Presentation is loading. Please wait.

Presentation is loading. Please wait.

Source: IEEE Communications Letters, Vol. 8, No. 3, March 2004

Published byMichael Holt Modified over 5 years ago

Similar presentations

Presentation on theme: "Source: IEEE Communications Letters, Vol. 8, No. 3, March 2004"— Presentation transcript:

1 Integratining Diffie-Hellman Key Exchange into the Digital Signature Algorithm (DSA)
Source: IEEE Communications Letters, Vol. 8, No. 3, March 2004 Authors: Lein Harn, Manish Mehta, Wen-Jung Hsin Speaker: Yu-Wei Su Date:

2 Outline 1. Introduction 2. Concept & Goal 3. Proposed protocols
4. Conclusion

3 1. Introduction 1-1. Key Exchange 1-2. Diffie-Hellman Algorithm
1-3. Digital Signature 1-4. DSA

4 1-1. Key Exchange ● Symmetric Encryption
● Alice & Bob calculate a session key to communicate Session Key; k EK() DK() Alice Bob

5 1-2. Diffie-Hellman Algorithm Parameters (1/4)
common parameters: g, n: two large primes private parameters: a: random number, choice by Alice b: random number, choice by Bob

6 Operating Flow (2/4) Session key = gab mod n ga mod n gb mod n
Alice calculate ((gb mod n)a mod n), result is (gab mod n) Bob calculate ((ga mod n)b mod n), result is (gab mod n) Session key = gab mod n

7 Example (3/4) n = 11, g = 2 a = 4 ga mod n = 24 mod 11 = 5 b = 8
gb mod n = 28 mod 11 = 3 => Alice : (gb mod n)a mod 11 = 34 mod 11 = 4 Bob: (ga mod n)b mod 11 = 58 mod 11 = 4 Session key = 4

8 The Computational Diffie-Hellman Assumption(CDH assumption) (4/4)
● Eve receives (ga mod n) and (gb mod n) in the channel. ● It is very hard to calculate (gab mod n).

9 1-3. Digital Signature ● Non-repudiation ● Based on asymmetric scheme
message message f(message) ps: f() is a digital signature algorithm.

10 1-4. Digital Signature Algorithm(DSA) 1-4-1. Preview
Used in Digital Signature Standard(DSS) Proposed by NIST Published in FIPS PUB 186-x

11 Parameters (1/3) Global parameters:
p: a prime number, |p| = 512 ~ 1024 (bits), multiple of 64 q: a 160-bit prime factor of (p-1) h: 1< h < p-1 g = (h(p-1)/q) mod p H(): a hash function, ex: SHA-1 Sender’s Private Parameter: x, random integer with 0 < x < q

12 Parameters (2/3) Sender’s Public Parameter: y = gx mod p m: message
Per-Message Secret Parameter: k: random integer with 0 < k < q

13 Signing & Verifying (3/3)
Signing (Sender) : r = (gk mod p) mod q s = [k-1(H(m) + xr)] mod q => signature = (r,s) Verifying (Receiver) : w = (s’)-1 mod q u1 = [H(m’)w] mod q u2 = (r’)w mod q v = [(gu1yu2) mod p] mod q Test v ?= r’ ps: s’ & r’ are received by receiver which corresponding s & r.

14 2.Concept & Goal 2-1. DH + DSA Diffie-Hellman Algorithm
+ Digital Signature Algorithm = Take (ga mod p) as message in DSA

15 2-2. Three Models One-round protocol Two-round protocol
Three-round protocol

16 3. Proposed protocol 3-1. Parameters
User A, B: two users in protocol YA, XA: a key pair, public key & private key of user A in DSA, authenticated. YA = gXA mod p YB, XB: a key pair, public key & private key of user B in DSA, authenticated. YB = gXB mod p Other parameters are corresponding in DSA KAB: session key from A to B

17 3-2. One-round protocol (1/2)
Step 1(User A): Select kA Let mA = gkA mod p Let KAB = (YB)kA mod p (= gxBkA mod p) Calculate rA = (gkA mod p) mod q Calculate sA = [kA-1(mA||KAB) + XArA] mod q Sent (mA,sA) to User B

18 One-round protocol (2/2)
Step 2(User B): Receive mA,sA from User A Imply rA = mA mod q Imply KAB = (mA)xB mod p (= gkAxB mod p) Verify (rA,sA) of (mA||KAB) After Step 2, A & B obtain a session key: KAB = gkAxB mod p

19 3-3. Two-round protocol (1/2)
Step 1, Step 2 are the same as one-round protocol. Step 3(User B): (just take B as A) Select kB Let mB = gkB mod p Let KBA = (YA)kB mod p (= gxAkB mod p) Calculate rB = (gkB mod p) mod q Calculate sB = [kB-1(mB||KBA) + XBrB] mod q Sent (mB,sB) to User A

20 Two-round protocol (2/2)
Step 4(User A): (just take A as B) Receive mB,sB from User B Imply rB = mB mod q Imply KBA = (mB)xA mod p (= gkBxA mod p) Verify (rB,sB) of (mB||KBA) After Step 4, A & B obtain two session keys: KAB = gkAxB mod p KBA = gkBxA mod p

21 3-4. Three-round protocol (1/2)
Step 1(User A): Select kA Let mA = gkA mod p Sent mA to User B Step 2(User B): Imply KAB = (mA)xB mod p (= gkAxB mod p) Select kB Let mB = gkB mod p Let KBA = (YA)kB mod p (= gxAkB mod p) Calculate rB = (gkB mod p) mod q Calculate sB = [kB-1(mB||KBA||KAB) + XBrB] mod q Sent (mB,sB) to User A

22 Three-round protocol (2/2)
Step 3(User A): Let KAB = (YB)kA mod p (= gxBkA mod p) Imply rB = mB mod q Imply KBA = (mB)xA mod p (= gkBxA mod p) Verify (rB,sB) of (mB||KBA||KAB) Calculate rA = (gkA mod p) mod q Calculate sA = [kA-1(H(mA||KAB||KBA) + xArA)] mod q Sent sA to User B Step 4(User B): Imply rA = mA mod q Verify (rA,sA) of (mA||KAB||KBA)

23 4. Conclusion Authentication & Efficient

Download ppt "Source: IEEE Communications Letters, Vol. 8, No. 3, March 2004"

Similar presentations

The Diffie-Hellman Algorithm

The Diffie-Hellman Algorithm
Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.

Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.
1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.
Digital Signature Algorithm (DSA) Kenan Gençol presented in the course BIL617 Cryptology instructed by Asst.Prof.Dr. Nuray AT Department of Computer Engineering,

Digital Signature Algorithm (DSA) Kenan Gençol presented in the course BIL617 Cryptology instructed by Asst.Prof.Dr. Nuray AT Department of Computer Engineering,
Cryptography1 CPSC 3730 Cryptography Chapter 13 Digital Signature Standard (DSS)

Cryptography1 CPSC 3730 Cryptography Chapter 13 Digital Signature Standard (DSS)
Integrating Diffie-Hellman Key Exchange into the Digital Signature Algorithm IEEE Communications Letters, March 2004 Lein Harn, Manish Metha and Wen- Jung.

Integrating Diffie-Hellman Key Exchange into the Digital Signature Algorithm IEEE Communications Letters, March 2004 Lein Harn, Manish Metha and Wen- Jung.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
Cryptography and Network Security Chapter 13

Cryptography and Network Security Chapter 13
Computer Science Public Key Management Lecture 5.

Computer Science Public Key Management Lecture 5.
Public Key Model 8. Cryptography part 2.

Public Key Model 8. Cryptography part 2.
Information Security and Management 13. Digital Signatures and Authentication Protocols Chih-Hung Wang Fall 2011 1.

Information Security and Management 13. Digital Signatures and Authentication Protocols Chih-Hung Wang Fall
DSA (Digital Signature Algorithm) Tahani Aljehani.

DSA (Digital Signature Algorithm) Tahani Aljehani.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 21 “Public-Key Cryptography.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 21 “Public-Key Cryptography.
Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester 2008-2009 ITGD 2202 University of Palestine.

Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.
Digital Signatures A primer 1. Why public key cryptography? With secret key algorithms Number of key pairs to be generated is extremely large If there.

Digital Signatures A primer 1. Why public key cryptography? With secret key algorithms Number of key pairs to be generated is extremely large If there.
Chapter 21 Public-Key Cryptography and Message Authentication.

Chapter 21 Public-Key Cryptography and Message Authentication.
Cryptography and Network Security Chapter 13 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 13 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
PUBLIC-KEY CRYPTOGRAPH IT 352 : Lecture 2- part3 Najwa AlGhamdi, MSc – 2012 /1433.

PUBLIC-KEY CRYPTOGRAPH IT 352 : Lecture 2- part3 Najwa AlGhamdi, MSc – 2012 /1433.
Prepared by Dr. Lamiaa Elshenawy

Prepared by Dr. Lamiaa Elshenawy
Digital Signature Standard (DSS) US Govt approved signature scheme designed by NIST & NSA in early 90's published as FIPS-186 in 1991 revised in 1993,

Digital Signature Standard (DSS) US Govt approved signature scheme designed by NIST & NSA in early 90's published as FIPS-186 in 1991 revised in 1993,

Similar presentations

Ads by Google