INTRODUCTION TO DIGITAL SIGNATURE

In our day-to-day life, we use signatures for various purposes. Every

person has his own style of doing signature. Signature indicates the
identity of the person. It helps in providing the authentication of a
particular person. Use of signature in various forms for identification of
documents is a practice from ancient times. In the middle age, wax
imprint of insignia was used by the nobleman to seal the documents,
which provide their authentication.
Nowadays, after using the credit cards for the purpose of paying bills, we
have to sign a slip which is supposed to be verified by the sales person by
comparing the same with the signature on the card. But due to advance
technology such as online trading, all these methods of authentication
are of no use. The new method of authentication in electronic form has
emerged. This new technique is called digital signature. Digital signatures
may be in the form of text, symbol, image or audio.
In our discussion, we use digital signature, a term encompassing only
cryptographic signature. Digital signature is a strong method for
authentication used today. This includes message authentication used
today. This includes message authentication code (MAC), hash value of a
message and digital pen pad devices. It also includes cryptographically-
based signature protocols. All these different techniques ensure that no
unauthorized person of some document or record could have done so.
Therefore, digital signature is used for authentication of the message and
the sender and to verify the integrity of the message. Many schemes
have been proposed for generation of digital signature. Some of the
schemes are patented. Some are freely available and some are failed to
pass the security test. In today’s world of electronic transaction, digital
signature plays a major role in authentication. For example, one can fill
his income tax return online using his digital signature, which avoids the
use of paper and makes the process faster.
Asymmetric key encryption techniques and public key infrastructure are
used for digital signature. Digital signature algorithms are generally
divided into two parts-signing part and verification part. The first part,
i.e., signing part allows the sender to create his digital signature. The
second part of the signature is used by the receiver for verifying the
signature after receiving the message. Digital signature is different from
electronic signature. Electronic signature is not necessarily cryptographic-
based for identification of the sender. Sometimes, phone, fax
transmission and telephone address are treated as electronic signatures.
Many electronic signatures use digital signature technology to ensure
that the legal intent is also cryptographically secure.
The requirements for a digital signature are as follows:
1. It must in the form of pattern of bits.
2. Information unique to the sender should be used for the generation
of signature.
This information helps in preventing forgery and denial.
Digital signature is used for communication to verify
1. Authentication of the sender
2. Integrity of the message received
3. Non-repudiation
We will discuss all these in brief below:
1. Authentication: It is the most important part of the security. There
are two issues related to authentication- confidentiality and time-
span. Confidentiality of the secret key is the most important issue as
the security of the communication between two parties depends on
it. So we first take look on this issue.
In the public key infrastructure, each user has two keys- private
key and public key. The private key is used for encryption of the
message by the sender. The decryption of the received message is
done using sender’s public key. But in this scheme, recipient is not
sure whether the sender has himself signed the message or
somebody else has used the sender’s private key for encrypting the
message. This may happen if the private key of the sender is
captured by the attacker and used it to send the message on the
sender’s name using his private key.
The second issue is time-span. This is related to the hazard of
message replay attacks. There are replay attacks which allow the
attackers to compromise a session key. In financial communication,
confidentiality and integrity of the message is very important. Small
tome-span helps in protecting the replay attacks. If the time-span is
more and the sender’s key is compromised, then replay attack is
possible.
2. Integrity: It helps in checking whether the message is the same as
sent by the sender or a modified message. This can be achieved by
the message digest techniques. Encryption provides the
confidentiality to the message and protects it from the cryptanalyst
to read. If the key gets compromised, then it is possible for the
cryptanalyst to modify the message. This can be done perhaps
maliciously, without actually reading it. Integrity of the message can
 be verified with the help of message digest. Initially, the message
digest or hash value of the message is generated using any message
digest algorithm (such as MD5 or SHA-1). Then, the sender uses his
private key to encrypt the ciphertext and the message digest of the
message. Then, the sender sends the encrypted message to the
receiver. If the attackers or third party captures the message and
modifies it, then due to hash value or message digest, the receiver
can easily know about it because it is not possible to modify the
message digest or hash value and no two message can have the
same hash value. The receiver decrypts the message digest using the
public key of the sender. He also calculates the message digest of
the message received. The receiver compares the two message
digest. If the two messages digests match, then it proves that the
message is unaltered and it is the same as sent by the sender.
3. Non-repudiation: Repudiation means that a person, who signs a
document, is always able to disclaim a signature that has been
credited to him or her. After receiving the message, the recipient
asks the sender to attach his signature with the message so that it
makes later repudiation more difficult. If the sender refuses that he
is not the sender of the message, then the recipient can show the
signed message to a third party (i.e., a court) to reinforce a claim
that the message is sent by the signatories and not anybody else (i.e.
attacker) know that the key then all digital signatures generated
using such private key may be generated by the attacker. In this case
such digital signature cannot be helpful for non-repudiation. Notice
that compromising the key is not the drawback of any cryptographic
algorithm, but it is a human space and is unsolved. Digital signatures
alone cannot provide inherent non-repudiation.
 IMPLEMENTATION OF DIGITAL SIGNATURES
Digital signature schemes have the following three algorithms:
1. A key generation algorithm
2. A signing algorithm
3. A verification algorithm
For example, user A wants to communicate with user B by sending
him a message. User B wants to verify if the message has surely
come from user A. User A signs her message and then sends to user
B. For this, user A has generated the digital signature for the said
message using her private key. Digital signature is in the form of a
string of bits. After receiving the message, user B wants to know
that whether the message has really been sent by user A or
somebody else. For this, user B uses the verification algorithm. She
uses the message and the digital signature as input for the
verification algorithm and decrypts the message using user A’s
public key. If the digital signature matches, then user B cab be
confident that the message has really been sent by user A.

ASSOCIATION OF DIGITAL SIGNATURE AND ENCRYPTION

Message digest is used to generate the signature. The message digest
(MD) is calculated from the plain text or message. The message digests
for two different messages are never same. The message digest is
encrypted using user’s private key. Then, the sender sends this encrypted
message digest with the plain text or message to the receiver.
The receiver calculates the message digest from the plain text or message
he received. He decrypts the encrypted message digest using the
sender’s public key. If both the MDs are not same, then the plain text or
message is modified after singing. This is explained in given figure:

In digital signatures, the signature or hash value of the message is

encrypted using encryption techniques. But the signature or hash value is
small. In all digital signatures, the encryption techniques cannot be used
for large messages. As compared to digital signature, more efficient
methods are available. Signed document may be sent after encryption
over an insecure channel like any ciphertext.
Generally, user A first a message digest algorithm like MD5 or SHA-1 and
generates the hash value (MD) of the message. Then, he digitally signs
the resulting MD. An insecure MD can compromise the digital signature.
For example, if it is possible to generate MD collision (it is very difficult),
it might be feasible to forge digital signatures.
In digital signature a message digest is signed instead of the complete
message. This has the following advantages:
1. Efficiency: The size of digital signature is small, and thus, it improves
the performance of algorithm.
2. The document is intended to be read by others: The document
includes degree certificate, birth date certificates, driving licenses of
the users, rent agreement, contract agreement, etc. These
documents are in the plain text form. The accompanying digital
signatures are in encrypted form and these can be used to verify
that the documents are neither forged nor modified.
3. Integrity: Without the MD, the message ‘to be signed’ must be
divided into a number of blocks. The block size should be smaller
than the length of the private key. Then, each block is signed
separately and sent to the receiver. The receiver can verify the
individual block with the signature, but he would not be able to
verify if all the blocks are received or not. If a block (or blocks) is lost
during transmission, the receiver cannot know it. To know about this
loss, the message digest should be computed for a complete
message and not for individual blocks.

USING DIFFERENT KEY PAIRS FOR SIGNING AND ENCRYPTION

Nowadays, digital signature is the most common toll for verification. In
several countries, digital signature is accepted like traditional signature
methods. These provisions mean that a person cannot deny the
responsibility of the ownership of the message or the documents. Due to
this, one should take care to protect one’s message and digital signature
through proper encryption techniques using proper public key and
private key. This makes it difficult to the attackers to modify the message
and also to change the digital signature. Digital signature can be
protected using following measures.
1. Use of time stamp with digital signature: There are different digital
signatures algorithms for the generation of digital signature. But
these algorithms do not provide any information about the date and
time of signature generation. If the user includes a date and time
with the message, then also it is not sufficient to check whether the
signature is generated by the user or attacker. To avoid the misuse,
as above mentioned, we can use time stamp in addition to digital
signatures.
2. Additional security precautions: The security of the digital signature
is based on the private key used for the encryption of the signature.
If the private key is compromised, the attacker may be able to
capture the digital signature. It can be stored on the user’s
computer/laptop or notebook, and protected by a password, but it
has two disadvantages-only the document on that particular
computer/laptop or notebook can be signed and the private key is
secure from threat. To provide security to the local computers is
difficult due to hardware or operating systems.
So, better option for the security of the private key is store it on a
smart card. Smart cards are designed so that the data remain safe if,
by mistake, it is tampered. The message digest calculated from the
message is sent to the smart card. The smart card is connected to
the some computer, which encrypts the message digest using the
user’s private key and sends it back. Personal identification number
(PIN) is required to activate the smart card. If smart card is stolen,
 and the user’s private key is located on the smart card, then also it
does not make any harm, as PIN is needed to activate the smart
card. So, without PIN, digital signature cannot be generated.
3. Use of smart card readers: To activate the smart card, PIN is entered
using a numeric keypad, while some card readers have their own
keypad, while some card readers are integrated into a computer.
Sometimes, the PIN may be captured by the attacker. Nowadays
attackers use scanner machine with the smart card reader so that
when the smart card is swiped through the smart card reader,
complete data on the card is copied, and later on, it is used by the
attacker.

ALGORITHM FOR DIGITAL SIGNATURE

There are many digital signature algorithms. Some of them are listed
below:
1. Full Domain Hash, RSA-PSS, etc. based on RSA
2. Digital Signature Algorithm (DSA)
3. Elliptic Curve Digital Signature Algorithm (ECDSA)
4. ElGamal signature scheme
5. Undeniable signature
6. SHA (typically SHA-1) with RSA
7. Rabin signature algorithm
8. Pointcheval-Stern signature algorithm
9. Schnorr signature
 Digital Signature Algorithm (DSA)
To generate the digital signature, the most widely used algorithm is
Digital Signature Algorithm (DSA). In 1991, the National Institute of
Standards and Technology (NIST) proposed the Digital Signature to use it
in there Digital Signature Standard (DSS). DSA was adopted as a standard
in 1994. In 1996, a minor revision in DSA was issued. DSA standard was
expended further in 2000. DSA generates the message digest of length
160 bits. The algorithm is split into three steps-key generation, signing
and verification. Now, we discuss all these steps of DSA.
Key generation
1. Select a prime number q, which is 160-bit long. Select a prime number
p, which is L-bit long such that 512≤L≤1024, and L is divisible by 64,
and p=qk+1 for some of integer number k.
2. Select h, where 1<h<p-1 and generates g such that g=h˄k mod p>1.
3. Select private key x, where 0<x<q and compute y=g˄x mod p (x should
be kept secret).
4. The public key is (p, q, g, y)
5. P, q, g should be shared by different users.
Signature Generation
1. Select a secret Integer number k, where 0<k<q.
2. Compute r and s such that
r= (g˄k mod p) mod q and
s= (k˄-1(SHA-1(m) +x*r)) mod q
Where SHA-1(m) is the message digest of the message m using SHA-
1 algorithm.
3. If r=0 or s=0, repeat the above procedure.
 4. The digital signature for the message m is (r,s).
Signature Verification
1. If either 0<r<q or 0<s<q is not satisfied, reject the signature.
2. Compute w=(s)˄-1 mod q.
3. Compute u1= (SHA-1(m) * w) mod q.
4. Compute u2= (r * w) mod q.
5. Compute v= ((g˄u1 * y˄u2) mod p) mod q.
6. If v=r, then the signature is valid.
Correctness: The DSA scheme is correct, as the verifier always accept
genuine signatures. This can be illustrated as below:
We know that g=h˄k mod p and suppose g˄q mod
Digital signature algorithms have a number of prior requirements
(mentioned below). Without these requirements signatures do not have
any meaning.
1. Quality algorithms: Quality of digital algorithm also depends on the
quality of public key algorithms used.
2. Implementations: Implementation of any algorithm is very
important. If a very good algorithm is implemented with some
mistake, it will never work properly.
3. Private Key: The security of any algorithm depends on the secrecy of
private key. If the private key of a user compromises (known by the
attacker), then the attacker also generates the same digital
signature irrespective of how strong the algorithm can be used for
the generation of signature.
4. Distribution of public keys: In public key cryptography, the
distribution of public key is also very important. For this, there exist
different key distribution methods. The distribution of public key is
commonly done using a public key infrastructure (PKI) and
certificate authority (CA). During distribution, if the public key of a
user is given to a non-authenticate user, i.e., attacker, then it
compromises with the security.
5. Handling of signature protocol: Signature algorithms should be use
properly by the users.

If all the above conditions are satisfied by any digital signature

scheme, then the digital signature will have the information
 regarding the sender of the message and user’s consent about the
message.

DIGITAL SIGNATURE STANDARD (DSS)

For performing digital signature of any message or documents, some
standard is required. This standard is called Digital Signature Standards
(DSS). The NIST published this standard (i.e., DSS) in 1991. One should
note that DSS is a standard, whereas DSA is an algorithm. It has been
developed for performing digital signatures. For different digital
applications, this standard specifies an appropriate Digital Signature
Algorithm (DSA). As per this standard, the message digest of a document
is calculated using secure hash algorithm-1 (SHA-1).
Using this algorithm, a signature is generated, which includes a pair of
large number which is represented in the form of strings of binary digits.
A set of rules and parameters are used to compute the signature. The
DSA algorithm has three parts-key generation, signature generation and
signature verification. Using user’s private key, a signature us generated.
Sender’s public key is used for the verification of signature. Anyone can
verify the signature of a sender.
In signature generation, the message digest of a message is computed
using secure hash algorithm, as shown in figure. Then, the signature is
generated using this message digest. After that, the sends the signature
with the message to the receiver. The receiver is first intended to verify
the signature using sender’s public key. The recipient should use the
same hash function to calculate the message digest of the received
message. The hash function is specified in a separate standard, the
Secure Hash Standard (SHS), FIPS 180.
APPLICATION OF DIGITAL SIGNATURE
Digital signatures provide the integrity and the authentication. Third
party also verifies the authentication of the sender using digital signature.
The applications of digital signature in intended in various areas such as
in e-mail, online transactions, e-commerce, e-billing, interchanging the
data electronically, and applications where data integration, and
authentication of data origin are required. Nowadays, e-registration of
flats and other properties also use digital signature for authentications.
Even one can file income tax return using his/her digital signature.

AUTHENTICATION PROTOCOLS
There are various authentication protocols. Some of them are listed
below:
1. Challenge Handshake Authentication Protocol (CHAP): it is three-
way handshake protocol and it is much secured than PAP.
2. Extensible Authentication Protocol (EAP): It is used as a dial-in
between the client and the server. It is used to determine what
authentication protocol will be used.
3. Password Authentication Protocol (PAP): it is a two-way handshake
protocol. It is used with point to point protocol (PPP). It uses a plain
text password like older SLIP systems. It is not secure.
4. Shiva PAP (SPAP): Only NT RAS server supports this for clients
dialing in.
5. Data Encryption Standards (DES): It is used for older clients and
servers.
6. Remote Authentication Dial-In User Service (RADIUS): It is used in
organisation’s network to authenticate users dialing in remotely to
server.
7. S/Key: It is RFC 2289 Authentication Protocol. It is secure against
replays attacks. It is a one-time password system.
8. MS-CHAP (MD4): It is used to authenticate remote workstations and
developed by Microsoft. It uses MD4 for computing the message
digest and DES for encryption.
9. SKID-SKID2 and SKID3: It uses symmetric encryption technique.
Privacy of the user are not maintained and man-in-the-middle attack
is possible against it.
SUMMARY
Digital signature is a strong method for authentication used today. Digital
signature includes message authentication codes (MAC), hash value of a
message and digital pen pad devices. The Digital Signature Algorithm
(DSA) is the standard algorithm for digital signatures. The algorithm is
split into three parts-key generation, signing and verification. One more
digital signature scheme described by Taher ElGamal in 1984 is the
ElGamal signature. It is based on discrete logarithms. A variant of the
Digital Signature Algorithm (DSA) is Elliptical curve Digital Signature
Algorithm (EDSA). It is based on elliptical curve groups. The use of
elliptical curve provides smaller key sizes for the same security level, with
roughly, the same execution time. It also generates the signature of
exactly the same size. The NIST published the standard for digital
signature, called DSS, in 1991. One should note that DSS is a standard,
whereas DSA is an algorithm. It has been developed for performing digital
signatures. The applications of DSA are intended in various areas such as
e-mail, online transactions, e-commerce, e-billing. There are various
authentication protocols. Some of them are CHAP, MS-CHAP (MD4), etc.
Digital signature algorithms have a number of prior requirements
(mentioned below). Without these requirements signatures do not have
any meaning.
1. Quality algorithms: Quality of the digital algorithm also depends on
the quality of public key algorithms used.
2. Implementations: Implementation of any algorithm is very
important. If a very good algorithm is implemented with some
mistake, it will never work properly.
3. Private key: The security of any algorithm depends on the secrecy of
private key. If the private key of a user compromises (known by the
 attackers), then the attackers also generates the same digital
signature irrespective of how strong the algorithm can be used for
the generation of the signature.
4. Distribution of public keys: If the public key cryptography, the
distribution of public key is also very important. F