Cryptography Reference
In-Depth Information
than we have, including other types of non-repudiation, such as non-repudiation
of delivery of a message. As always, an excellent overview of the relevant digital
signature standards is provided in Dent and Mitchell [55].
We have hopefully made it very clear that although digital signatures have a
passing resemblance to handwritten signatures, they are fundamentally different.
Another version of this message appeared in Bruce Schneier's Crypto-Gram
Newsletter [167]. A good overview of the issues surrounding digital signature
schemes is also provided in Ford and Baum [83]. It is possible to compute and
verify digital signatures, as well as run a simulation of RSA digital signature schemes
with appendix, using CrypTool [52].
1
. The definition of 'electronic signature' proposed in Section 7.1.2 is very open.
(a) What processes or technologies can you think of that might satisfy this
definition?
(b) To what extent do your proposals satisfy the definition of an advanced
electronic signature?
2
. MACs do not by default provide non-repudiation.
(a) Explain why this is the case.
(b) Under what conditions might a MAC be used to provide non-repudiation?
3
. RSA is unusual in that the encryption algorithm can be used as part of the
process of generating a digital signature.
(a) Write down the mathematical operations involved in RSA encryption and
verification of an RSA digital signature with appendix.
(b) Identify the 'special' property of RSA that allows it to be used both for
encryption and digital signatures.
(c) Explain why this apparent 'symmetry' between RSA encryption and digital
signatures is not so relevant in practice.
4
. RSA digital signatures rely on the security of the supporting hash function.
(a) Explain why it is important that the hash function has collision resistance.
(b) Discuss whether it is important that the hash function has preimage
resistance.
5
. For an application environment of your choice using an RSA digital signature
scheme with appendix, order the following risks with respect to both likelihood
of occurrence and security implications:
• an attacker factorises the RSA modulus;
• a smart card containing the signature key is stolen;
• a collision is found in the underlying hash function;
