Digital Signature is one of the most important developments from the work on public-key cryptography. Digital Signature implementation requires a specific set of security capabilities that would be difficult to implement in some other way. In this article we are going to discuss the basics of digital signature and Digital Signature Standard (DSS).
Digital Signature: Digital Signature technique provides the freedom of secure and reliable communication. Digital Signature is implemented with the help of certain techniques and approaches that need to be discussed to understand Digital Signature.
- Requirements: Message authentication protects two parties from an unauthorized third party. It is important to note that message authentication does not protect these two parties against each other. Many disputes can rise. Someone can forge a message in the process of transfer and send it to intended receiver. Or maybe the message was not sent by the name mentioned in the email. So if trust does not exist in sender and receiver, then there is need of something more than authentication. So digital signature is a common solution. It is similar to a handwritten signature. It must have the following properties,
- Verifies the author, date and time of the signature.
- Authenticate the contents at the time of signature.
- Verifiable by a third party if any dispute arises.
Thus a digital signature function includes the authentication function. After discussing the properties of the digital signature, we are now in a position to formulate some requirements for a digital signature:
- The signature must be a bit pattern that depends on the message being signed.
- The signature must be some information unique to the sender, to prevent both forgery and denial.
- It must be relatively easy to produce the digital signature.
- It must be relatively easy to recognize and verify t the digital signature.
- It must be computationally infeasible to forge a digital signature of by constructing a fraudulent digital signature for a given message.
- It must be practical to retain a copy of the digital signature in storage.
- Direct Digital Signature: It is one of the digital signature approaches that are used to make communication secure. It only involves communicating parties. In this approach sender assumes that the receiver know the public key of the message. Further, the whole message can be encrypted using the private key of the sender or by encrypting a hash code of the message with the sender’s private key.
- Arbitrated Digital Signature: The problem associated with direct digital signatures can be addressed by using an arbiter. There is a variety of arbitrated signature schemes. In an arbitrated the message sender ‘X’ sends message to receiver ‘Y’ but before ‘Y’, the message is sent to an arbiter ‘A’, who checks its credentials and subjects message to number of security tests. Then arbiter ‘A’ sends the message to receiver ‘Y’ after the message is proved to be from sender ‘X’. This technique solves the problem and ‘X’ is no longer able to disown the message. It is important to note that this technique works better only if both sender and receiver trust on the arbiter.
Authentication Protocols: There are certain authentication protocols that ensure the authenticity of a message. In this section we would limit our discussion to only two major authentication protocols which are explained below,
- Mutual Authentication: It is an important authentication protocol in which both sender and receiver are able to verify the identity of each other by exchanging session keys. Central to the problem of authentication are two problems: confidentiality and timeliness. To prevent masquerade and to prevent the compromise of session key, session key and identification information must be sent in encrypted form.
- One-Way Authentication: It is another important and secure authentication protocol that is gaining popularity in e-mail security. One-Way authentication further utilizes following approaches to make authentication more secure,
- Symmetric Encryption Approach
- Public-Key Encryption Approaches
Digital Signature Standard: Digital Signature Standard (DSS) is the Federal Information Processing Standard FIPS 186 standard published by National Institute of Standard and Technology (FIPT). The Digital Signature Standard used Secure Hash Algorithm (SHA) and is a new digital signature technique. Digital Signature Standard approach and algorithm details are as follow,
- The Digital Signature Standard Approach: It is completely different than that of RSA, which is used for encryption and key exchange. Digital Signature Standard is used for public key exchange. Digital Signature Standard technique uses hash functions.
The Digital Signature Algorithm: Digital Signature Algorithm is based on the difficulty of computing discrete logarithms. There are there parameters that are public and can be common to a group of users.