13.7 It is tempting to try to develop a variation on Diffie-Hellman that could be used as a digi - Cryptography and Network Security - Stallings

13.7 It is tempting to try to develop a variation on Diffie-Hellman that could be used as a digital signature. Here is one that is simpler than DSA and that does not require a secret random number in addition to the private key. Public elements: q prime number a a < q and a is a primitive root of q Private key: X X < q Public key: Y = aX mod q To sign a message M, compute h = H(M), which is the hash code of the message. We require that gcd(h, q - 1) = 1. If not, append the hash to the message and calculate a new hash. Continue this process until a hash code is produced that is relatively prime to (q - 1). Then calculate Z to satisfy Z * h K X(mod q - 1). The signature of the message is aZ. To verify the signature, a user verifies that Y = (aZ)h = aXmod q. a. Show that this scheme works. That is, show that the verification process produces an equality if the signature is valid. b. Show that the scheme is unacceptable by describing a simple technique for forging a user's signature on an arbitrary message.


View solution: $5 USD. View Solution



<< Back	Next >>

Solupals - Textbook Solutions