SlideShare a Scribd company logo
International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016
DOI: 10.5121/ijitmc.2016.4302 11
A NEW SIGNATURE PROTOCOL BASED ON RSA
AND ELGAMAL SCHEME
J. Ettanfouhi and O. Khadir
Laboratory of Mathematics, Cryptography and Mechanics, Fstm,
University Hassan II of Casablanca, Morocco
ABSTRACT
In this paper, we present a new signature scheme based on factoring and discrete logarithm problems.
Derived from a variant of ElGamal signature protocol and the RSA algorithm, this method can be seen as
an alternative protocol if known systems are broken.
KEYWORDS
Factoring, DLP, PKC, ElGamal signature scheme, RSA.
MSC: 60
94A
1. INTRODUCTION
In 1977, Rivest, Shamir, and Adleman[6 ] described the famous RSA algorithm which is based
on the presumed difficulty of factoring large integers. In 1985, ElGamal [2] proposed a signature
digital protocol that uses the hardness of the discrete logarithm problem[5 p.116, 7 p. 213, 8
p. 228 ]. Since then, many similar schemes were elaborated and published[1,3].
Among them, a new variant was conceived in 2010 by the second author[ 4 ].In this work, we
apply a combination of the new variant of Elgamal and RSA algorithm to build a secure digital
signature. The efficiency of the method is discussed and its security analyzed.
The paper is organised as follows: In section 2, we describe the basic ElGamal digital signature
algorithm and its variant. Section 3 is devoted to our new digital signature method. We end with
the conclusion in section 4.
In the paper, we will respect ElGamal work notations [3]. N, Z are respectively the sets of
integers and non-negative integers. For every positive integer n , we denote by Z
Z n
/ the finite
ring of modular integers and by *
)
/
( Z
Z n the multiplicative group of its invertible elements. Let
a ,b , c be three integers. The GCD of a and b is written as )
,
( b
a
gcd . We write
]
[
0.1 c
cm
b
a ≡ if c divides b
a − , and c
b
a mod
= if a is the rest in the division of b by
c . The bit length of n is the number of bits in its binary model, with n an integer .We start by
presenting the basic ElGamal digital signature algorithm and its variant:
International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016
12
2. ELGAMAL SIGNATURE SCHEME
In this section we recall ElGamal signature scheme[2] and its variant[4].
1. Alice chooses three numbers:
- p , a large prime integer.
- α , a primitive root of the finite multiplicative group *
)
/
( Z
Z p
- x , a random element of {1,2,..., 1
−
p }
2. She computes x
y α
= mod p . Alice’s public key is )
,
,
( y
p α , and x is her private key.
3. To sign the document m , Alice must solve the problem:
(1)
where s
r, are the unknown variables.
Alice fixes arbitrary r to be k
r α
= mod p , where k is chosen randomly and invertible
modulo 1
−
p . Equation (1) is then equivalent to:
(2)
Since Alice has the secret key x , and as the number k is invertible modulo 1
−
p , she calculates
the other unknown variable s by
(3)
4. Bob can verify the signature by checking if congruence (1) is valid for the variables r and s
given by Alice.
3. VARIANT OF ELGAMAL SIGNATURE SCHEME
We present a variant of ElGamal digital signature system.
This variant Error! Reference source not found. is based on the equation:
(4)
t
s
r ,
, are the unknown parameters, and )
,
,
( y
p α are Alice public keys. p is an integer (a large
prime). α is a primitive root of *
p
Z . y is calculated by x
y α
= mod p . x is a random
element of {1,2,...,p-1}.
International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016
13
Let )
(
= M
h
m , where h is a hash function, and M the message to be signed by Alice.
To give the solution (3), she fixes randomly r as p
mod
r k
α
≡ , and s to be p
mod
s l
α
≡ ,
where l
k, are selected arbitrary in {1,2,...,p-1}.
Equation (3) is then equivalent to:
(5)
as Alice recognize the values of x
m
l
k
s
r ,
,
,
,
, , she is able to calculate the last unknown variable
t .
Bob verify the signature by verifying the congruence (4).
this system does not use the extended Euclidean algorithm for calculating 1)
(
1
−
−
p
mod
k .
We clarify the scheme by the example given by the creator of this alternative[4].
3.1 EXAMPLE
Let )
,
,
( y
p α be Alice public keys where: 509
=
p , 2
=
α and 482
=
y . We assert that we are
not confident if using a small value of α does not abate the protocol. The private key is
281
=
x . Suppose that Alice wants to generate a signature for the document M for which
432[508]
)
( ≡
≡ M
h
m with the exponents 208
=
k and 386
=
l are randomly taken. She
computes ]
332[
2208
p
r k
≡
≡
≡ α , ]
39[
2386
p
s l
≡
≡
≡ α and 1]
440[ −
≡
+
+
≡ p
lm
ks
rx
t .
Bob or anyone can verify the relation ]
[p
s
r
y m
s
r
t
≡
α . Indeed, we find that ]
436[p
≡
α and
]
436[p
s
r
y m
s
r
≡ .
4. OUR PROTOCOL
4.1 DESCRIPTION
In this section, we describe our new digital signature. The protocol is based simultaneously on
two hard problems.
We assume first that h is a public secure hash function like SHA1[5 p.348, 7 p. 242 , 8
p.133].
We suppose that Alice public keys are )
,
,
,
( e
y
P α where:
- 1
2
= +
pq
P , p , q are three primes.
- α , a primitive root of the multiplicative group *
)
/
( Z
Z p .
- x
y α
= mod P , where x is the private key of Alice, which is randomly taken in
1}
{1,2,..., −
P .
International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016
14
- Element e is the public exponent in the RSA cryptosystem.
We propose the following protocol:
If Alice wants to sign the message M , she must give a solution for the modular equation:
(6)
where )
(
= M
h
m mod p , and r , s , t are unknown.
To solve equation (5) , Alice starts by putting:
(7)
(8)
Equation (5) becomes:
(9)
Alice uses the new variant of Elgamal algorithm[4] to solve equation (9) and to get the values of
r′ , s′ and t .
Then with her RSA private key she solves equations (7) and (8) . The cupel r and s is her
signature for the message M .
Bob or anybody can check that the signature is valid by replacing r , s and t in relation (5) .
4.2 EXAMPLE
Let us illustrate the method by the following example.
Suppose that Alice’s public key is: 104543
=
1
313
*
167
*
2
= +
P , 5
=
α , 23292
=
y , 7
=
e .
The private keys for RSA and ElGamal systems are respectively: 9502
=
x , 7399
=
d .
Assume that 12345
=
)
(
= M
h
m is the hashed message that she likes to sign.
If she takes Randomly 845
=
k and 2561
=
l .
She will find from equation 8 that 17744
=
r′ , 31839
=
s′ .
Relation 4 implies 57764
=
t .
Alice uses (6) and (7) to obtain:
International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016
15
r ≡ 1]
[ −
′ P
r d
≡ 75282
s ≡ 1]
[ −
′ P
s d
≡ 19005.
To verify Bob puts 62833
=
mod
= P
A t
α , 79849
=
mod
= 1
mod
P
y
B P
e
r −
,
83421
=
mod
1)
mod
(
= 1)
mod
(
P
P
r
C P
e
s
e −
− and 212997
=
mod
1)
mod
(
= P
P
s
D m
e
− , and
checks if P
D
C
B
A mod
*
*
= .
4.3 SECURITY ANALYSIS
Now that we have presented the protocol, we will discuss some possible attacks. Assume that
Oscar is Alice’s opponent.
ATTACK 1: If the attacker try to imitate the computation made by Alice, he can find r and s ,
but to find t he needs the value of the private key x to solve equation 4 .
ATTACK 2: Suppose Oscar is capable to solve the discrete logarithm problem [2]. He cannot
calculate r and s from equation (7) and (8) he will be confronted to the factorisation of a
large composite modulus [5,8].
ATTACK 3: Suppose Oscar is capable to solve RSA equations (7) and (8) . Oscar cannot get t
from equation (9) since x is Alice’s secret key. If he tries to get t from equation (4) , he will be
stopped by the discrete logarithm problem.
4.4 COMPLEXITY OF OUR ALGORITHM
As in [1], let exp
T , mult
T and h
T be appropriately the time to calculate an exponentiation, a
multiplication and hash function of a document M . We neglect the time needed for modular
substraction, additions, comparisons and apply the conversion mult
exp T
T 240
= .
4.4.1 SIGNATURE COMPLEXITY
To sign the message M , Alice must compute the six parameters:
)
(
= M
h
m mod P , k
r α
≡
′ ]
[P , l
s α
≡
′ ]
[P , d
r
r ′
≡ 1]
[ −
P , d
s
s ′
≡ 1]
[ −
P ,
lm
s
k
r
x
t +
′
+
′
≡ 1]
[ −
P .
Alice needs to perform four modular exponentiations, three modular multiplications and one hash
function computation. So the global required time is :
h
mult
h
mult
exp T
T
T
T
T
T +
+
+ 963
=
3
4
=
1
4.4.2 VERIFICATION COMPLEXITY
Bob should calculate 4 exponentiations, 2 multiplications and one hash function. So the global
required time is :
h
mult
h
mult
exp T
T
T
T
T
T +
+
+ 962
=
2
4
=
2
International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016
16
5. CONCLUSION
In this work, we proposed a new signature protocol that can be an alternative if old systems are
broken. Our method is based simultanyously on RSA cryptosystem and DLP.
ACKNOWLEDGEMENTS
This work is supported by the MMS e-orientation project.
REFERENCES
[1] R. R. Ahmad, E. S. Ismail,and N. M. F. Tahat , A new digital signature scheme based on factoring
and discrete logarithms , J. of Mathematics and Statistics (4): (2008), pp. .
[2] T. ElGamal, A public key cryptosystem and a signature scheme based on discrete logarithm problem,
IEEE Trans. Info. Theory, IT-31, (1985), pp. .
[3] L.C. Guillou, J.J. Quisquater, A Paradoxial Identity-based SIgnature Scheme Resulting from Zero-
Knowledge, Advances in cryptography, LNCS 403, (1990) pp. .
[4] O. Khadir, New variant of ElGamal signature scheme, Int. J. Contemp. Math. Sciences, Vol. 5, no.
34, (2010), pp. .
[5] A. J. Menezes, P. C. van Oorschot and S. A. Vanstone, Handbook of applied cryptography, CRC
Press, Boca Raton, Florida, 1997.
[6] R. Rivest, A. Shamir and L. Adeleman, A method for obtaining digital signatures and public key
cryptosystems, Communication of the ACM, Vol. no 21, (1978), pp. .
[7] J. Buchmann, Introduction to Cryptography,(Second Edition), Springer 2000.
[8] D. R. Stinson, Cryptography, theory and practice, second Edition, Chapman & Hall/CRC, 2006.
Authors
Jaouad Ettanfouhi holds an engineer degree in Computer Science from the University of
Hassan II of Casablanca (2011). Member of the laboratory of Mathematics, Cryptography
and Mechanics, he is preparing a thesis in public key cryptography.
Dr Omar Khadir received his Ph.D. degree in Computer Science from the University
of Rouen, France (1994). Co-founder of the Laboratory of Mathematics, Cryptography
and Mechanics at the University of Hassan II Casablanca, Morocco, where he is a
professor in the Department of Mathematics. He teaches cryptography for graduate
students preparing a degree in computer science. His current research interests include
public key cryptography, digital signature, primality, factorisation of large integers and
more generally, all subjects connected to the information technology.

More Related Content

Similar to A New Signature Protocol Based on RSA and Elgamal Scheme

Rsa cryptosystem
Rsa cryptosystemRsa cryptosystem
Rsa cryptosystem
Abhishek Gautam
 
The RSA Algorithm Explored
The RSA Algorithm ExploredThe RSA Algorithm Explored
The RSA Algorithm Explored
AM Publications,India
 
I1803014852
I1803014852I1803014852
I1803014852
IOSR Journals
 
It3416071612
It3416071612It3416071612
It3416071612
IJERA Editor
 
Cyber Security Part-3.pptx
Cyber Security Part-3.pptxCyber Security Part-3.pptx
Cyber Security Part-3.pptx
RavikumarVadana
 
Presentation on Cryptography_Based on IEEE_Paper
Presentation on Cryptography_Based on IEEE_PaperPresentation on Cryptography_Based on IEEE_Paper
Presentation on Cryptography_Based on IEEE_Paper
Nithin Cv
 
Security_Attacks_On_RSA~ A Computational Number Theoretic Approach.pptx
Security_Attacks_On_RSA~ A Computational Number Theoretic Approach.pptxSecurity_Attacks_On_RSA~ A Computational Number Theoretic Approach.pptx
Security_Attacks_On_RSA~ A Computational Number Theoretic Approach.pptx
shahiduljahid71
 
Assignment 2 (1) (1).docx
Assignment 2 (1) (1).docxAssignment 2 (1) (1).docx
Assignment 2 (1) (1).docx
pinstechwork
 
1982 - Probabilistic Encryption & How To Play Mental Poker Keeping Secret All...
1982 - Probabilistic Encryption & How To Play Mental Poker Keeping Secret All...1982 - Probabilistic Encryption & How To Play Mental Poker Keeping Secret All...
1982 - Probabilistic Encryption & How To Play Mental Poker Keeping Secret All...
decentralizeeverything
 
A NEW ALGORITHM TO CONSTRUCT S-BOXES WITH HIGH DIFFUSION
A NEW ALGORITHM TO CONSTRUCT S-BOXES WITH HIGH DIFFUSIONA NEW ALGORITHM TO CONSTRUCT S-BOXES WITH HIGH DIFFUSION
A NEW ALGORITHM TO CONSTRUCT S-BOXES WITH HIGH DIFFUSION
ijscmcj
 
A NEW ALGORITHM TO CONSTRUCT S-BOXES WITH HIGH DIFFUSION
A NEW ALGORITHM TO CONSTRUCT S-BOXES WITH HIGH DIFFUSIONA NEW ALGORITHM TO CONSTRUCT S-BOXES WITH HIGH DIFFUSION
A NEW ALGORITHM TO CONSTRUCT S-BOXES WITH HIGH DIFFUSION
ijscmcj
 
AUTHENTICATED PUBLIC KEY ENCRYPTION SCHEME USING ELLIPTIC CURVE CRYPTOGRAPHY
AUTHENTICATED PUBLIC KEY ENCRYPTION SCHEME USING ELLIPTIC CURVE CRYPTOGRAPHYAUTHENTICATED PUBLIC KEY ENCRYPTION SCHEME USING ELLIPTIC CURVE CRYPTOGRAPHY
AUTHENTICATED PUBLIC KEY ENCRYPTION SCHEME USING ELLIPTIC CURVE CRYPTOGRAPHY
ijujournal
 
AUTHENTICATED PUBLIC KEY ENCRYPTION SCHEME USING ELLIPTIC CURVE CRYPTOGRAPHY
AUTHENTICATED PUBLIC KEY ENCRYPTION SCHEME USING ELLIPTIC CURVE CRYPTOGRAPHYAUTHENTICATED PUBLIC KEY ENCRYPTION SCHEME USING ELLIPTIC CURVE CRYPTOGRAPHY
AUTHENTICATED PUBLIC KEY ENCRYPTION SCHEME USING ELLIPTIC CURVE CRYPTOGRAPHY
ijujournal
 
Large Semi Primes Factorization with Its Implications to RSA.pdf
Large Semi Primes Factorization with Its Implications to RSA.pdfLarge Semi Primes Factorization with Its Implications to RSA.pdf
Large Semi Primes Factorization with Its Implications to RSA.pdf
Dr. Richard Otieno
 
Design Of Elliptic Curve Crypto Processor with Modified Karatsuba Multiplier ...
Design Of Elliptic Curve Crypto Processor with Modified Karatsuba Multiplier ...Design Of Elliptic Curve Crypto Processor with Modified Karatsuba Multiplier ...
Design Of Elliptic Curve Crypto Processor with Modified Karatsuba Multiplier ...
ijdpsjournal
 
Ijetcas14 336
Ijetcas14 336Ijetcas14 336
Ijetcas14 336
Iasir Journals
 
Cryptography and its types and Number Theory .pptx
Cryptography and its types and Number Theory  .pptxCryptography and its types and Number Theory  .pptx
Cryptography and its types and Number Theory .pptx
GoharCh3
 
A comparative analysis of the possible attacks on rsa cryptosystem
A comparative analysis of the possible attacks on rsa cryptosystemA comparative analysis of the possible attacks on rsa cryptosystem
A comparative analysis of the possible attacks on rsa cryptosystem
IAEME Publication
 
C452023.pdf
C452023.pdfC452023.pdf
C452023.pdf
aijbm
 
Cryptosystem An Implementation of RSA Using Verilog
Cryptosystem An Implementation of RSA Using VerilogCryptosystem An Implementation of RSA Using Verilog
Cryptosystem An Implementation of RSA Using Verilog
ijcncs
 

Similar to A New Signature Protocol Based on RSA and Elgamal Scheme (20)

Rsa cryptosystem
Rsa cryptosystemRsa cryptosystem
Rsa cryptosystem
 
The RSA Algorithm Explored
The RSA Algorithm ExploredThe RSA Algorithm Explored
The RSA Algorithm Explored
 
I1803014852
I1803014852I1803014852
I1803014852
 
It3416071612
It3416071612It3416071612
It3416071612
 
Cyber Security Part-3.pptx
Cyber Security Part-3.pptxCyber Security Part-3.pptx
Cyber Security Part-3.pptx
 
Presentation on Cryptography_Based on IEEE_Paper
Presentation on Cryptography_Based on IEEE_PaperPresentation on Cryptography_Based on IEEE_Paper
Presentation on Cryptography_Based on IEEE_Paper
 
Security_Attacks_On_RSA~ A Computational Number Theoretic Approach.pptx
Security_Attacks_On_RSA~ A Computational Number Theoretic Approach.pptxSecurity_Attacks_On_RSA~ A Computational Number Theoretic Approach.pptx
Security_Attacks_On_RSA~ A Computational Number Theoretic Approach.pptx
 
Assignment 2 (1) (1).docx
Assignment 2 (1) (1).docxAssignment 2 (1) (1).docx
Assignment 2 (1) (1).docx
 
1982 - Probabilistic Encryption & How To Play Mental Poker Keeping Secret All...
1982 - Probabilistic Encryption & How To Play Mental Poker Keeping Secret All...1982 - Probabilistic Encryption & How To Play Mental Poker Keeping Secret All...
1982 - Probabilistic Encryption & How To Play Mental Poker Keeping Secret All...
 
A NEW ALGORITHM TO CONSTRUCT S-BOXES WITH HIGH DIFFUSION
A NEW ALGORITHM TO CONSTRUCT S-BOXES WITH HIGH DIFFUSIONA NEW ALGORITHM TO CONSTRUCT S-BOXES WITH HIGH DIFFUSION
A NEW ALGORITHM TO CONSTRUCT S-BOXES WITH HIGH DIFFUSION
 
A NEW ALGORITHM TO CONSTRUCT S-BOXES WITH HIGH DIFFUSION
A NEW ALGORITHM TO CONSTRUCT S-BOXES WITH HIGH DIFFUSIONA NEW ALGORITHM TO CONSTRUCT S-BOXES WITH HIGH DIFFUSION
A NEW ALGORITHM TO CONSTRUCT S-BOXES WITH HIGH DIFFUSION
 
AUTHENTICATED PUBLIC KEY ENCRYPTION SCHEME USING ELLIPTIC CURVE CRYPTOGRAPHY
AUTHENTICATED PUBLIC KEY ENCRYPTION SCHEME USING ELLIPTIC CURVE CRYPTOGRAPHYAUTHENTICATED PUBLIC KEY ENCRYPTION SCHEME USING ELLIPTIC CURVE CRYPTOGRAPHY
AUTHENTICATED PUBLIC KEY ENCRYPTION SCHEME USING ELLIPTIC CURVE CRYPTOGRAPHY
 
AUTHENTICATED PUBLIC KEY ENCRYPTION SCHEME USING ELLIPTIC CURVE CRYPTOGRAPHY
AUTHENTICATED PUBLIC KEY ENCRYPTION SCHEME USING ELLIPTIC CURVE CRYPTOGRAPHYAUTHENTICATED PUBLIC KEY ENCRYPTION SCHEME USING ELLIPTIC CURVE CRYPTOGRAPHY
AUTHENTICATED PUBLIC KEY ENCRYPTION SCHEME USING ELLIPTIC CURVE CRYPTOGRAPHY
 
Large Semi Primes Factorization with Its Implications to RSA.pdf
Large Semi Primes Factorization with Its Implications to RSA.pdfLarge Semi Primes Factorization with Its Implications to RSA.pdf
Large Semi Primes Factorization with Its Implications to RSA.pdf
 
Design Of Elliptic Curve Crypto Processor with Modified Karatsuba Multiplier ...
Design Of Elliptic Curve Crypto Processor with Modified Karatsuba Multiplier ...Design Of Elliptic Curve Crypto Processor with Modified Karatsuba Multiplier ...
Design Of Elliptic Curve Crypto Processor with Modified Karatsuba Multiplier ...
 
Ijetcas14 336
Ijetcas14 336Ijetcas14 336
Ijetcas14 336
 
Cryptography and its types and Number Theory .pptx
Cryptography and its types and Number Theory  .pptxCryptography and its types and Number Theory  .pptx
Cryptography and its types and Number Theory .pptx
 
A comparative analysis of the possible attacks on rsa cryptosystem
A comparative analysis of the possible attacks on rsa cryptosystemA comparative analysis of the possible attacks on rsa cryptosystem
A comparative analysis of the possible attacks on rsa cryptosystem
 
C452023.pdf
C452023.pdfC452023.pdf
C452023.pdf
 
Cryptosystem An Implementation of RSA Using Verilog
Cryptosystem An Implementation of RSA Using VerilogCryptosystem An Implementation of RSA Using Verilog
Cryptosystem An Implementation of RSA Using Verilog
 

Recently uploaded

2. protection of river banks and bed erosion protection works.ppt
2. protection of river banks and bed erosion protection works.ppt2. protection of river banks and bed erosion protection works.ppt
2. protection of river banks and bed erosion protection works.ppt
abdatawakjira
 
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024
Sinan KOZAK
 
OOPS_Lab_Manual - programs using C++ programming language
OOPS_Lab_Manual - programs using C++ programming languageOOPS_Lab_Manual - programs using C++ programming language
OOPS_Lab_Manual - programs using C++ programming language
PreethaV16
 
一比一原版(CalArts毕业证)加利福尼亚艺术学院毕业证如何办理
一比一原版(CalArts毕业证)加利福尼亚艺术学院毕业证如何办理一比一原版(CalArts毕业证)加利福尼亚艺术学院毕业证如何办理
一比一原版(CalArts毕业证)加利福尼亚艺术学院毕业证如何办理
ecqow
 
Generative AI Use cases applications solutions and implementation.pdf
Generative AI Use cases applications solutions and implementation.pdfGenerative AI Use cases applications solutions and implementation.pdf
Generative AI Use cases applications solutions and implementation.pdf
mahaffeycheryld
 
Open Channel Flow: fluid flow with a free surface
Open Channel Flow: fluid flow with a free surfaceOpen Channel Flow: fluid flow with a free surface
Open Channel Flow: fluid flow with a free surface
Indrajeet sahu
 
UNIT 4 LINEAR INTEGRATED CIRCUITS-DIGITAL ICS
UNIT 4 LINEAR INTEGRATED CIRCUITS-DIGITAL ICSUNIT 4 LINEAR INTEGRATED CIRCUITS-DIGITAL ICS
UNIT 4 LINEAR INTEGRATED CIRCUITS-DIGITAL ICS
vmspraneeth
 
Introduction to Computer Networks & OSI MODEL.ppt
Introduction to Computer Networks & OSI MODEL.pptIntroduction to Computer Networks & OSI MODEL.ppt
Introduction to Computer Networks & OSI MODEL.ppt
Dwarkadas J Sanghvi College of Engineering
 
Mechatronics material . Mechanical engineering
Mechatronics material . Mechanical engineeringMechatronics material . Mechanical engineering
Mechatronics material . Mechanical engineering
sachin chaurasia
 
Pressure Relief valve used in flow line to release the over pressure at our d...
Pressure Relief valve used in flow line to release the over pressure at our d...Pressure Relief valve used in flow line to release the over pressure at our d...
Pressure Relief valve used in flow line to release the over pressure at our d...
cannyengineerings
 
TIME TABLE MANAGEMENT SYSTEM testing.pptx
TIME TABLE MANAGEMENT SYSTEM testing.pptxTIME TABLE MANAGEMENT SYSTEM testing.pptx
TIME TABLE MANAGEMENT SYSTEM testing.pptx
CVCSOfficial
 
Null Bangalore | Pentesters Approach to AWS IAM
Null Bangalore | Pentesters Approach to AWS IAMNull Bangalore | Pentesters Approach to AWS IAM
Null Bangalore | Pentesters Approach to AWS IAM
Divyanshu
 
Blood finder application project report (1).pdf
Blood finder application project report (1).pdfBlood finder application project report (1).pdf
Blood finder application project report (1).pdf
Kamal Acharya
 
Applications of artificial Intelligence in Mechanical Engineering.pdf
Applications of artificial Intelligence in Mechanical Engineering.pdfApplications of artificial Intelligence in Mechanical Engineering.pdf
Applications of artificial Intelligence in Mechanical Engineering.pdf
Atif Razi
 
Prediction of Electrical Energy Efficiency Using Information on Consumer's Ac...
Prediction of Electrical Energy Efficiency Using Information on Consumer's Ac...Prediction of Electrical Energy Efficiency Using Information on Consumer's Ac...
Prediction of Electrical Energy Efficiency Using Information on Consumer's Ac...
PriyankaKilaniya
 
smart pill dispenser is designed to improve medication adherence and safety f...
smart pill dispenser is designed to improve medication adherence and safety f...smart pill dispenser is designed to improve medication adherence and safety f...
smart pill dispenser is designed to improve medication adherence and safety f...
um7474492
 
Software Engineering and Project Management - Software Testing + Agile Method...
Software Engineering and Project Management - Software Testing + Agile Method...Software Engineering and Project Management - Software Testing + Agile Method...
Software Engineering and Project Management - Software Testing + Agile Method...
Prakhyath Rai
 
Height and depth gauge linear metrology.pdf
Height and depth gauge linear metrology.pdfHeight and depth gauge linear metrology.pdf
Height and depth gauge linear metrology.pdf
q30122000
 
AI + Data Community Tour - Build the Next Generation of Apps with the Einstei...
AI + Data Community Tour - Build the Next Generation of Apps with the Einstei...AI + Data Community Tour - Build the Next Generation of Apps with the Einstei...
AI + Data Community Tour - Build the Next Generation of Apps with the Einstei...
Paris Salesforce Developer Group
 
AI-Based Home Security System : Home security
AI-Based Home Security System : Home securityAI-Based Home Security System : Home security
AI-Based Home Security System : Home security
AIRCC Publishing Corporation
 

Recently uploaded (20)

2. protection of river banks and bed erosion protection works.ppt
2. protection of river banks and bed erosion protection works.ppt2. protection of river banks and bed erosion protection works.ppt
2. protection of river banks and bed erosion protection works.ppt
 
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024
 
OOPS_Lab_Manual - programs using C++ programming language
OOPS_Lab_Manual - programs using C++ programming languageOOPS_Lab_Manual - programs using C++ programming language
OOPS_Lab_Manual - programs using C++ programming language
 
一比一原版(CalArts毕业证)加利福尼亚艺术学院毕业证如何办理
一比一原版(CalArts毕业证)加利福尼亚艺术学院毕业证如何办理一比一原版(CalArts毕业证)加利福尼亚艺术学院毕业证如何办理
一比一原版(CalArts毕业证)加利福尼亚艺术学院毕业证如何办理
 
Generative AI Use cases applications solutions and implementation.pdf
Generative AI Use cases applications solutions and implementation.pdfGenerative AI Use cases applications solutions and implementation.pdf
Generative AI Use cases applications solutions and implementation.pdf
 
Open Channel Flow: fluid flow with a free surface
Open Channel Flow: fluid flow with a free surfaceOpen Channel Flow: fluid flow with a free surface
Open Channel Flow: fluid flow with a free surface
 
UNIT 4 LINEAR INTEGRATED CIRCUITS-DIGITAL ICS
UNIT 4 LINEAR INTEGRATED CIRCUITS-DIGITAL ICSUNIT 4 LINEAR INTEGRATED CIRCUITS-DIGITAL ICS
UNIT 4 LINEAR INTEGRATED CIRCUITS-DIGITAL ICS
 
Introduction to Computer Networks & OSI MODEL.ppt
Introduction to Computer Networks & OSI MODEL.pptIntroduction to Computer Networks & OSI MODEL.ppt
Introduction to Computer Networks & OSI MODEL.ppt
 
Mechatronics material . Mechanical engineering
Mechatronics material . Mechanical engineeringMechatronics material . Mechanical engineering
Mechatronics material . Mechanical engineering
 
Pressure Relief valve used in flow line to release the over pressure at our d...
Pressure Relief valve used in flow line to release the over pressure at our d...Pressure Relief valve used in flow line to release the over pressure at our d...
Pressure Relief valve used in flow line to release the over pressure at our d...
 
TIME TABLE MANAGEMENT SYSTEM testing.pptx
TIME TABLE MANAGEMENT SYSTEM testing.pptxTIME TABLE MANAGEMENT SYSTEM testing.pptx
TIME TABLE MANAGEMENT SYSTEM testing.pptx
 
Null Bangalore | Pentesters Approach to AWS IAM
Null Bangalore | Pentesters Approach to AWS IAMNull Bangalore | Pentesters Approach to AWS IAM
Null Bangalore | Pentesters Approach to AWS IAM
 
Blood finder application project report (1).pdf
Blood finder application project report (1).pdfBlood finder application project report (1).pdf
Blood finder application project report (1).pdf
 
Applications of artificial Intelligence in Mechanical Engineering.pdf
Applications of artificial Intelligence in Mechanical Engineering.pdfApplications of artificial Intelligence in Mechanical Engineering.pdf
Applications of artificial Intelligence in Mechanical Engineering.pdf
 
Prediction of Electrical Energy Efficiency Using Information on Consumer's Ac...
Prediction of Electrical Energy Efficiency Using Information on Consumer's Ac...Prediction of Electrical Energy Efficiency Using Information on Consumer's Ac...
Prediction of Electrical Energy Efficiency Using Information on Consumer's Ac...
 
smart pill dispenser is designed to improve medication adherence and safety f...
smart pill dispenser is designed to improve medication adherence and safety f...smart pill dispenser is designed to improve medication adherence and safety f...
smart pill dispenser is designed to improve medication adherence and safety f...
 
Software Engineering and Project Management - Software Testing + Agile Method...
Software Engineering and Project Management - Software Testing + Agile Method...Software Engineering and Project Management - Software Testing + Agile Method...
Software Engineering and Project Management - Software Testing + Agile Method...
 
Height and depth gauge linear metrology.pdf
Height and depth gauge linear metrology.pdfHeight and depth gauge linear metrology.pdf
Height and depth gauge linear metrology.pdf
 
AI + Data Community Tour - Build the Next Generation of Apps with the Einstei...
AI + Data Community Tour - Build the Next Generation of Apps with the Einstei...AI + Data Community Tour - Build the Next Generation of Apps with the Einstei...
AI + Data Community Tour - Build the Next Generation of Apps with the Einstei...
 
AI-Based Home Security System : Home security
AI-Based Home Security System : Home securityAI-Based Home Security System : Home security
AI-Based Home Security System : Home security
 

A New Signature Protocol Based on RSA and Elgamal Scheme

  • 1. International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016 DOI: 10.5121/ijitmc.2016.4302 11 A NEW SIGNATURE PROTOCOL BASED ON RSA AND ELGAMAL SCHEME J. Ettanfouhi and O. Khadir Laboratory of Mathematics, Cryptography and Mechanics, Fstm, University Hassan II of Casablanca, Morocco ABSTRACT In this paper, we present a new signature scheme based on factoring and discrete logarithm problems. Derived from a variant of ElGamal signature protocol and the RSA algorithm, this method can be seen as an alternative protocol if known systems are broken. KEYWORDS Factoring, DLP, PKC, ElGamal signature scheme, RSA. MSC: 60 94A 1. INTRODUCTION In 1977, Rivest, Shamir, and Adleman[6 ] described the famous RSA algorithm which is based on the presumed difficulty of factoring large integers. In 1985, ElGamal [2] proposed a signature digital protocol that uses the hardness of the discrete logarithm problem[5 p.116, 7 p. 213, 8 p. 228 ]. Since then, many similar schemes were elaborated and published[1,3]. Among them, a new variant was conceived in 2010 by the second author[ 4 ].In this work, we apply a combination of the new variant of Elgamal and RSA algorithm to build a secure digital signature. The efficiency of the method is discussed and its security analyzed. The paper is organised as follows: In section 2, we describe the basic ElGamal digital signature algorithm and its variant. Section 3 is devoted to our new digital signature method. We end with the conclusion in section 4. In the paper, we will respect ElGamal work notations [3]. N, Z are respectively the sets of integers and non-negative integers. For every positive integer n , we denote by Z Z n / the finite ring of modular integers and by * ) / ( Z Z n the multiplicative group of its invertible elements. Let a ,b , c be three integers. The GCD of a and b is written as ) , ( b a gcd . We write ] [ 0.1 c cm b a ≡ if c divides b a − , and c b a mod = if a is the rest in the division of b by c . The bit length of n is the number of bits in its binary model, with n an integer .We start by presenting the basic ElGamal digital signature algorithm and its variant:
  • 2. International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016 12 2. ELGAMAL SIGNATURE SCHEME In this section we recall ElGamal signature scheme[2] and its variant[4]. 1. Alice chooses three numbers: - p , a large prime integer. - α , a primitive root of the finite multiplicative group * ) / ( Z Z p - x , a random element of {1,2,..., 1 − p } 2. She computes x y α = mod p . Alice’s public key is ) , , ( y p α , and x is her private key. 3. To sign the document m , Alice must solve the problem: (1) where s r, are the unknown variables. Alice fixes arbitrary r to be k r α = mod p , where k is chosen randomly and invertible modulo 1 − p . Equation (1) is then equivalent to: (2) Since Alice has the secret key x , and as the number k is invertible modulo 1 − p , she calculates the other unknown variable s by (3) 4. Bob can verify the signature by checking if congruence (1) is valid for the variables r and s given by Alice. 3. VARIANT OF ELGAMAL SIGNATURE SCHEME We present a variant of ElGamal digital signature system. This variant Error! Reference source not found. is based on the equation: (4) t s r , , are the unknown parameters, and ) , , ( y p α are Alice public keys. p is an integer (a large prime). α is a primitive root of * p Z . y is calculated by x y α = mod p . x is a random element of {1,2,...,p-1}.
  • 3. International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016 13 Let ) ( = M h m , where h is a hash function, and M the message to be signed by Alice. To give the solution (3), she fixes randomly r as p mod r k α ≡ , and s to be p mod s l α ≡ , where l k, are selected arbitrary in {1,2,...,p-1}. Equation (3) is then equivalent to: (5) as Alice recognize the values of x m l k s r , , , , , , she is able to calculate the last unknown variable t . Bob verify the signature by verifying the congruence (4). this system does not use the extended Euclidean algorithm for calculating 1) ( 1 − − p mod k . We clarify the scheme by the example given by the creator of this alternative[4]. 3.1 EXAMPLE Let ) , , ( y p α be Alice public keys where: 509 = p , 2 = α and 482 = y . We assert that we are not confident if using a small value of α does not abate the protocol. The private key is 281 = x . Suppose that Alice wants to generate a signature for the document M for which 432[508] ) ( ≡ ≡ M h m with the exponents 208 = k and 386 = l are randomly taken. She computes ] 332[ 2208 p r k ≡ ≡ ≡ α , ] 39[ 2386 p s l ≡ ≡ ≡ α and 1] 440[ − ≡ + + ≡ p lm ks rx t . Bob or anyone can verify the relation ] [p s r y m s r t ≡ α . Indeed, we find that ] 436[p ≡ α and ] 436[p s r y m s r ≡ . 4. OUR PROTOCOL 4.1 DESCRIPTION In this section, we describe our new digital signature. The protocol is based simultaneously on two hard problems. We assume first that h is a public secure hash function like SHA1[5 p.348, 7 p. 242 , 8 p.133]. We suppose that Alice public keys are ) , , , ( e y P α where: - 1 2 = + pq P , p , q are three primes. - α , a primitive root of the multiplicative group * ) / ( Z Z p . - x y α = mod P , where x is the private key of Alice, which is randomly taken in 1} {1,2,..., − P .
  • 4. International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016 14 - Element e is the public exponent in the RSA cryptosystem. We propose the following protocol: If Alice wants to sign the message M , she must give a solution for the modular equation: (6) where ) ( = M h m mod p , and r , s , t are unknown. To solve equation (5) , Alice starts by putting: (7) (8) Equation (5) becomes: (9) Alice uses the new variant of Elgamal algorithm[4] to solve equation (9) and to get the values of r′ , s′ and t . Then with her RSA private key she solves equations (7) and (8) . The cupel r and s is her signature for the message M . Bob or anybody can check that the signature is valid by replacing r , s and t in relation (5) . 4.2 EXAMPLE Let us illustrate the method by the following example. Suppose that Alice’s public key is: 104543 = 1 313 * 167 * 2 = + P , 5 = α , 23292 = y , 7 = e . The private keys for RSA and ElGamal systems are respectively: 9502 = x , 7399 = d . Assume that 12345 = ) ( = M h m is the hashed message that she likes to sign. If she takes Randomly 845 = k and 2561 = l . She will find from equation 8 that 17744 = r′ , 31839 = s′ . Relation 4 implies 57764 = t . Alice uses (6) and (7) to obtain:
  • 5. International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016 15 r ≡ 1] [ − ′ P r d ≡ 75282 s ≡ 1] [ − ′ P s d ≡ 19005. To verify Bob puts 62833 = mod = P A t α , 79849 = mod = 1 mod P y B P e r − , 83421 = mod 1) mod ( = 1) mod ( P P r C P e s e − − and 212997 = mod 1) mod ( = P P s D m e − , and checks if P D C B A mod * * = . 4.3 SECURITY ANALYSIS Now that we have presented the protocol, we will discuss some possible attacks. Assume that Oscar is Alice’s opponent. ATTACK 1: If the attacker try to imitate the computation made by Alice, he can find r and s , but to find t he needs the value of the private key x to solve equation 4 . ATTACK 2: Suppose Oscar is capable to solve the discrete logarithm problem [2]. He cannot calculate r and s from equation (7) and (8) he will be confronted to the factorisation of a large composite modulus [5,8]. ATTACK 3: Suppose Oscar is capable to solve RSA equations (7) and (8) . Oscar cannot get t from equation (9) since x is Alice’s secret key. If he tries to get t from equation (4) , he will be stopped by the discrete logarithm problem. 4.4 COMPLEXITY OF OUR ALGORITHM As in [1], let exp T , mult T and h T be appropriately the time to calculate an exponentiation, a multiplication and hash function of a document M . We neglect the time needed for modular substraction, additions, comparisons and apply the conversion mult exp T T 240 = . 4.4.1 SIGNATURE COMPLEXITY To sign the message M , Alice must compute the six parameters: ) ( = M h m mod P , k r α ≡ ′ ] [P , l s α ≡ ′ ] [P , d r r ′ ≡ 1] [ − P , d s s ′ ≡ 1] [ − P , lm s k r x t + ′ + ′ ≡ 1] [ − P . Alice needs to perform four modular exponentiations, three modular multiplications and one hash function computation. So the global required time is : h mult h mult exp T T T T T T + + + 963 = 3 4 = 1 4.4.2 VERIFICATION COMPLEXITY Bob should calculate 4 exponentiations, 2 multiplications and one hash function. So the global required time is : h mult h mult exp T T T T T T + + + 962 = 2 4 = 2
  • 6. International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016 16 5. CONCLUSION In this work, we proposed a new signature protocol that can be an alternative if old systems are broken. Our method is based simultanyously on RSA cryptosystem and DLP. ACKNOWLEDGEMENTS This work is supported by the MMS e-orientation project. REFERENCES [1] R. R. Ahmad, E. S. Ismail,and N. M. F. Tahat , A new digital signature scheme based on factoring and discrete logarithms , J. of Mathematics and Statistics (4): (2008), pp. . [2] T. ElGamal, A public key cryptosystem and a signature scheme based on discrete logarithm problem, IEEE Trans. Info. Theory, IT-31, (1985), pp. . [3] L.C. Guillou, J.J. Quisquater, A Paradoxial Identity-based SIgnature Scheme Resulting from Zero- Knowledge, Advances in cryptography, LNCS 403, (1990) pp. . [4] O. Khadir, New variant of ElGamal signature scheme, Int. J. Contemp. Math. Sciences, Vol. 5, no. 34, (2010), pp. . [5] A. J. Menezes, P. C. van Oorschot and S. A. Vanstone, Handbook of applied cryptography, CRC Press, Boca Raton, Florida, 1997. [6] R. Rivest, A. Shamir and L. Adeleman, A method for obtaining digital signatures and public key cryptosystems, Communication of the ACM, Vol. no 21, (1978), pp. . [7] J. Buchmann, Introduction to Cryptography,(Second Edition), Springer 2000. [8] D. R. Stinson, Cryptography, theory and practice, second Edition, Chapman & Hall/CRC, 2006. Authors Jaouad Ettanfouhi holds an engineer degree in Computer Science from the University of Hassan II of Casablanca (2011). Member of the laboratory of Mathematics, Cryptography and Mechanics, he is preparing a thesis in public key cryptography. Dr Omar Khadir received his Ph.D. degree in Computer Science from the University of Rouen, France (1994). Co-founder of the Laboratory of Mathematics, Cryptography and Mechanics at the University of Hassan II Casablanca, Morocco, where he is a professor in the Department of Mathematics. He teaches cryptography for graduate students preparing a degree in computer science. His current research interests include public key cryptography, digital signature, primality, factorisation of large integers and more generally, all subjects connected to the information technology.