Professional Documents
Culture Documents
Raj Jain
Washington University in Saint Louis
Saint Louis, MO 63130
Jain@cse.wustl.edu
Audio/Video recordings of this lecture are available at:
http://www.cse.wustl.edu/~jain/cse571-11/
Washington University in St. Louis
CSE571S
13-1
Overview
1.
2.
3.
4.
Digital Signatures
ElGamal Digital Signature Scheme
Schnorr Digital Signature Scheme
Digital Signature Standard (DSS)
These slides are based partly on Lawrie Browns slides supplied with William Stallingss
book Cryptography and Network Security: Principles and Practice, 5th Ed, 2011.
CSE571S
13-2
Digital Signatures
CSE571S
13-3
CSE571S
13-4
Attacks
1.
2.
3.
4.
5.
CSE571S
13-5
Forgeries
1.
2.
3.
4.
CSE571S
13-6
CSE571S
13-8
K S2
xA S1 +KS2
xA S1 +mxA S1
m
a
(a
)
=
a
=
a
=
a
Washington University in St. Louis
CSE571S
2011 Raj Jain
xA S 1
13-9
CSE571S
13-10
CSE571S
13-11
Schnorr Signature
CSE571S
13-12
CSE571S
13-13
CSE571S
13-14
CSE571S
13-15
CSE571S
13-16
CSE571S
13-17
CSE571S
13-18
Summary
1.
2.
3.
CSE571S
13-19
Homework 13
DSA specifies that if signature generation process
results in a value of s=0, a new value of k should be
generated and the signature should be recalculated.
Why?
Suppose Alice signed a message M using DSA with a
specific k value and then the k value was
compromised. Can Alice still use her private key for
future digital signatures?
Hint: Show that the private key of the signer can be
easily computed in both of the above cases.
CSE571S
13-20