The RSA digital signature algorithm is a type of asymmetric cryptography. It’s asymmetric because it uses two separate keys: a Public Key and a Private Key. The Public Key is given to everyone, whereas the Private Key is kept private, as the name implies.
Example of Asymmetric cryptography :
A client (for example, a browser) sends the server its public key and requests data.
The server encrypts the data with the client’s public key before sending it.
This data is received by the client, who decrypts it.
Because this is asymmetric, no one other than the browser can decode the data, even if a third party knows the browser’s public key.
The RSA concept is predicated on the fact that factoring in a large number is difficult. The public key is made up of two numbers, one of which is the result of multiplying two huge prime numbers. The same two prime numbers are also used to create the private key. The private key is compromised if the huge integer can be factorized. As a result, encryption strength is entirely dependent on the key size, and increasing the key size exponentially increases encryption strength. RSA keys are normally 1024 or 2048 bits long, however experts fear that 1024 bit keys may soon be broken. However, it appears to be an impossible feat at this time.
The validity of electronic transmission is verified using digital signatures. A public-key system is used in a digital signature algorithm. The intended transmitter uses his or her private key to sign his or her message, and the intended receiver uses the transmitter’s public key to verify it. Message authentication, message integrity, and non-repudiation can all be provided by a digital signature.
The key generation algorithm, the signing algorithm, and the verification algorithm are the three algorithms that make up a digital signature method.
RSA Key Generation
- Pick two big prime numbers. both p and q
- Determine n=p*q.
- Choose a public key e that isn’t a factor of (p-1)* (q-1)
- Select private key d such that the equation (d*e) is true.
In modulo (p-1)*, =1 or d is the inverse of E. (q-1)
RSA Digital Signature Scheme:
D is private in RSA, while e and n are public.
- S=Md mod n is Alice’s digital signature,
- she delivers Message M and Signature S to Bob.
- Bob calculates M1=Se mod n
- accepts the data given by Alice if M1=M.
- To create the digest h, you utilize the same hash function (H#).
- You then provide this digest to the verification function, which also requires other parameters.
- Calculate w’s value so that s*w mod q = 1.
- Using the formula u1 = h*w mod q, find the value of u1.
- Using the formula u2 = r*w mod q, calculate the value of u2.
- v = [((gu1. yu2) mod p) mod q] is the final verification component.
- The value of v is compared to the value of r received in the bundle.
- The signature verification is complete if it matches.
- After learning how the DSA Method works, you should be aware of the advantages it has over other algorithms like the RSA algorithm.
Attacks on RSA Signature:
RSA digital signatures are vulnerable to a variety of attacks. A selection of them is listed below.
Message-chosen Attack :
The chosen-message attack involves the attacker creating two separate messages, M1 and M2, and convincing the real user to sign both of them using the RSA digital signature algorithm. Consider the following messages: M1 and M2. As a result, the attacker creates a new message M = M1 x M2 and claims that it was signed by the genuine user.
Only Key Attack :
The assumption in this attack is that the attacker has access to the authentic user’s public key and is attempting to obtain a message and digital signature. Only then does the attacker attempt to produce a new message MM with the same signature S that appears to be legitimate on MM. However, because the mathematical complexity beyond this is fairly significant, it is not an easy attack to launch.
Attack on Known-message :
In a known-message attack, the attacker tries to exploit an RSA feature that allows two different messages with two different signatures to be mixed such that their signatures combine as well. Consider the following scenario: we have two separate messages M1 and M2 with respective digital signatures S1 and S2. If M = (M1 x M2) mod n, then S = (S1 x S2) mod n analytically. As a result, the attacker can forge a signature by computing M = (M1 x M2) mod n and subsequently S = (S1 x S2) mod n.
You now know the necessity of asymmetric cryptography, how digital signatures operate, the functionality of DSA, the procedures required in signature verification, and its advantages over similar alternatives. I hope you enjoyed this tutorial on the DSA algorithm.