Week 6 Discussion Please find the attachments Cryptography and Network Security: Principles and Practice Eighth Edition Chapter 13 Digital Signa -

Week 6 Discussion
Please find the attachments

Cryptography and Network Security:

Don't use plagiarized sources. Get Your Custom Assignment on

Week 6 Discussion Please find the attachments Cryptography and Network Security: Principles and Practice Eighth Edition Chapter 13 Digital Signa

From as Little as $13/Page

Principles and Practice
Eighth Edition

Chapter 13

Digital Signatures

Figure 13.1 Simplified Depiction of

Essential Elements of Digital

Signature Process

Digital Signature Properties

It must verify the author and the date and time of the

signature

It must authenticate the contents at the time of the

signature

It must be verifiable by third parties to resolve disputes

Attacks

Key-only attack

C only knows As public key

Known message attack

C is given access to a set of messages and their signatures

Generic chosen message attack

C chooses a list of messages before attempting to break As
signature scheme, independent of As public key; C then obtains
from A valid signatures for the chosen messages

Directed chosen message attack

Similar to the generic attack, except that the list of messages to be
signed is chosen after C knows As public key but before any
signatures are seen

Adaptive chosen message attack

C may request from A signatures of messages that depend on
previously obtained message-signature pairs

Forgeries

Total break

C determines As private key

Universal forgery

C finds an efficient signing algorithm that provides an

equivalent way of constructing signatures on arbitrary

messages

Selective forgery

C forges a signature for a particular message chosen

by C

Existential forgery

C forges a signature for at least one message; C has

no control over the message

Digital Signature Requirements

The signature must be a bit pattern that depends on the

message being signed

The signature must use some information unique to the sender

to prevent both forgery and denial

It must be relatively easy to produce the digital signature

It must be relatively easy to recognize and verify the digital

signature

It must be computationally infeasible to forge a digital signature,

either by constructing a new message for an existing digital

signature or by constructing a fraudulent digital signature for a

given message

It must be practical to retain a copy of the digital signature in

storage

Direct Digital Signature

Refers to a digital signature scheme that involves only the communicating

parties

It is assumed that the destination knows the public key of the source

Confidentiality can be provided by encrypting the entire message plus

signature with a shared secret key

It is important to perform the signature function first and then an outer

confidentiality function

In case of dispute some third party must view the message and its

signature

The validity of the scheme depends on the security of the senders private key

If a sender later wishes to deny sending a particular message, the sender

can claim that the private key was lost or stolen and that someone else

forged his or her signature

One way to thwart or at least weaken this ploy is to require every signed

message to include a timestamp and to require prompt reporting of

compromised keys to a central authority

ElGamal Digital Signature

Scheme involves the use of the private key for encryption

and the public key for decryption

Global elements are a prime number q and a, which is a

primitive root of q

Use private key for encryption (signing)

Uses public key for decryption (verification)

Each user generates their key

Chooses a secret key (number): 1 < xA < q-1 Compute their public key: yA = a xA mod q Copyright 2020 Pearson Education, Inc. All Rights Reserved. Schnorr Digital Signature Scheme is based on discrete logarithms Minimizes the message-dependent amount of computation required to generate a signature Multiplying a 2n-bit integer with an n-bit integer Main work can be done during the idle time of the processor Based on using a prime modulus p, with p 1 having a prime factor q of appropriate size Typically p is a 1024-bit number, and q is a 160-bit number Copyright 2020 Pearson Education, Inc. All Rights Reserved. N I S T Digital Signature Algorithm Published by N I S T as Federal Information Processing Standard F I P S 186 Makes use of the Secure Hash Algorithm (S H A) The latest version, F I P S 186-3, also incorporates digital

signature algorithms based on R S A and on elliptic curve

cryptography

Figure 13.2 Two Approaches to

Digital Signatures

Figure 13.3 The Digital Signature

Algorithm (D S A)

Figure 13.4 D S A Signing and Verifying

Elliptic Curve Digital Signature

Algorithm (E C D S A)

Four elements are involved:

All those participating in the digital signature scheme use

the same global domain parameters, which define an elliptic

curve and a point of origin on the curve

A signer must first generate a public, private key pair

A hash value is generated for the message to be signed;

using the private key, the domain parameters, and the hash

value, a signature is generated

To verify the signature, the verifier uses as input the signers

public key, the domain parameters, and the integer s; the

output is a value v that is compared to r ; the signature is

verified if the v = r

Figure 13.5 E C D S A Signing and

Verifying

R S A-P S S

R S A Probabilistic Signature Scheme

Included in the 2009 version of F I P S 186

Latest of the R S A schemes and the one that R S A Laboratories

recommends as the most secure of the R S A schemes

For all schemes developed prior to P S S it has not been possible

to develop a mathematical proof that the signature scheme is as

secure as the underlying R S A encryption/decryption primitive

The PSS approach was first proposed by Bellare and Rogaway

This approach, unlike the other R S A-based schemes,

introduces a randomization process that enables the security of

the method to be shown to be closely related to the security of

the R S A algorithm itself

Mask Generation Function (M G F)

Typically based on a secure cryptographic hash function

such as S H A-1

Is intended to be a cryptographically secure way of

generating a message digest, or hash, of variable

length based on an underlying cryptographic hash

function that produces a fixed-length output

Figure 13.6 R S A-P S S Encoding

Figure 13.7 R S A-P S S E M Verification

Summary

Present an overview of the digital signature process

Understand the ElGamal digital signature scheme

Understand the Schnorr digital signature scheme

Understand the N I S T digital signature scheme

Compare and contrast the N I S T digital signature scheme

with the ElGamal and Schnorr digital signature schemes

Understand the elliptic curve digital signature scheme

Understand the R S A-P S S digital signature scheme

This work is protected by United States copyright laws and is

provided solely for the use of instructors in teaching their

courses and assessing student learning. Dissemination or sale of

any part of this work (including on the World Wide Web) will

destroy the integrity of the work and is not permitted. The work

and materials from it should never be made available to students

except by instructors using the accompanying text in their

classes. All recipients of this work are expected to abide by these

restrictions and to honor the intended pedagogical purposes and

the needs of other instructors who rely on these materials. After reading chapter 13, analyze the advantages and disadvantages of digital signatures. The initial post must be completed by Thursday at 11:59 eastern. You are also required to post a response to a minimum of two other student in the class by the end of the week. You must use at least one scholarly resource. Every discussion posting must be properly APA formatted.

Related Questions:

Related questions

Leave a Comment Cancel Reply