Documentos de Académico
Documentos de Profesional
Documentos de Cultura
2. Cryptography
2.4 Digital Signatures
• Practical issues:
– MACs as Light-weight (or “inexpensive”) signatures
• Message flows in session-oriented protocols
• MACs in protocols for constrained devices
• Datagram protocols and large amounts (load) of message
processing
Henric Johnson 8
© 2010, Henrique J. Domingos, DI/FCT/UNL 2.4 Digital Signatures - Slide 8
MAC with a secure HASH function
Signature class
Steps:
- Initialization of the signature object for
signing
- signature.update() is then used to feed data
into the signature object
- When all the data has been fed in,
signature.sign() is called
- Signature can be:
- Returned as a byte array
- Or load it into a passed in byte-array
//verification
signature.initVerify(keyPair.getPublic());
signature.update(message);
if (signature.verify(sigBytes)) { … ok … } else { not ok }
© 2010, Henrique J. Domingos, DI/FCT/UNL 2.4 Digital Signatures - Slide 25
ElGammal public key scheme (asymetric)
• A variant of Diffie-Hellman
– Same math. principles
• Widely used (ex., OpenPGP implementations,
standardized in RFC 2440)
• How does it works ?
Bob has a public key gy mod P (well known by Alice)
Alice creates a temporary public key
KpubA = gx mod P
//verification
signature.initVerify(keyPair.getPublic());
signature.update(message);
if (signature.verify(sigBytes)) { … ok … } else { not ok }
© 2010, Henrique J. Domingos, DI/FCT/UNL 2.4 Digital Signatures - Slide 35
Digital Signature Algorithm (DSA)