Prepared by Dr. Lamiaa Elshenawy

Slides:



Advertisements
Similar presentations
Hash Functions A hash function takes data of arbitrary size and returns a value in a fixed range. If you compute the hash of the same data at different.
Advertisements

1 Chapter 7-2 Signature Schemes. 2 Outline [1] Introduction [2] Security Requirements for Signature Schemes [3] The ElGamal Signature Scheme [4] Variants.
Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.
Cryptography and Network Security
Digital Signatures and Hash Functions. Digital Signatures.
Computer Science&Technology School of Shandong University Instructor: Hou Mengbo houmb AT sdu.edu.cn Office: Information Security Research Group.
Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.
Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings.
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
1 Chapter 13 – Digital Signatures & Authentication Protocols Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,
CNS2010handout 10 :: digital signatures1 computer and network security matt barrie.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Digital Signature Algorithm (DSA) Kenan Gençol presented in the course BIL617 Cryptology instructed by Asst.Prof.Dr. Nuray AT Department of Computer Engineering,
Chapter 7-1 Signature Schemes.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
Cryptography1 CPSC 3730 Cryptography Chapter 13 Digital Signature Standard (DSS)
1 Information System Security AABFS-Jordan Summer 2006 Digital Signature and Hashing Functions Prepared by: Maher Abu Hamdeh & Adel Hamdan Supervised by:
Announcements: 1. Late HW7’s now. Questions? This week: Birthday attacks, Digital signatures, DSA Birthday attacks, Digital signatures, DSA DTTF/NB479:
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.5 Public Key Algorithms.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
Cryptography and Network Security Chapter 13 Fifth Edition by William Stallings.
Cryptography and Network Security Chapter 13
13.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 13 Digital Signature.
Digital Signatures (DSs) The digital signatures cannot be separated from the message and attached to another The signature is not only tied to signer but.
13.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 13 Digital Signature.
Chapter 13 Digital Signature
Information Security and Management 13. Digital Signatures and Authentication Protocols Chih-Hung Wang Fall
Lecture 8 Digital Signatures. This lecture considers techniques designed to provide the digital counterpart to a handwritten signature. A digital signature.
11 Digital Signature.  Efficiency  Unforgeability : only signer can generate  Not reusable : not to use for other message  Unalterable : No modification.
Chapter 5 Digital Signatures MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
Bob can sign a message using a digital signature generation algorithm
DSA (Digital Signature Algorithm) Tahani Aljehani.
1 Lect. 15 : Digital Signatures RSA, ElGamal, DSA, KCDSA, Schnorr.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 21 “Public-Key Cryptography.
Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.
Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.
Topic 22: Digital Schemes (2)
Digital Signatures A primer 1. Why public key cryptography? With secret key algorithms Number of key pairs to be generated is extremely large If there.
Lecture 3.4: Public Key Cryptography IV CS 436/636/736 Spring 2013 Nitesh Saxena.
Chapter 21 Public-Key Cryptography and Message Authentication.
Cryptography and Network Security Chapter 13 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Signcryption Parshuram Budhathoki Department of Mathematical Sciences Florida Atlantic University April 18, 2013
Data Security and Encryption (CSE348) 1. Lecture # 20 2.
Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings.
1 Number Theory and Advanced Cryptography 6. Digital Signature Chih-Hung Wang Sept Part I: Introduction to Number Theory Part II: Advanced Cryptography.
Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings Lecture slides by Lawrie Brown & Süleyman KONDAKCI.
DIGITAL SIGNATURE. A digital signature is an authentication mechanism that enables the creator of a message to attach a code that acts as a signature.
Computer Security Lecture 5 Ch.9 Public-Key Cryptography And RSA Prepared by Dr. Lamiaa Elshenawy.
Digital Signature Standard (DSS) US Govt approved signature scheme designed by NIST & NSA in early 90's published as FIPS-186 in 1991 revised in 1993,
Cryptographic Hash Functions Cryptographic Hash Functions 1. Applications of Cryptographic Hash Functions 2. Secure Hash Algorithm 3. Message Authentication.
 Requirement  Security  Classification  RSA Signature  ElGamal Signature  DSS  Other Signature Schemes  Applied Digital Signatures 11.
DIGITAL SIGNATURE ALGORITHM. The National Institute of Standards and Technology (NIST) has published Federal Information Processing Standard FIPS 186,
COM 5336 Lecture 8 Digital Signatures
Cryptography and Network Security Chapter 13
Fourth Edition by William Stallings Lecture slides by Lawrie Brown
B. R. Chandavarkar CSE Dept., NITK Surathkal
ICS 454 Principles of Cryptography
Cryptography and Network Security
Cryptography and Network Security Chapter 13
ICS 454 Principles of Cryptography
Digital Signatures.
Cryptography and Network Security Chapter 13
Chapter -8 Digital Signatures
Chapter 13 Digital Signature
Digital Signature Standard (DSS)
Digital Signatures Network Security.
LAB 3: Digital Signature
Presentation transcript:

Prepared by Dr. Lamiaa Elshenawy Computer Security Lecture 7 Ch.13 Digital Signatures Prepared by Dr. Lamiaa Elshenawy

Digital Signatures ElGamal Digital Signature Scheme Properties Attacks and Forgeries Digital Signature Requirements Direct Digital Signature ElGamal Digital Signature Scheme Schnorr Digital Signature Scheme Digital Signature Standard The DSS Approach The Digital Signature Algorithm

Digital Signatures Key Points Digital signature authentication mechanism that enables the creator of a message to attach a code that acts as a signature. Digital signature standard (DSS) NIST standard secure hash algorithm (SHA) Encryption Algorithm H(M) Private Key Digital Signature

Digital Signatures Key Points Most important development of public-key cryptography Digital Signature

Digital Signatures Generic Model

Digital Signatures Essential Elements

Digital Signatures Properties Message Authentication

Digital Signatures Properties

Digital Signatures Attacks and Forgeries

Digital Signatures Attacks and Forgeries Key-only attack: C A’s public key Known message attack: C set of messages and their signatures. Generic chosen message attack: C list of messages independent of A’s public key Directed chosen message attack: C list of messages dependent of A’s public key signatures seen know access choose choose before

Digital Signatures Attacks and Forgeries Total break: C A’s private key Universal forgery: C efficient signing algorithm that provides an equivalent way of constructing signatures on arbitrary messages Selective forgery: C signature for chosen message Existential forgery: C signature for at least one message. C control over the message determine find forges forges no

Digital Signatures Requirements Signature bit pattern signed message Signature information unique to the sender forgery and denial Easy digital signature Easy copy of digital signature in storage Infeasible computation digital signature depends use prevent produce recognize & verify retain forge

Digital Signatures Direct Digital Signature Source Destination

Digital Signatures Schemes ElGamal Digital Signature Scheme “Taher AlGamal (1985)” Schnorr Digital Signature Scheme “Claus Peter Schnorr (1991-2008)” Digital Signature Standard (DSS)

Digital Signatures ElGamal Scheme Let q is prime number & α is a primitive root of q Generate the private/ public keys Sign the message

Digital Signatures ElGamal Scheme Verify the message If V1=V2 No Not valid Yes Valid

Digital Signatures ElGamal Scheme Let q=19; Primitive roots of q= {2, 3, 10, 13, 14, 15}; α=10 Generate the private/ public keys Alice wants to sign a message Let m=4

Digital Signatures ElGamal Scheme Verify the message

Digital Signatures ElGamal Scheme Example We consider q = 467; α = 2; XA = 127 Now YA is calculated: YA = αXA mod p = 2127 mod 467 = 132 So the Alice’s pair of keys is (127) , (467,2,132) We take m= 100 and K = 213 for the signature of this message Here we notice that (213, 466)= 1 Calculate 213-1 mod 466 = 431 Having these parameters, we can start to calculate the signature of Alice on the message M, which is represented by the pair (S1,S2) S1= αK mod q = 2213 mod 467 = 29 S2= K-1 [m−(XA S1)] mod q = 431(100-127 x 29) mod 466 = 51 Verification step: αm mod q = (YA ) S1 (S1) S2 mod q 2100 ≡ 189 (mod 467) 13229 x 2951 ≡ 189 (mod 467) The verification confirms that the signature is valid.

Digital Signatures Schnorr Scheme Generate the private/ public keys Sign the message

Digital Signatures Schnorr Scheme Verify the message

Digital Signatures Schnorr Scheme Generate the private/ public keys Choose p = 23, q = 11, where 11 is a prime factor of 22 = 23-1. Choose a such that a11 = 1 mod 23. Let a = 2, since 211 = 2048 = 1 mod 23. Choose a random integer s, 0 < s < q. Let s= 9, since 9<11. Generate a public key by calculating ν, where ν = 29 mod 23 =6 User’s Public key: ν = 6 User’s Private key: s = 9

Digital Signatures Schnorr Scheme Sign the message Customer chooses r = 3 < 11, and computes x = 23 mod = 8 Customer sends x = 8 to merchant Merchant sends e=5 to customer Customer calculates y = (3+9x5) mod 11 = 48 mod 11 = 4, and returns y = 4 to the merchant. The signature (e , y) Verify the message Merchant calculates x’ ν e mod p = 8 x 6 5 mod 23 = 62208 mod 23 = 16 Merchant also calculates a y mod p = 2 4 = 16 These are the same so the merchant accepts that the customer knows x

Digital Signatures Digital Signature Standard (DSS) NIST Federal Information Processing Standard (FIPS 186)-DSS DSS Secure Hash Algorithm (SHA) new Digital Signature Algorithm (DSA) DSS (1991) (1993,1996) DSS (2000) (FIPS 186-2) DSS (2009) (FIPS 186-3) published use presented proposed revised expand-version presented updated presented

Digital Signatures Digital Signature Standard (DSS) verify random number

Digital Signatures Digital Signature Algorithm (DSA)

Digital Signatures Digital Signature Algorithm (DSA)

Digital Signatures Digital Signature Algorithm (DSA) Let p, q, g are public to all p= 18x71+1=1279 prime number q= 71 (prime divisor of (p-1)) g= 318 mod 1279=1157 Let x= 15, k=10 y=115715 mod 71=851 User’s private key:{x=15} User’s public key: {y=851}

Digital Signatures Digital Signature Algorithm (DSA) Signing r =(1157 10 mod 1279) mod 71 = 32 s =[10 -1 (123+15x32)] mod 71=39 m=123, Signature={32,39} Verifying W=39-1 mod 71= 51 u1=123 x 51 mod 71=25 u2=32 x 51 mod 71=70 ν = [(115725 85170) mod 1279] mod 71=32 Test: ν=r the signature is valid

Thank you for your attention

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.