You are on page 1of 12


This paper aims toprovide a broadreviewof networksecurity

with particular regard to digital signatures. Network security

and cryptography is a subject too wide ranging to coverage

about howtoprotect informationindigital formandtoprovide

security services. However, a general overview of network

security and cryptography is provided and various algorithms

are discussed.


The objective of this paper is to provide the reader with an

insight intorecent

developments in the field of network security and

cryptography, with particular regard to digital signatures

.cryptography was used as a tool to protect national secrets

and strategies. The proliferation of computers and

communications systems in the 1960s brought with it a

demand from the private sector for means to protect

information in digital formand to provide security services.

DES, the Data Encryption Standard, is the most well-known

cryptographic mechanism. It remains the standard means for

securing electronic commerce for many financial institutions

around the world. The most striking development in the

history of cryptography came in 1976 when Diffie and

Hellmanpublished NewDirections inCryptograph y.

A digital signature of a message is a number dependent on

some secret known only to the signer, and, additionally, on

the content of the message being signed. Signatures must be

verifiable; if a dispute arises as to whether a party signed a

document (caused by either a lying signer trying to repudiate

asignatureit didcreate, or afraudulent claimant), anunbiased

third party should be able to resolve the matter equitably,

without requiring access to the signer’s secret information


The first method discovered was the RSA signature

scheme,Which remains today one of the most practical and

versatile techniques available. Sub-sequent research has

resulted in many alternative digital signature techniques. The

Feige-Fiat-Shamir signature scheme requires a one-way hash



Cryptography, an understanding of issues related to

information security in general is necessary. Information

security manifests itself in many ways according to the

situation andrequirement. Over the centuries, an elaborate set

of protocols and mechanisms has been created to deal with

information security issues when the information is conveyed

by physical documents. Often the objectives of information

security cannot solely be achieved through mathematical

algorithms and protocols alone, but require procedural

techniques and abidance of laws to achieve.The concept of

information will be taken to be an understood quantity. For

example, privacy of letters is provided by sealed envelopes

deliveredbyanacceptedmail service.


recovery Deterministi

Figure: taxonomy of signatureschemes


1. Key-only attack s. In these attacks, an adversary knows

onlythesigner’s public


2. Message attack s. Hereanadversaryis abletoexamine

signatures correspondingeither toknownor chosenmessages.

Messageattacks canbefurther subdividedintothree


(a) Known-messageattac k. Anadversaryhas signatures for a

set of messages whichare knowntotheadversarybut not


(b) Chosen-message attac k. An adversary obtains valid

signatures fromachosenlist of messages before attemptingto

breakthe signaturescheme. This attack is non-adaptive inthe

sense that messages are chosen before any signatures are

seen. Chosen-message attacks against signature schemes are

analogous to chosen cipher text attacks against public-key

encryptionschemes .

(c) Adaptive chosen-message attac k. Anadversaryis allowed

to use the signer as an oracle; the adversary may request

signatures of messages whichdependonthe

signer’s public key and he may request signatures of

messages which depend on previously obtained signatures or



Entity A(the signe r) creates a signature for a message m€ M


1. Computes =S A (m).
2. Transmit thepair (m, s). s is calledthe signature for

message m.


Toverifythat asignatures onamessagemwas createdbyA,

anentityBperforms the followingsteps:

1. ObtaintheverificationfunctionV A of A.

2. Computeu=V A (m, s).

3. Accept the signature as havingbeencreatedbyAif u=

tru e, andreject thesignatureif u= fals e.

The RSAsignature scheme

The message space and cipher text space for the RSApublic-

keyencryptionscheme are bothZn={0, 1, 2…n-1}where n

= pq is the product of two randomly chosen distinct prime

numbers. Since the encryption transformation is a bijection,

digital signatures can be created by reversing the roles of

encryption and decryption. The RSA signature scheme is a

deterministic digital signature scheme which provides

message recovery. The signing space M S and signature space

S are both Z n . Aredundancy function R: M Z n is chosen

andis publicKnowledge.

Algorithm: Key generationfor theRSAsignaturescheme

SUMMARY : eachentitycreates anRSApublic keyanda

EachentityAshoulddothe following:

1. Generatetwolargedistinct randomprimes pandq, each


2. Computen=pqandΦ=(p-1)(q- 1).

3. Select a randominteger e, 1<e <Φ, suchthat gcd(e, Φ)


4. Use theextendedEuclideanalgorithm(Algorithm2.107) to

computetheunique integer d, 1<d<Φ, suchthat edΞ1(mod


5. A’s publickeyis (n, e); A’s privatekeyis d.

Algorithm: RSAsignaturegenerationandverification

SUMMARY : entityAsigns amessagem€M. AnyentityB

canverifyA’s signature andrecover themessage mfromthe


1. Signature generation. EntityAshoulddothefollowing:

(a) Computem=R(m), aninteger intherange [0, n-1].

(b) Computes =m modn.

(c) A’s signaturefor mis s.

2. Verification. ToverifyA’s signatures andrecover the

message m, Bshould:

(a) ObtainA’s authenticpublickey(n; e).

(b) Compute m=s modn.

(c) Verifythat m€M R; if not, reject the signature.

(d) Recover m=R‾ (m).
Feige-Fiat-Shamir signaturescheme

The Feige-Fiat-Shamir signature schemeandrequires aone-

wayhashfunctionh:{0, 1}* {0,1} for somefixedpositive
integer k. Here {0, 1} denotes theset of bit strings of bit

lengthk, and{0, 1}*denotes theset of all bit strings (of

arbitrarybit lengths).

Algorithm: Key generationfor the Feige-Fiat-Shamir


SUMMARY : eachentitycreates apublic keyand


EachentityAshoulddothe following:

1. Generaterandomdistinct secret primes p, qandformn=


2. Select a positive integer kanddistinct randomintegers s1,

s2 , ... ,sk€Z* n

3. Computev j =s‾ j modn, 1≤j ≤k.

4. A’s publickeyis thek-tuple(v1, v2,…vk) andthe

modulus n; A’s privatekeyis

the k-tuple (s1, s2,…, sk).

Algorithm: Feige-Fiat-Shamir signaturegenerationand

SUMMARY : entityassigns a binarymessagemof arbitrary

length. AnyentityBcanverifythis signature byusingA’s


1. Signature generation . EntityAshoulddothefollowing:

(a) Select arandominteger r, 1≤r ≤n- 1.

(b) Computeu=r modn.

(c) Computee =(e1, e2, …,ek) =h(m║u); eache i €{0, 1}.

(d) Computes =r.Π j=1 s jej modn.

(e) A’s signaturefor mis (e, s).

2. Verification. ToverifyA’s signature(e, s) onm, Bshould

dothe following:

(a) ObtainA’s authenticpublickey(v1, v2, …,vk) andn.

(b) Computew=s .Π kj=1 v j ej mod n.

(c) Computee’ =h(m║w).

(d) Accept the signature if andonlyif e =e’ .

TheDigital SignatureAlgorithm(DSA)

InAugust of 1991, theU.S. National Instituteof Standards

andTechnology(NIST) proposeda digital signature

algorithm(DSA). TheDSAhas become aU.S. Federal

InformationProcessingStandard(FIPS186) calledthe

Digital SignatureStandard (DSS), andis thefirst digital

signatureschemerecognizedbyanygovernment The

signaturemechanismrequires a hashfunctionh: {0, 1}*  Zq

for someinteger q.
Algorithm: Key generationfor theDSA

SUMMARY : eachentitycreates apublic keyand


EachentityAshoulddothe following:
159 160.
1. Select a primenumber qsuchthat 2 <q<2

2. Chooset sothat 0≤t ≤8, andselect aprime number p

where2 <p<
2 , withthepropertythat qdivides (p- 1).

3. (Select a generator αof theuniquecyclicgroupof order q

inZ* p.)

3.1Select anelement g€Z* p andcomputeα=g modp.

3.2If α=1thengotostep3.1.

4. Select a randominteger a suchthat 1≤ a ≤q- 1.

5. Computey= αa modp.

6. A’s publickeyis (p, q, α, y); A’s privatekeyis a.

Algorithm: DSAsignaturegenerationandverification

SUMMARY : entityAsigns abinarymessage mof arbitrary

length. AnyentityBcanverifythis signature byusingA’s


1. Signature generation . EntityAshoulddothe

(a) Select arandomsecret integer k; 0<k<q.
(b) Computer =(α modp) modq

(c) Computek‾1modq.

(d) Computes =k‾1{h(m) +ar}modq.

(e) A’s signaturefor mis the pair (r; s).

2. Verification . Toverify A’s signature(r, s) onm, B


(a) ObtainA’s authenticpublickey(p, q, α, y).

(b) Verifythat 0<r <qand0<s <q; if not, thenreject the


(c) Computew=s‾1modqandh(m).

(d) Computeu1=w.h(m) modqandu2=rwmodq.

u1 u2
(e) Computev=(α y modp) modq.

(f) Accept the signature if andonlyif v=r.


Digital signatures have many applications in information

security, including authentication, data integrity, and non-

repudiation. Oneof the most significant applications of digital

signatures is thecertificationof public keys inlarge networks.

Certificationis a means for a trustedthirdparty(TTP) tobind

the identity of a user to a public key, so that at some later

time, other entities can authenticate a public key without


This paper has providedabroadreviewof networksecurity

andcryptographyalgorithms withparticular regardtodigital

signatures Thetransformations SA (SIGNING) andVA

(VERIFICATION) are typicallycharacterizedmore

compactlybyakey that is, there is aclass of signingand

verificationalgorithms publiclyknown, andeachalgorithmis

identifiedbyakey. Thus thesigningalgorithmSAof Ais

determinedbyakeykAandAis onlyrequiredtokeepkA

secret. Similarly, theverificationalgorithmVAof Ais

determinedbyakeylAwhichis madepublic.

Handwrittensignatures couldbe interpretedas aspecial class

of digital signatures.

Tosee this, takethe set of signatures Stocontainonlyone

element whichis thehandwrittensignatureof A, denotedby

sA. Theverificationfunctionsimplychecks if thesignature

onamessagepurportedlysignedbyAis sA


1.AppliedCryptography, byA. Menezes, P. vanOorschot,

andS. Vanstone, CRCPress, 1996.