In 1991, The National Institute of Standards and Technology (NIST) developed Digital Signature Algorithm (DSA) and it was put forward for use in Digital Signature Standards (DSS). It is actually a Federal Information Processing Standard used in digital signatures. It was accepted as FPIS in 1993 and since then it has undergone several improvements with the latest FPIS 186-4 was done in 2013. DSA is used to create a 320 bit signature that contains 512-1024 bit security. Digital Algorithm Signature is advantageous over RSA since it faster and smaller as compared to RSA. It was approved by the government of United States to offer strong signature that hinders easy use for encryption. DSA has been widely adopted due to its high security as its process of computing discrete logarithms is quite complex.
The DSA uses two keys to generate digital signatures. The hashing function SHA-1 is one of the keys that are used in generating digital signatures. The improved version of DSA accepts new versions of SHA algorithms such as SHA-2. The other key that is used in DSA comes from a private key. To generate keys, the public key values (p, q, g) are chosen. A large prime number of the value of p is then chosen p=2L. The acceptable value of L ranges from 512 to 1024 and it must be a multiple of 64. The user is then required to choose q which is a 160 bit prime factor of p-1. The key value g is also chosen where g= h (p-1)/q. The users are then supposed to choose their own private keys and they can be able to compute their public key as follows. They are required to choose a value of x which should be less than the value of q x < q. Using the values chosen the users are able to compute the value of y as demonstrated y= g x (mod p).
The high security of Digital Signature Algorithm mainly depends on the complexity of calculating the discrete logarithms mod p. It was initially suggested that the same modulus p be used but later it was agreed on the usage of public parameters (p, q, g). The DSA can do the RSA and ElGamal encryption by the use of DSA routines that were initially not intended to happen. DSA has been widely accepted because of its high security and efficiency.
Hash functions are used for various functions such as message authentication codes (MACs), digital signatures and other forms of authentications. Other applications of the hash function include fingerprinting, indexing data in hash tablets and they can be used as has functions. They also identify duplicated data, due to their checksums ability. One of the functions that will be looked into details in this paper is the Collision resistant hash function (CRHF).
The Collision Resistant Hash Function was defined by R Merkle as a h function with the following properties: The explanation of h should be known publicly and it must not need any secret information in order for it to function. Its argument X can be of any chosen length whose result h(X) has unchanging length of n bits where (n≥ 128). Another feature of CDHF is that provided with h and X the compensation of h(X) should be done easily. The hash function also should be a one function so that whenever a Y is given in the image of h, it becomes very complex to obtain the message X such that h(X) =Y and whenever X and h(X) is provided, it is also very difficult to obtain the message X’ which is not equal to X. in such a way that h (X’) = h(X). The last feature of this hash function is the collision resistant ability that translates to its being very complicated to find two different messages that hash to similar results.
One of the number generators known is the cryptographically secure pseudo-random number generator (CSPRNG) that is mainly used in cryptography. The generation of the keys requires high qualification and it mostly uses the entropy. It becomes very hard to create a good random number generator due to it high qualification requirements and its design. The requirements of CSPRNG holds that they must pass a serious attack and they also must qualify a statistical randomness test. All CSPRNG should hold up a state compromise extension as well as satisfying the next-bit test. CSPRNG design significantly contributes to them being hard to make fall under three categories: The hard one are based on mathematical problems. There are also those that are specially designed and the other ones are designed based on cryptographic primitives.
Digital signatures are a little bit more different from the digital certificate in that they validate the owner of the document who has signed it or the message contained in the document signed. They protect the document or message in the document from being altered. Digital signatures are advantageous in that they can be automatically time-stamped, they cannot be copied and they are easily portable. They offer surety of the original document in any message both encrypted and unencrypted and they hold the digital signature of the certified issuing authority.
Reference
Coleman, D. D. (2010). CWSP: Certified wireless security professional official study guide. Indianapolis, Ind: Wiley Pub.
Cole, E., & Reese, R. (2008). Network security fundamentals. Hoboken, N.J: Wiley.
NATO Advanced Research Workshop on Enhancing Cryptographic Primitives with Techniques from Error Correcting Codes, Preneel, B., North Atlantic Treaty Organization., & IOS Press. (2009). Enhancing cryptographic primitives with techniques from error correcting codes. Amsterdam: IOS Press.
Schmeh, K., & John Wiley & Sons (Firma comercial). (2003). Cryptography and public key infrastructure on the Internet. Chichester, England: J. Wiley.
Tilborg, H. C. A., & Jajodia, S. (2011). Encyclopedia of cryptography and security. New York: Springer.
Kogent Learning Solutions, Inc. (2009). Visual Basic 2008 programming: Black book. New Delhi, India: Dreamtech Press.