Skip to content
Cryptography
Public Key
DSA

DSA

DSA A.K.A Digital Signature Algorithm is a signing algorithm similar to RSA.

This algorithm is based on the ElGamal encryption system.

Textbook definition

The variables of textbook RSA are:

VariableDescription
qqA large prime
ppA large prime such that p1p -1 is a multiple of qq
ggg=h(p1)/qmodpg = h^{(p-1)/q} \mod p where hh is a random integer such that 1<h<p11 < h < p-1

Key generation

  • Chose xx such that 1<x<q1 < x < q, this is the private key.
  • Compute y=gxmodpy = g^x \mod p, this is the public key.

Signing

The signature of a message mm requires a hashing function HH.

  • Chose kk such that 1<k<q1 < k < q.
  • Compute r=(gkmodp)modqr = (g^k \mod p) \mod q s=k1(H(m)+xr)modqs = k^{-1} (H(m) + xr) \mod q

If r=0r = 0 or s=0s = 0, do it again with another kk. The signature is (r,s)(r, s).

Verification

  • Verify that 0<r<q0 < r < q and 0<s<q0 < s < q.
  • Compute w=s1modqw = s^{-1} \mod q.
  • Compute u1=H(m)wmodqu_1 = H(m)w \mod q and u2=rwmodqu_2 = rw \mod q.
  • Compute v=(gu1yu2modp)modqv = (g^{u_1} y^{u_2} \mod p) \mod q.
  • Iif v=rv = r, the signature is valid.

Attacks

  • No hash function - StackExchange

    If message is directly signed without hashing, it is possible to forge create messages that have the same signature.