Elgamal Digital Signature.

1. ElGamal signature scheme
Welcome
Md.Kawsar Ahmed
Department of Information and Communication
engineering
Pabna University of Science and Technology

2. Teacher CR Student
A story back in 1985

3. ElGamal signature scheme
The ElGamal digital signature scheme was described by Tahir Elgamal in 1985.
• The algorithm uses a key pair consisting of a public key and a private
key.
• The private key is used to generate a digital signature for a message,
and such a signature can be verified by using the signer's
corresponding public key.
• The digital signature provides message
 Authentication (the receiver can verify the origin of the message),
 Integrity (the receiver can verify that the message has not been modified since it was signed)
 Non-repudiation (the sender cannot falsely claim that they have not signed the message).

4. Arithmetic
3
Public Key
2
Privet Key
1
- Randomly
choice-
-
Calculate from
Privet key
-
-
Modulo Arithmetic
-
- Roll 160641 –
- Primitive Root -
- Roll 160621 -
Background Knowledge

5. Generate key
For a prime field GF(q) and primitive root
of q is α
1. Generate a random variable XA, where
1 < XA < q – 1
2. Compute YA = αXA mod q, where α is a
primitive root of q
3. A’s privet key is XA
4. A’s public key is {q, α, YA}
For a prime field GF(19) and α is 10
1. Generate a random variable XA=16,
where 1 < 16 < 18
2. Compute YA = 1016 mod 19 = 4
3. A’s privet key is XA = 16
4. A’s public key is {19, 10, 4}

6. Message signing
For message M which Hash m = H(M)
where m is integer and 1 ≤ m ≤ q-1
1. Generate a random integer key K,
where 1 ≤ K ≤ q-1 and, K and q-1 is
relatively prime
2. Compute S1 = αk mod q
3. Compute x = K-1 mod (q-1)
4. Compute S2 = x(m – XAS1) mod (q-1)
5. The signature consist of pair (S1, S2)
For message M which Hash m = H(M) =
14 where 4 is integer and 0 ≤ 14 ≤ 18
1. Generate a random integer key k = 5,
where 1 ≤ 5 ≤ 18 and, gcd(5, 18) = 1
2. Compute S1 = 105 mod 19 = 3
3. Compute x = 5-1 mod 18 = 11
4. Compute S2 = 11(14 – 16×3) mod 18= 4
5. The signature consist of pair (3, 4)

7. Verify Signature
For verifying a digital signature we have
sender public key {q, α, YA} , message M
which Hash is m and signature (S1, S2)
1. Compute V1 = αm mod q
2. Compute V2 = (𝑌𝐴) 𝑆1(𝑆1) 𝑆2 𝑚𝑜𝑑 𝑞
For verifying a digital signature we have
sender public key {19, 10, 4}, message M
which Hash is 14 and signature (3, 4)
1. Compute V1 = 1014 mod 19 = 16
2. Compute V2 = (4)3(3)4 𝑚𝑜𝑑 19 = 16
3. If V1 = V2, The signature is valid