends on difficulty of computing discrete logarithms • variant of ElGamal & Schnorr schemes Cryptography

  4. Digital Signature Algorithm (DSA) Cryptography

  5. Fig 13.2 DSA Cryptography

  6. DSA Key Generation • have shared global public key values (p,q,g): • choose q, a 160 bit • choose a large prime p = 2L • where L= 512 to 1024 bits and is a multiple of 64 • and q is a prime factor of (p-1) • choose g = h(p-1)/q • where h<p-1, h(p-1)/q (mod p) > 1 • users choose private & compute public key: • choose x<q • compute y = gx (mod p) Cryptography

  7. DSA Signature Creation • to sign a message M the sender: • generates a random signature key k, k<q • nb. k must be random, be destroyed after use, and never be reused • then computes signature pair: r = (gk(mod p))(mod q) s = (k-1.H(M)+ x.r)(mod q) • sends signature (r,s) with message M Cryptography

  8. DSA Signature Verification • having received M & signature (r,s) • to verify a signature, recipient computes: w = s-1(mod q) u1= (H(M).w)(mod q) u2= (r.w)(mod q) v = (gu1.yu2(mod p)) (mod q) • if v=r then signature is verified • see book web site for details of proof why Cryptography

More Related