Professional Documents
Culture Documents
p to be a large prime with g as a primitive element of Galois Field, GF (p) f as a one-way function. Users secret key is x which must be and
The public key is
It is very easy to calculate from but difficult to calculate from which is the basis of the DLM. While for the ElGamal digital signature y,x,g, and
p are known.
2. The Digital Signature Scheme The digital signature scheme has the following attribute: A plaintext message M : a set of strings over some alphabets S : a set of possible signature K : a set of possible keys for signature generation K : a set of possible keys for signature verification Key generation algorithm GEN: where are private , public key spaces Signing algorithm SIGN: Verification algorithm VER: For any, donated by signing transformation : Read at as s is signature of created using key sk
Let pk be public key for any secret key, and , it is needed True, with probability 1, if False, with an overwhelming probability, if
Let H be a collision-resistant hash function Let p be large prime such that computing discrete logarithms modulo p is difficult. Let of be a random multiplicative generator of integers modulo
Users may share this system parameter between one another B. Key generation (GEN)
Pick randomly x as a private key with Then, compute public key by Next, publicize as the public key Keep x as the private key.
Pick a random k such that Create a signature pair (r, s) where Start over again if s=0
and gcd
Then the digital signature for message m is the pair (r, s) . These steps are repeated by the signer for every signature.
D. Signature verification
To verify the signature on (r,s) on the message m, the verifier performs the following procedure:
If all conditions are satisfied, accept the signature and rejects it otherwise.
E. Correctness
It is easy to verify the authenticity of the signature when the algorithm is correct in the sense that a signature created with the signing algorithm. The generation of signature involves
F. Security
An intruder can forge signature by i. aiming to recover the signers secret key, x ii. getting collision s in hash function
The signer should never reuse ephemeral key k, which means it only used once per signature
i.
DSS scheme:
Set up of system parameter Set up two prime numbers p and q such that Set up an element ; this can be completed by choosing and setting . If g = 1, repeat the procedure until g 1 Set up a cryptographic hash function . So, the parameters are publicized.
ii. Key generation User A picks a random number x in the range and computes So, user As public-keys material is whereas public key is x.
Pick an ephemeral key k in the range Calculate Perform the operation The signature is then given by the pair (e, s).
iv. Signature verification Given message signature pair (r, s). Then:
if and only if
Like the DSS, a signature in the Schnorr signature scheme is much shorter than that of a signature in the ElGamal signature scheme.
i.
The Schnorr signature scheme: Set up of system parameters The system parameters are same as to those for DSS scheme, so, the parameters are publicized.
ii.
Key generation
User A picks a random number x in the range computes So, user A public-keys material is and
To sign message m: Pick an ephemeral key in the range Calculate Then perform operation Next compute The signature is then given by the pair (e, s)
) , compute
.