Presentation is loading. Please wait.

Presentation is loading. Please wait.

Prepared by Dr. Lamiaa Elshenawy

Published byGeoffrey Ford Modified over 8 years ago

Similar presentations

Presentation on theme: "Prepared by Dr. Lamiaa Elshenawy"— Presentation transcript:

1 Prepared by Dr. Lamiaa Elshenawy
Computer Security Lecture 7 Ch.13 Digital Signatures Prepared by Dr. Lamiaa Elshenawy

2 Digital Signatures ElGamal Digital Signature Scheme
Properties Attacks and Forgeries Digital Signature Requirements Direct Digital Signature ElGamal Digital Signature Scheme Schnorr Digital Signature Scheme Digital Signature Standard The DSS Approach The Digital Signature Algorithm

3 Digital Signatures Key Points
Digital signature authentication mechanism that enables the creator of a message to attach a code that acts as a signature. Digital signature standard (DSS) NIST standard secure hash algorithm (SHA) Encryption Algorithm H(M) Private Key Digital Signature

4 Digital Signatures Key Points
Most important development of public-key cryptography Digital Signature

5 Digital Signatures Generic Model

6 Digital Signatures Essential Elements

7 Digital Signatures Properties
Message Authentication

8 Digital Signatures Properties

9 Digital Signatures Attacks and Forgeries

10 Digital Signatures Attacks and Forgeries
Key-only attack: C A’s public key Known message attack: C set of messages and their signatures. Generic chosen message attack: C list of messages independent of A’s public key Directed chosen message attack: C list of messages dependent of A’s public key signatures seen know access choose choose before

11 Digital Signatures Attacks and Forgeries
Total break: C A’s private key Universal forgery: C efficient signing algorithm that provides an equivalent way of constructing signatures on arbitrary messages Selective forgery: C signature for chosen message Existential forgery: C signature for at least one message. C control over the message determine find forges forges no

12 Digital Signatures Requirements
Signature bit pattern signed message Signature information unique to the sender forgery and denial Easy digital signature Easy copy of digital signature in storage Infeasible computation digital signature depends use prevent produce recognize & verify retain forge

13 Digital Signatures Direct Digital Signature
Source Destination

14 Digital Signatures Schemes
ElGamal Digital Signature Scheme “Taher AlGamal (1985)” Schnorr Digital Signature Scheme “Claus Peter Schnorr ( )” Digital Signature Standard (DSS)

15 Digital Signatures ElGamal Scheme
Let q is prime number & α is a primitive root of q Generate the private/ public keys Sign the message

16 Digital Signatures ElGamal Scheme
Verify the message If V1=V2 No Not valid Yes Valid

17 Digital Signatures ElGamal Scheme
Let q=19; Primitive roots of q= {2, 3, 10, 13, 14, 15}; α=10 Generate the private/ public keys Alice wants to sign a message Let m=4

18 Digital Signatures ElGamal Scheme
Verify the message

19 Digital Signatures ElGamal Scheme
Example We consider q = 467; α = 2; XA = 127 Now YA is calculated: YA = αXA mod p = 2127 mod 467 = 132 So the Alice’s pair of keys is (127) , (467,2,132) We take m= 100 and K = 213 for the signature of this message Here we notice that (213, 466)= 1 Calculate mod 466 = 431 Having these parameters, we can start to calculate the signature of Alice on the message M, which is represented by the pair (S1,S2) S1= αK mod q = 2213 mod 467 = 29 S2= K-1 [m−(XA S1)] mod q = 431( x 29) mod 466 = 51 Verification step: αm mod q = (YA ) S1 (S1) S2 mod q 2100 ≡ 189 (mod 467) 13229 x 2951 ≡ 189 (mod 467) The verification confirms that the signature is valid.

20 Digital Signatures Schnorr Scheme
Generate the private/ public keys Sign the message

21 Digital Signatures Schnorr Scheme
Verify the message

22 Digital Signatures Schnorr Scheme
Generate the private/ public keys Choose p = 23, q = 11, where 11 is a prime factor of 22 = 23-1. Choose a such that a11 = 1 mod 23. Let a = 2, since 211 = 2048 = 1 mod 23. Choose a random integer s, 0 < s < q. Let s= 9, since 9<11. Generate a public key by calculating ν, where ν = 29 mod 23 =6 User’s Public key: ν = 6 User’s Private key: s = 9

23 Digital Signatures Schnorr Scheme
Sign the message Customer chooses r = 3 < 11, and computes x = 23 mod = 8 Customer sends x = 8 to merchant Merchant sends e=5 to customer Customer calculates y = (3+9x5) mod 11 = 48 mod 11 = 4, and returns y = 4 to the merchant. The signature (e , y) Verify the message Merchant calculates x’ ν e mod p = 8 x 6 5 mod 23 = mod 23 = 16 Merchant also calculates a y mod p = 2 4 = 16 These are the same so the merchant accepts that the customer knows x

24 Digital Signatures Digital Signature Standard (DSS)
NIST Federal Information Processing Standard (FIPS 186)-DSS DSS Secure Hash Algorithm (SHA) new Digital Signature Algorithm (DSA) DSS (1991) (1993,1996) DSS (2000) (FIPS 186-2) DSS (2009) (FIPS 186-3) published use presented proposed revised expand-version presented updated presented

25 Digital Signatures Digital Signature Standard (DSS)
verify random number

26 Digital Signatures Digital Signature Algorithm (DSA)

27 Digital Signatures Digital Signature Algorithm (DSA)

28 Digital Signatures Digital Signature Algorithm (DSA)
Let p, q, g are public to all p= 18x71+1= prime number q= 71 (prime divisor of (p-1)) g= 318 mod 1279=1157 Let x= 15, k=10 y= mod 71=851 User’s private key:{x=15} User’s public key: {y=851}

29 Digital Signatures Digital Signature Algorithm (DSA)
Signing r =( mod 1279) mod 71 = 32 s =[10 -1 (123+15x32)] mod 71=39 m=123, Signature={32,39} Verifying W=39-1 mod 71= 51 u1=123 x 51 mod 71=25 u2=32 x 51 mod 71=70 ν = [( ) mod 1279] mod 71=32 Test: ν=r the signature is valid

30 Thank you for your attention

Download ppt "Prepared by Dr. Lamiaa Elshenawy"

Similar presentations

Hash Functions A hash function takes data of arbitrary size and returns a value in a fixed range. If you compute the hash of the same data at different.

Hash Functions A hash function takes data of arbitrary size and returns a value in a fixed range. If you compute the hash of the same data at different.
1 Chapter 7-2 Signature Schemes. 2 Outline [1] Introduction [2] Security Requirements for Signature Schemes [3] The ElGamal Signature Scheme [4] Variants.

1 Chapter 7-2 Signature Schemes. 2 Outline [1] Introduction [2] Security Requirements for Signature Schemes [3] The ElGamal Signature Scheme [4] Variants.
Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.

Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.
Cryptography and Network Security

Cryptography and Network Security
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Computer Science&Technology School of Shandong University Instructor: Hou Mengbo Email: houmb AT sdu.edu.cn Office: Information Security Research Group.

Computer Science&Technology School of Shandong University Instructor: Hou Mengbo houmb AT sdu.edu.cn Office: Information Security Research Group.
Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.

Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.
Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings.

Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings.
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
1 Chapter 13 – Digital Signatures & Authentication Protocols Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,

1 Chapter 13 – Digital Signatures & Authentication Protocols Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,
CNS2010handout 10 :: digital signatures1 computer and network security matt barrie.

CNS2010handout 10 :: digital signatures1 computer and network security matt barrie.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Digital Signature Algorithm (DSA) Kenan Gençol presented in the course BIL617 Cryptology instructed by Asst.Prof.Dr. Nuray AT Department of Computer Engineering,

Digital Signature Algorithm (DSA) Kenan Gençol presented in the course BIL617 Cryptology instructed by Asst.Prof.Dr. Nuray AT Department of Computer Engineering,
Chapter 7-1 Signature Schemes.

Chapter 7-1 Signature Schemes.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
Cryptography1 CPSC 3730 Cryptography Chapter 13 Digital Signature Standard (DSS)

Cryptography1 CPSC 3730 Cryptography Chapter 13 Digital Signature Standard (DSS)
1 Information System Security AABFS-Jordan Summer 2006 Digital Signature and Hashing Functions Prepared by: Maher Abu Hamdeh & Adel Hamdan Supervised by:

1 Information System Security AABFS-Jordan Summer 2006 Digital Signature and Hashing Functions Prepared by: Maher Abu Hamdeh & Adel Hamdan Supervised by:
Announcements: 1. Late HW7’s now. Questions? This week: Birthday attacks, Digital signatures, DSA Birthday attacks, Digital signatures, DSA DTTF/NB479:

Announcements: 1. Late HW7’s now. Questions? This week: Birthday attacks, Digital signatures, DSA Birthday attacks, Digital signatures, DSA DTTF/NB479:

Similar presentations

Ads by Google