Professional Documents
Culture Documents
Objective:
To write a program implementing RSA Digital Signature showing the application of RSA
Algorithm for various security services like confidentiality, authentication, signature,
non-repudiation and integrity
CO Outcome
https://cryptobook.nakov.com/digital-signatures/rsa-sign-verify-examples
Abstract:-
Digital signatures
Digital signatures are a great example of where the hash function is used. Digital
signatures allow us to sign a message in order to enable detection of changes to the
message contents, to ensure that the message was legitimately sent by the expected
party, and to prevent the sender from denying that he or she sent the message, known as
nonrepudiation. To digitally sign a message, the sender would generate a hash of the
message, and then use his private key to encrypt the hash, thus generating a digital
signature. The sender would then send the digital signature along with the message,
usually by appending it to the message itself.
When the message arrives at the receiving end, the receiver would use the sender’s
public key to decrypt the digital signature, thus restoring the original hash of the
message. The receiver can then verify the integrity of the message by hashing the
message again and comparing the two hashes. Although this may sound like a
considerable amount of work to verify the integrity of the message, it is often done by a
software application of some kind and the process typically is largely invisible to the
end user. A digital signature is considered legally binding and if it is lost or stolen must
be revoked.
Related Theory: -
The RSA public-key cryptosystem provides a digital signature scheme (sign + verify),
based on the math of the modular exponentiations and discrete logarithms and the
computational difficulty of the RSA problem (and its related integer factorization
problem).
• A key generation algorithm that selects a private key uniformly at random from
a set of possible private keys. The algorithm outputs the private key and a
corresponding public key.
a signature.
• A signature verifying algorithm that, given the message, public key and
signature, either accepts or rejects the message's claim to authenticity.
Two main properties are required. First, the authenticity of a signature generated from a
fixed message and fixed private key can be verified by using the corresponding public
key. Secondly, it should be computationally infeasible to generate a valid signature for
a party without knowing that party's private key. A digital signature is an authentication
mechanism that enables the creator of the message to attach a code that acts as a
signature. The Digital Signature Algorithm (DSA), developed by the National Institute
of Standards and Technology, is one of many examples of a signing algorithm.
Key Generation
The RSA algorithm uses keys of size 1024, 2048, 4096, ..., 16384 bits. RSA supports
also longer keys (e.g. 65536 bits), but the performance is too slow for practical use
(some operations may take several minutes or even hours). For 128-bit security level, a
3072- bit key is required.
The numbers n and d are typically big integers (e.g. 3072 bits), while e is small,
typically 65537.
RSA Sign
s = hd(mod n)
The hash h should be in the range [0...n). The obtained signature s is an integer in the
range [0...n).
Verifying a signature s for the message msg with the public key exponent e: 1.
h′=se(mod n)
3. Compare h with h' to find whether the signature is valid or not
Implementation Details:
Output:
Conclusion:-