Scribd
Upload
42 views6 pages

Crypto Lecture5

Uploaded by

nghodangduy0607
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
42 views6 pages

Crypto Lecture5

Uploaded by

nghodangduy0607
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

Advanced Cryptography

Lesson 5
Digital signature Private
Digital key K_priv
document D D_sig
Signing Digital
to be
signed
Algorithm signature

Public
Digital key
signature D_sig
Verification • TRUE if D signed by K_priv is D_sig
D Algorithm • FALSE otherwise
Digital
document
to be
signed
RSA digital signature
Samantha Victor
Key Creation
Choose secrete primes p, q
Choose verification exponent v with
gcd(v, (p-1)(q-1)) = 1
Publish N = pq and v
Signing
Compute s satisfying
s  1 (mod (p-1)(q-1))
Sign document D by computing
S  Ds (mod N)
Verification
Compute Sv mod N and
Verify that it is equal to D
Elliptic curves over F2 and over F2k
Theorem (Hasse). With E(Fpk), #E(Fpk) = pk + 1 – tpk with tpk
satisfying |tpk|  2pk/2.
#E(F2) = 5, so #E(F2) is not useful for cryptographic purposes.
Definition. An elliptic curve E is the set of solutions to a generalized
Weierstrass equation (E): Y2 + a1XY +a3Y = X3 + a2X2 + a4X + a6, together
with an extra point O. the coefficients a1, …, a6 are required to satisfy 
 0, where the discriminant  is defined as follows:
• 𝑏2 = 𝑎12 + 4𝑎2 , 𝑏2 = 2𝑎4 + 𝑎1 𝑎3 , 𝑏6 = 𝑎32 + 4𝑎6 ,
• 𝑏8 = 𝑎12 𝑎6 + 4𝑎2 𝑎6 − 𝑎1 𝑎3 𝑎4 + 𝑎2 𝑎32 − 𝑎42 ,
• ∆= −𝑏22 𝑏8 − 8𝑏43 − 27𝑏62 + 9𝑏2 𝑏4 𝑏6 .
ElGamal digital signatures
Public Parameter Creation
A trusted party chooses and publishes a large prime p and primitive root g modulo p
Samatha Victor

Key creation
Choose secret signing key 1  s  p – 1.
Compute v  gs (mod p).
Publish the verification key v.
Signing
Choose document D mod p.
Choose ephemeral key e mod p.
Compute signature
. S1  ge (mod p).
. S2  (D – sS1)e-1 (mod p-1)
Verification
Compute vS1S1S2 mod p.
Verify that it is equal to gD mod p.
DSA – digital signature algorithm
Public Parameter Creation
A trusted party chooses and publishes a large primes p and q satisfying p  1 (mod q) and an element g of
order q modulo p
Samatha Victor

Key creation
Choose secret signing key 1  s  q – 1.
Compute v  gs (mod p).
Publish the verification key v.
Signing
Choose document D mod p.
Choose ephemeral key e mod p.
Compute signature
. S1  ge (mod p).
. S2  (D + sS1)e-1 (mod p-1)
Verification
Compute DS1S2 mod p and V2  S1S2-1 (mod q).
Verify that (gV1vV2 mod p) mod q = S1.

You might also like