8/18/2019 Digital Signature Standard
1/28
Network Security
Digital Signatures
8/18/2019 Digital Signature Standard
2/28
Digital Signatures
have looked at message authentication but does not address issues of lack of trust
digital signatures provide the ability to: verify author, date & time of signature authenticate message contents be verified by third parties to resolve disputes
hence include authentication function withadditional capabilities
RQ
8/18/2019 Digital Signature Standard
3/28
Digital Signature !roperties
must depend on the message signed
must use information uni"ue to sender to prevent both forgery and denial
must be relatively easy to produce must be relatively easy to recogni#e & verify
be computationally infeasible to forge
with new message for e$isting digital signature with fraudulent digital signature for given message
be practical save digital signature in storage
RQ %
8/18/2019 Digital Signature Standard
4/28
nclusion
' conventional signature is included in the
document( it is part of the document) *ut when
we sign a document digitally, we send thesignature as a separate document)
RQ +
8/18/2019 Digital Signature Standard
5/28
erification -ethod
.or a conventional signature, when the recipient
receives a document, she compares the signature on
the document with the signature on file) .or a digitalsignature, the recipient receives the message and the
signature) /he recipient needs to apply a verification
techni"ue to the combination of the message and the
signature to verify the authenticity)
RQ 0
8/18/2019 Digital Signature Standard
6/28
Relationship
RQ 1
.or a conventional signature, there is normally a one
to2many relationship between a signature and
documents) .or a digital signature, there is a one2to2one relationship between a signature and a message)
8/18/2019 Digital Signature Standard
7/28
Duplicity
RQ 3
n conventional signature, a copy of the signed
document can be distinguished from the original one
on file) n digital signature, there is no such distinctionunless there is a factor of time on the document)
8/18/2019 Digital Signature Standard
8/28
Digital Signature !rocess
RQ 4
8/18/2019 Digital Signature Standard
9/28
Need for 5eys
RQ 6
' digital signature needs a public2key system)/he signer signs with her private key( the verifier verifies with the
signer7s public key)
8/18/2019 Digital Signature Standard
10/28
Signing the Digest
RQ 89
8/18/2019 Digital Signature Standard
11/28
Services
e discussed several security services including
message confidentiality, message authentication,
message integrity, and Nonrepudiation) ' digitalsignature can directly provide the last three( for
message confidentiality we still need encryption
;decryption)
RQ 88
8/18/2019 Digital Signature Standard
12/28
Digital signature approaches
' variety of approaches has been
proposed for the digital signature
function) /hese approaches fall into two
categories
Direct Digital Signature 'rbitrated Digital Signature
RQ 8
8/18/2019 Digital Signature Standard
13/28
Direct Digital Signatures
involve only sender & receiver assumed receiver has sender7s public2key
digital signature made by sender signingentire message or hash with private2key
can encrypt using receivers public2key important that sign first then encrypt
message & signature security depends on sender7s private2key
RQ 8%
8/18/2019 Digital Signature Standard
14/28
Direct Digital Signatures
!roblems with direct signatures: alidity of scheme depends on the
security of the sender7s private key
sender may later deny sending a certain
message)
!rivate key may actually be stolen from <
at time /, so timestamp may not help)
RQ 8+
8/18/2019 Digital Signature Standard
15/28
'rbitrated Digital Signatures
involves use of arbiter ' validates any signed message
then dated and sent to recipient
re"uires suitable level of trust in arbiter
can be implemented with either private
or public2key algorithms arbiter may or may not see message
RQ 80
8/18/2019 Digital Signature Standard
16/28
/rusted =entre for
Nonrepudiation
RQ 81
Nonrepudiation can be provided using a trusted
party)
8/18/2019 Digital Signature Standard
17/28
'dding =onfidentiality
RQ 83
' digital signature does not provide privacy)
f there is a need for privacy, another layer of
encryption;decryption must be applied)
8/18/2019 Digital Signature Standard
18/28
Digital Signature Schemes
Several digital signature schemes have evolved during
the last few decades) Some of them have been
implemented like :
RS' Digital Signature Scheme
Digital Signature Standard >DSS?
RQ 84
8/18/2019 Digital Signature Standard
19/28
RS' Digital Signature Scheme
RQ 86
Signing and erifying
8/18/2019 Digital Signature Standard
20/28
@$ample
RQ 9
's a trivial e$ample, suppose that 'lice chooses p A 4% and q A 60%,
and calculates n A 34+%86) /he value of f>n? is 340++) Now she
chooses e A %8% and calculates d A819996) 't this point key generation
is complete) Now imagine that 'lice wants to send a message with the
value of - A 86939 to *ob) She uses her private e$ponent, 819996,to sign the message:
'lice sends the message and the signature to *ob) *ob receives the
message and the signature) Be calculates
*ob accepts the message because he has verified 'lice7s
signature)
8/18/2019 Digital Signature Standard
21/28
RS' Signature on the Digest
RQ 8
hen the digest is signed instead of the message itself, the
susceptibility of the RS' digital signature scheme depends on the
strength of the hash algorithm)
8/18/2019 Digital Signature Standard
22/28
Digital Signature Standard
>DSS?
CS ovt approved signature scheme designed by NS/ & NS' in early 69Es
published as .!S2841 in 8668 revised in 866%, 8661 & then 999 uses the SB' hash algorithm
DSS is the standard, DS' is thealgorithm
RQ
8/18/2019 Digital Signature Standard
23/28
Digital Signature 'lgorithm
>DS'?
creates a %9 bit signature
with 08289+ bit security
smaller and faster than RS'
a digital signature scheme only
security depends on difficulty of
computing discrete logarithms
RQ %
8/18/2019 Digital Signature Standard
24/28
eneral dea *ehind DSS
Scheme
RQ +
8/18/2019 Digital Signature Standard
25/28
=ontinued
RQ 0
5ey eneration)
'lice chooses primes p and ")
p should be between 08 and 89+ bits in length and a
multiple of 1+)>08,031,1+9 ,39+, 314, 4%, 461, 619, 89+?)
" should be 819 bits in length in such a way that " divides
>p28?)
'lice uses FGpH, I J and FG"H, IJ)
'lice creates e8 to be the "th root of 8 modulo p >e8p A 8 mod
p?)/o do so 'lice chooses a primitive element in G p , e 9 and
calculates e 8 A e 9 >p28?;" mod p
'lice chooses d and calculates e A e8d)mod p
'lice7s public key is >e8, e, p, "?( her private key is >d?)
8/18/2019 Digital Signature Standard
26/28
erifying & Signing
RQ 1
8/18/2019 Digital Signature Standard
27/28
@$ample
RQ 3
'lice chooses q A 898 and p A 4948) 'lice selects e9 A % and calculates e8
A e9> pK8?;q mod p A 1614) 'lice chooses d A 18 as the private key and
calculates e A e8d mod p A 9%4) Now 'lice can send a message to *ob)
'ssume that h>-? A 0999 and 'lice chooses r A 18:
'lice sends -, S8, and S
to *ob) *ob uses the public keys to calculate
)
8/18/2019 Digital Signature Standard
28/28
Summary
have discussed:
digital signatures
digital signature algorithm and standard
RQ 4
Top Related