The document provides an overview of digital signatures and several digital signature schemes, including Elgamal, Schnorr, NIST DSA, and RSA-PSS. It describes the key properties and requirements of digital signatures. It then explains the technical details and signature generation/verification processes for each scheme. For Elgamal, it covers key generation, signature formation, and verification. For Schnorr, it outlines the key generation, signature generation steps, and verification step. It also discusses the design and processes of NIST DSA and RSA-PSS digital signature algorithms in multiple sections.
Information and network security 46 digital signature algorithmVaibhav Khanna
The Digital Signature Algorithm (DSA) is a Federal Information Processing Standard for digital signatures, based on the mathematical concept of modular exponentiation and the discrete logarithm problem. DSA is a variant of the Schnorr and ElGamal signature schemes
A very clear presentation on Crytographic Alogotithms DES and RSA with basic concepts of cryptography. This presented by students of Techno India, Salt Lake.
Information and network security 46 digital signature algorithmVaibhav Khanna
The Digital Signature Algorithm (DSA) is a Federal Information Processing Standard for digital signatures, based on the mathematical concept of modular exponentiation and the discrete logarithm problem. DSA is a variant of the Schnorr and ElGamal signature schemes
A very clear presentation on Crytographic Alogotithms DES and RSA with basic concepts of cryptography. This presented by students of Techno India, Salt Lake.
Information and network security 45 digital signature standardVaibhav Khanna
The Digital Signature Standard is a Federal Information Processing Standard specifying a suite of algorithms that can be used to generate digital signatures established by the U.S. National Institute of Standards and Technology in 1994
Information and data security pseudorandom number generation and stream cipherMazin Alwaaly
Information And Data Security Pseudorandom Number Generation and Stream Cipher seminar
Mustansiriya University
Department of Education
Computer Science
HASH FUNCTIONS AND DIGITAL SIGNATURES
Authentication requirement – Authentication function – MAC – Hash function – Security of hash function and MAC –MD5 – SHA – HMAC – CMAC – Digital signature and authentication protocols – DSS – EI Gamal – Schnorr.
LDPC Encoding is explained in this ppt. for MATLAB code and more information you can visit link given below:
http://www.slideshare.net/bhagwatsinghmahecha/itc-final-report
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
Information and network security 45 digital signature standardVaibhav Khanna
The Digital Signature Standard is a Federal Information Processing Standard specifying a suite of algorithms that can be used to generate digital signatures established by the U.S. National Institute of Standards and Technology in 1994
Information and data security pseudorandom number generation and stream cipherMazin Alwaaly
Information And Data Security Pseudorandom Number Generation and Stream Cipher seminar
Mustansiriya University
Department of Education
Computer Science
HASH FUNCTIONS AND DIGITAL SIGNATURES
Authentication requirement – Authentication function – MAC – Hash function – Security of hash function and MAC –MD5 – SHA – HMAC – CMAC – Digital signature and authentication protocols – DSS – EI Gamal – Schnorr.
LDPC Encoding is explained in this ppt. for MATLAB code and more information you can visit link given below:
http://www.slideshare.net/bhagwatsinghmahecha/itc-final-report
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
The Art Pastor's Guide to Sabbath | Steve ThomasonSteve Thomason
What is the purpose of the Sabbath Law in the Torah. It is interesting to compare how the context of the law shifts from Exodus to Deuteronomy. Who gets to rest, and why?
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
The Roman Empire A Historical Colossus.pdfkaushalkr1407
The Roman Empire, a vast and enduring power, stands as one of history's most remarkable civilizations, leaving an indelible imprint on the world. It emerged from the Roman Republic, transitioning into an imperial powerhouse under the leadership of Augustus Caesar in 27 BCE. This transformation marked the beginning of an era defined by unprecedented territorial expansion, architectural marvels, and profound cultural influence.
The empire's roots lie in the city of Rome, founded, according to legend, by Romulus in 753 BCE. Over centuries, Rome evolved from a small settlement to a formidable republic, characterized by a complex political system with elected officials and checks on power. However, internal strife, class conflicts, and military ambitions paved the way for the end of the Republic. Julius Caesar’s dictatorship and subsequent assassination in 44 BCE created a power vacuum, leading to a civil war. Octavian, later Augustus, emerged victorious, heralding the Roman Empire’s birth.
Under Augustus, the empire experienced the Pax Romana, a 200-year period of relative peace and stability. Augustus reformed the military, established efficient administrative systems, and initiated grand construction projects. The empire's borders expanded, encompassing territories from Britain to Egypt and from Spain to the Euphrates. Roman legions, renowned for their discipline and engineering prowess, secured and maintained these vast territories, building roads, fortifications, and cities that facilitated control and integration.
The Roman Empire’s society was hierarchical, with a rigid class system. At the top were the patricians, wealthy elites who held significant political power. Below them were the plebeians, free citizens with limited political influence, and the vast numbers of slaves who formed the backbone of the economy. The family unit was central, governed by the paterfamilias, the male head who held absolute authority.
Culturally, the Romans were eclectic, absorbing and adapting elements from the civilizations they encountered, particularly the Greeks. Roman art, literature, and philosophy reflected this synthesis, creating a rich cultural tapestry. Latin, the Roman language, became the lingua franca of the Western world, influencing numerous modern languages.
Roman architecture and engineering achievements were monumental. They perfected the arch, vault, and dome, constructing enduring structures like the Colosseum, Pantheon, and aqueducts. These engineering marvels not only showcased Roman ingenuity but also served practical purposes, from public entertainment to water supply.
Ethnobotany and Ethnopharmacology:
Ethnobotany in herbal drug evaluation,
Impact of Ethnobotany in traditional medicine,
New development in herbals,
Bio-prospecting tools for drug discovery,
Role of Ethnopharmacology in drug evaluation,
Reverse Pharmacology.
Instructions for Submissions thorugh G- Classroom.pptxJheel Barad
This presentation provides a briefing on how to upload submissions and documents in Google Classroom. It was prepared as part of an orientation for new Sainik School in-service teacher trainees. As a training officer, my goal is to ensure that you are comfortable and proficient with this essential tool for managing assignments and fostering student engagement.
The French Revolution, which began in 1789, was a period of radical social and political upheaval in France. It marked the decline of absolute monarchies, the rise of secular and democratic republics, and the eventual rise of Napoleon Bonaparte. This revolutionary period is crucial in understanding the transition from feudalism to modernity in Europe.
For more information, visit-www.vavaclasses.com
Palestine last event orientationfvgnh .pptxRaedMohamed3
An EFL lesson about the current events in Palestine. It is intended to be for intermediate students who wish to increase their listening skills through a short lesson in power point.
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
2. Index
13.1 Digital Signatures
13.2 Elgamal Digital Signature Scheme
13.3 Schnorr Digital Signature Scheme
13.4 NIST Digital Signature Algorithm
13.6 RSA-PSS Digital Signature Algorithm
2
3. 13.1 Digital Signature - Properties
• It must verify the author and the date and time of the
signature.
• It must authenticate the contents at the time of the
signature.
• It must be verifiable by third parties, to resolve disputes.
• The digital signature function includes authentication.
3
7. Attacks and Forgeries
• Total break
• Universal forgery
• Selective forgery
• Existential forgery
7
8. Digital Signature Requirements
• It must be a bit pattern that depends on the message.
• It must use some information unique to the sender to
prevent both forgery and denial.
• It must be relatively easy to produce the digital signature.
• It must be relatively easy to recognize and verify the
digital signature.
• It must be computationally infeasible to forge a digital
signature, either by constructing a new message for an
existing digital signature or by constructing a fraudulent
digital signature for a given message.
• It must be practical to retain a copy of the digital signature
in storage.
8
9. Direct Digital Signature
• Digital signature scheme that involves only the
communication parties.
• It must authenticate the contents at the time of the
signature.
• It must be verifiable by third parties, to resolve disputes.
• Thus, the digital signature function includes the
authentication function.
9
10. 13.2 Elgamal Digital Signature Scheme(1)
• Elgamal signature is designed to enable encryption by
user`s private key, and decryption by the user`s public key.
• First, there are prime number q and its primitive root 𝑎.
• Key generation
• Generate a random integer 𝑋𝐴, such that 1< 𝑋𝐴 < q - 1.
• Compute 𝑌
𝐴= 𝑎𝑋𝐴 mod q.
• A’s private key is 𝑋𝐴; A’s pubic key is {q, 𝑎, 𝑌𝐴}.
10
11. Elgamal Digital Signature Scheme(2)
• Digital signature forms
• m = H(M),
• Choose a random integer K such that 1 ≤ K ≤ q - 1 and gcd(K, q -
1) = 1.That is, K is relatively prime to q - 1.
• Compute S1 = 𝑎𝐾
mod q. Note that this is the same as the
computation of C1 for Elgamal encryption.
• Compute 𝐾−1
𝑚𝑜𝑑(𝑞 − 1). That is, compute the inverse of K
modulo q - 1.
• Compute S2 = 𝐾−1
𝑚 − 𝑋𝐴𝑆1 𝑚𝑜𝑑 (𝑞 − 1).
• The signature consists of the pair (𝑆1, 𝑆2).
• Any user B can verify the signature as
• Compute 𝑉1 = 𝑎𝑚
mod q.
• Compute 𝑉2 = 𝑌
𝐴
𝑆1 𝑆1
𝑆2 𝑚𝑜𝑑 𝑞.
• The signature is valid if V1 = V2
11
13. 13.3 Schnorr Digital Signature Scheme
• Minimize the message-dependent computation.
• Key generation steps
• Choose primes p and q, such as q is a prime factor of p-1
• p is 1024 bit , q is 160bit num(as SHA-1)
• Choose an integer a, such that 𝑎𝑞 = 1 𝑚𝑜𝑑 𝑝. the values 𝑎, 𝑝 𝑎𝑛𝑑 𝑞
comprise a global public key that can be common to a group of
user
• Choose a random integer s with 0 < s < q. this is the user`s private
key
• Calculate 𝑣 = 𝑎−𝑠
𝑚𝑜𝑑 𝑝. this is the user public key.
• a,p,q : global public key
• s: user`s private key
• v: user`s public key
13
14. Schnorr Digital Signature Scheme(2)
• Signature generation steps
• Choose a random integer r with 0<r<q and compute x = 𝑎𝑟𝑚𝑜𝑑 𝑝.
this computation is a preprocessing state independent of the
message M to be signed
• Concatenate the message with x and hash the result to compute
the value e: e = H(M||x)
• Compute 𝑦 = 𝑟 + 𝑠𝑒 𝑚𝑜𝑑𝑞 the signature consists of the pair (e.y).
• Signature verification step
• Compute 𝑥` = 𝑎𝑦𝑣𝑒 𝑚𝑜𝑑 𝑝.
• Verify that e = H(M||x`)
• To see the verification works, observe that
• 𝑥` ≡ 𝑎𝑦𝑣𝑒 = 𝑎𝑦𝑎−𝑠𝑒 = 𝑎𝑦−𝑠𝑒 = 𝑎𝑟 = 𝑥 𝑚𝑜𝑑 𝑝
• Hence, H(M||x`) = H(M||x).
14
15. 13.4 NIST Digital Signature
Algorithm(DSA)
• DSA is designed to provide only the digital signature by
the National Institute of Standards and Technology.
• DSA is a public key technique.
• It is FIPS 186 proposed in 1991 and revised in 1993
• In 2000, an expended version was issued as FIPS 186-2
• In 2009, FIPS 186-3 is proposed based on RSA and
elliptic curve cryptography.
15
17. NIST Digital Signature Algorithm(3)
• DSA is based on the difficulty of computing DLP
• Also it is based on the Elgamal and Schnorr scheme.
• It`s main processes are independent on Message.
17
20. 13.6 RSA-PSS Digital Signature Algorithm
• RSA Probabilistic Signature Scheme (RSA-PSS), which is
the latest of the RSA schemes and the one that RSA
Laboratories recommends as the most secure of the RSA
schemes.
• RSA-based schemes differ mainly in the padding format,
and in how the verification operation determines that the
hash and message representative are consistent
• Before PSS, there was not been possible to develop
mathematical proof that scheme is secure as RSA
encryption/decryption.
20
21. RSA-PSS Digital Signature Algorithm(2)
• Mask Generation Function (MGF) is used as a building
fixed length output.
• MGF(X,maskLen): bit string X in any length, desired
length L in octets of the ouput.
• Typically based on hash function as SHA-1
• In RSA-PSS, MGF 1 is used with the parameters:
Option Hash: hash function with output hLen octets
Input X: octet string to be masked
maskLen: length in octets of mask
Output mask: an octet string of length maskLen
21
22. RSA-PSS Digital Signature Algorithm(3)
• MGF1 is defined as follows:
• Initialize variables
T = empty string
K = [maskLen / hLen ] -1
• Calculate intermediate values
For counter = 0 to k
Represent counter as a 32-bit string C
T = T || Hash(X || C)
• Output results
Mask = the leading maskLen octets of T
22
23. RSA-PSS Digital Signature Algorithm(4)
• If maskLen = hLen, the output is the hash of the X
concatenated with 32-bit counter value of 0.
• If maskLen is bigger than hLen, MGF1 iterate by hashing
X concatenated with the counter and appeding that to the
current string T.
• output : Hash(X||0)||Hash(X||1)||…||Hash(X||K)
• This is repeated until T is greater or equal with maskLen,
at which point the output is the first maskLen octets of T
23
24. RSA-PSS Digital Signature Algorithm(5)
The Signing Operation
• Message Encoding: generating encoded message(EM)
• Options Hash: hash function with output hLen octets.
the SHA-1 produces a 20-octet hash value.
MGF: mask generation function, MGF1
sLen: length in octests of the salt. Typycally
sLen = hLen, now its 20 octets.
• Input M: message to be encoded for signing
emBits: this value is one less than the length
in bits of the RSA modulus n
• Output EM: encoded message,
24
25. RSA-PSS Digital Signature Algorithm(6)
Parameters
• emLen
• length of EM in octets = [emBits/8]
• Padding1
• hexadecimal string 00 * 8; that is a string of 64 zero bits.
• Padding2
• hexadecimal string of 00 octets with a length(emLen – sLen – hLen
-2) octets, followed by hexadecimal octet with value 01
• Salt
• A pseudorandom number
• bc
• The hexadecimal value BC
25
26. RSA-PSS Digital Signature Algorithm(7)
The encoding process
1. Generate the hash value of M: mHash = Hash(M’)
2. Generate a pseudorandom octet string salt and form
block M’ padding1 || mHash || salt
3. Generate the hash value of M’: H = Hash(M’)
4. Form data block DB=padding2||salt
5. Calculate the MGF value of H: dbMask=MGF(H,emLen-
hLen-1)
6. Calculate maskedDB = DB 𝑑𝑏𝑀𝑎𝑠𝑘
7. Set the leftmost 8emLen-emBits bits of the leftmost
octet in masked DB to 0
8. EM = masked DB || H || bc
26
27. RSA-PSS Digital Signature Algorithm(8)
• Forming the Signature
• Private key {d, n}, public key {e, n}
• Treat the octet string EM as an unsigned, nonnegative
binary integer m. the signature s is formed by encrypting
octet string S of length k octets.
• 𝑠 = 𝑚𝑑 𝑚𝑜𝑑 𝑛
• Let k be the length in octets of the RSA modulus n.
• If key size is 2048bits, then k = 2048/8=256.
• Then convert the signature value s into the octet string S
of length k octets.
27
29. RSA-PSS Digital Signature Algorithm(9)
Signature verification
• Decryption
• The message digest m is recovered by decrypting s
m = 𝑠𝑒
𝑚𝑜𝑑 𝑛
• Then, convert m to EM of length emLen = [modBits -
1)/8]octets, where modBits is the length in bits of the
modulus n.
29
30. RSA-PSS Digital Signature Algorithm(9)
EM Verification
1. Geneerate the hash value of M: mHash = Hash(M)
2. If emLen < hLen + sLen + 2, output “inconsistent” and stop
3. If the rightmost octet of EM does not have hexadecimal value
BC, output “inconsistent” and stop
4. Let maskedDB be the leftmost emLen - hLen - 1 octets of EM,
and let H be the next hLen octets
5. If the leftmost 8emLen - emBits bits of the leftmost octet in
maskedDB are not all equal to zero, output “inconsistent” and
stop
6. Calculate dbMask = MGF (H, emLen - hLen - 1)
30
31. RSA-PSS Digital Signature Algorithm(9)
7. Calculate DB = maskedDB dbMsk
8. Set the leftmost 8emLen − emBits bits of the leftmost
octet in DB to zero
9. If the leftmost (emLen - hLen - sLen - 1) octets of DB
are not equal to padding2,output “inconsistent” and stop
10. Let salt be the last sLen octets of DB
11. Form block M’ = padding1 || mHash ||salt
12. Generate the hash value of M’: H’ = Hash(M’)
13. If H = H’, output “consistent.” Otherwise, output
“inconsistent”
31