The Direct Digital Signature is only include two parties one to send message and other one to receive it. According to direct digital signature both parties trust each other and knows there public key. The message are prone to get corrupted and the sender can declines about the message sent by him any time
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Information and network security 44 direct digital signatures
1. Information and Network Security:44
Direct Digital Signatures
Prof Neeraj Bhargava
Vaibhav Khanna
Department of Computer Science
School of Engineering and Systems Sciences
Maharshi Dayanand Saraswati University Ajmer
2. Digital Signature Requirements
must depend on the message signed
must use information unique to sender
to prevent both forgery and denial
must be relatively easy to produce
must be relatively easy to recognize & verify
be computationally infeasible to forge
with new message for existing digital signature
with fraudulent digital signature for given message
be practical save digital signature in storage
3. Direct Digital Signatures
• involve only sender & receiver
• assumed receiver has sender’s public-key
• digital signature made by sender signing entire message or hash with
private-key
• can encrypt using receivers public-key
• important that sign first then encrypt message & signature
• security depends on sender’s private-key
4. Direct Digital Signatures
• The term direct digital signature refers to a digital signature scheme
that involves only the communicating parties (source, destination).
• It is assumed that the destination knows the public key of the source.
Direct Digital Signatures involve the direct application of public-key
algorithms involving only the communicating parties.
• A digital signature may be formed by encrypting the entire message
with the sender’s private key, or by encrypting a hash code of the
message with the sender’s private key.
5. Direct Digital Signatures
• Confidentiality can be provided by further encrypting the entire
message plus signature using either public or private key schemes.
• It is important to perform the signature function first and then an
outer confidentiality function, since in case of dispute, some third
party must view the message and its signature. But these approaches
are dependent on the security of the sender’s private-key.
• Will have problems if it is lost/stolen and signatures forged. The
universally accepted technique for dealing with these threats is the
use of a digital certificate and certificate authorities.
6. ElGamal Digital Signatures
• signature variant of ElGamal, related to D-H
• so uses exponentiation in a finite (Galois)
• with security based difficulty of computing discrete
logarithms, as in D-H
• use private key for encryption (signing)
• uses public key for decryption (verification)
• each user (eg. A) generates their key
• chooses a secret key (number): 1 < xA < q-1
• compute their public key: yA = a
xA
mod q
7. ElGamal Digital Signatures
• T. Elgamal announced a public-key scheme based on discrete
logarithms, closely related to the Diffie-Hellman technique [ELGA84,
ELGA85].
• The ElGamal encryption scheme is designed to enable encryption by a
user's public key with decryption by the user's private key.
• The ElGamal signature scheme involves the use of the private key for
encryption and the public key for decryption.
• The ElGamal cryptosystem is used in some form in a number of
standards including the digital signature standard (DSS) and the
S/MIME email standard.
8. ElGamal Digital Signature
• Alice signs a message M to Bob by computing
• the hash m = H(M), 0 <= m <= (q-1)
• chose random integer K with 1 <= K <= (q-1) and
gcd(K,q-1)=1
• compute temporary key: S1 = a
k
mod q
• compute K-1 the inverse of K mod (q-1)
• compute the value: S2 = K-1(m-xAS1) mod (q-1)
• signature is:(S1,S2)
• any user B can verify the signature by computing
• V1 = a
m
mod q
• V2 = yA
S1 S1
S2 mod q
• signature is valid if V1 = V2
9. ElGamal Digital Signature
• To sign a message M, user A first computes the hash m = H(M), such
that m is an integer in the range 0 <= m <= q – 1. A then forms a
digital signature as shown.
• The basic idea with El Gamal signatures is to again choose a
temporary random signing key, protect it, then use it solve the
specified equation on the hash of the message to create the signature
(in 2 pieces).
• Verification consists of confirming the validation equation that relates
the signature to the (hash of the) message
10. ElGamal Signature Example
• use field GF(19) q=19 and a=10
• Alice computes her key:
• A chooses xA=16 & computes yA=10
16
mod 19 = 4
• Alice signs message with hash m=14 as (3,4):
• choosing random K=5 which has gcd(18,5)=1
• computing S1 = 10
5
mod 19 = 3
• finding K-1 mod (q-1) = 5-1 mod 18 = 11
• computing S2 = 11(14-16.3) mod 18 = 4
• any user B can verify the signature by computing
• V1 = 10
14
mod 19 = 16
• V2 = 43.34 = 5184 = 16 mod 19
• since 16 = 16 signature is valid
11. Assignment
• What are the properties and requirements for a digital signature?
• Explain ElGamal Digital Signature