The document discusses digital signatures and the Digital Signature Standard (DSS). It notes that DSS uses the Digital Signature Algorithm (DSA) as specified by the National Institute of Standards and Technology (NIST). DSA operates using asymmetric cryptography like RSA but is intended solely for digital signatures, not encryption. There was political opposition from RSA Data Security to NIST making DSA freely available. The document then provides detailed explanations of how digital signatures work using both the RSA and DSA algorithms.

2. Digital Signature Standard(DSS)
 DSS was developed for performing digital signatures.
 National Institute of Standard and Technology (NIST)
published the DSS standard as the Federal
Information Processing Standard.
 DSS makes use of an algorithm called as Digital
Signature Algorithm (DSA)
 DSS is the standard and DSA is the actual algorithm

3.  Like RSA, DSA is also based on asymmetric key
cryptography
 Their objectives are different
 RSA is used for encrypting a message. It can also
used for performing digital signature
 DSA is used only for performing digital signature over
a message. It cannot used for encryption

4. Politics of Digital Signature Algorithm
 NIST – the developer of DSA was to make DSA a
free piece of digital signature software.
 RSA Data Security Inc(RSADSI) which controls the
licensing of all RSA products.
 They had invested a great amount of money and
efforts in the RSA algorithm
 So They against the use of DSA.

5. RSA and Digital Signature
 RSA can be used for performing digital signatures
 Assume that the sender (A) wants to send a
message M to the receiver (B) along with the digital
signature (S) calculated over the message (M)
Step 1:
The sender (A) uses the SHA-1 message digest
algorithm to calculate the message digest (MD1)
over the original message (M)

6. Message digest Calculation

7. Step 2:
 The sender (A) now encrypts the message digest
with her private key.
 The output of this process is called as the digital
signature (DS) of A

8. Step 3:
Sender (A) sends the original message (M)
along with the digital signature (DS) to the receiver
(B)

9. Step 4:
After the receiver (B) receives the original message (M)
and the sender’s (A’s) digital signature, B uses the same
message digest algorithm as was used by the A and calculates
its own message digest (MD2)

10. Step 5:
The receiver now uses the sender’s (A’s) public key to
decrypt the digital signature
Note that A had used her private key to encrypt her
message digest (MD1) to form digital signature
Only A’s public key can be used to decrypt it
The output of this process is the original message
digest as was calculated by A (MD1) in step 1

11.  B now compares the following two message digest
if MD1 = MD2 ,
the following facts are established
 B accepts the original message (M) as the correct,
unaltered, message from A.
 B is also assured that the message came from A and
not from someone posing as A

13. DSA and Digital Signature
 DSA is quite complicated and mathematical in nature
 Variables used in DSA are
p = A prime no of length L bits
L = multiple of 64 between 512 and 1024
(ie. L = 512 or 576 or 640 or …. 1024)
q = A 160 bit prime factor of (p-1)
g = h(p-1)/q mod p, where h is a number less than (p-1)
such that h(p-1)/q mod p is greater than 1

14. x = A number less than q
y = gx mod p
H = Message Digest algorithm (usually SHA-1)
 The variables p,q and g are public
 Private key  x
 Public key  y
 Sender sign the message and send it to the receiver. It
takes following steps

15. 1. Sender generates a random number k, which is less than q
2. The sender now calculates:
r=(gk mod p)mod q
s=(k-1 (H(m)+xr))mod q
Values r and s are the signature of the sender. Sender sends
These to the receiver. To verify the signature, the receiver
Calculates:
3. w = s-1 mod q
u1 = (H(m)*w)mod q
u2 = (rw)mod q
v=((gu1 * yu2 ) mod p ) mod q
If v=r, the signature is said to be verified. Otherwise, it is
rejected