Cryptography Reference
In-Depth Information
> DSAVer := proc(domain::list, publickey::{posint, string}, message::string,
signature::list, {messagetype::identical(hex,text):= hex, H::name:='SHA256'})
local d, y, sig, r, s, p, q, g, w, z, u1, u2, v;
d := stringposint
∼
(domain);
y := stringposint(publickey);
sig := stringposint
∼
(signature);
r := sig[1];
s := sig[2];
p := d[1];
q := d[2];
g := d[3];
ifr=0ors=0orq<=rorq<=sthen
error "invalid signature"
end if;
w := sˆ(-1) mod q;
z := OS2IP(H(message, messagetype));
u1 := z*w mod q;
u2 := r*w mod q;
v := (((Power(g, u1) mod p)*(Power(y, u2) mod p)) mod p) mod q;
ifr=vthen
"Valid"
else
"Invalid"
end if
end proc:
Exercise 9.14
Write aMaple procedure to test the functions
DSASign
and
DSAVer
defined above. The procedure should pseudo-randomly generate a specified number
of either hex or ASCII-8 strings and, given valid DSA parameters and keys, compute
the corresponding signatures and verify that these signatures are valid.
Example 9.2
Let us consider the following messages:
> m1 := "This is a message to test DSA signatures":
m2 := "0123456789abcdef":
We are going to sign these messages and then to verify the corresponding sig-
natures, using the previously generated domain parameters
dparams
and the DSA
private key/public key pair
dsakey
. We will use the following 128-bit seeds to sign
each of these two messages:
> snseed1 := "c63520000514b5634cec92c4117f0f96":
snseed2 := "e0fa47e40a96a09a75856031c75e3a5b":
The signature corresponding to
m1
is the following:
> sig1 := DSASign(dparams, dsakey[1], m1, snseed1, messagetype = 'text');
["1f20ce2a492f6aab18dd84ce94f830a9e5fe9ffb1f4083d28d2f02b3d3daf940",
"2920ab94e04ccf5a3be78c3d64736bd6660f9f5f52ffef00e53f0e8e1fba53d3"]
On the other hand, the signature corresponding to the hexadecimal message
m2
is:
> sig2 := DSASign(dparams, dsakey[1], m2, snseed2);
["8854608fc498c17b19ce7eb3c8143d33663daf33865a6dcc6b303ba74bad298b",
"6a0e9e593373d071ace1bf9349b20861cea38f31e5426685cd69e67cb0f41051"]
