Design of RSA Digital Signature Scheme Using A Novel Cryptographic Hash Algorithm

(1)

International Journal of Emerging Technology and Advanced Engineering

Website: www.ijetae.com (ISSN 2250-2459, ISO 9001:2008 Certified Journal, Volume 4, Issue 6, June 2014)

609

Design of RSA Digital Signature Scheme Using A Novel

Cryptographic Hash Algorithm

Venkateswara Rao Pallipamu

1

, Thammi Reddy K

2

, Suresh Varma P

3 1,3

Department of Computer Science, Adikavi Nannaya University, Rajahmundry 533105, Andhra Pradesh, India,

2_{Department of Computer Science and Engineering, GITAM University, Visakhapatnam 530045, Andhra Pradesh, India}

Abstract— Internet became a part of human life and these days online communication gained more popularity than traditional communication. Eventually paper based documents are replaced by electronic documents. Digital Signature is a security mechanism used to check the authenticity and integrity of an electronic document. It is also used to achieve non-repudiation service, which provides proof for sent or received messages. In this paper we propose a new digital signature scheme using a novel message digest algorithm, ‘Algorithm for Secure Hashing-160 (ASH-160)’. This proposed scheme has been implemented in java and the results are analyzed and compared with RSA digital signature scheme using SHA1 and RIPEMD160. The analysis of experimental results reveals an increase in security strength and slight improvement in the efficiency of RSA with ASH160 than the compared schemes.

Keywords— Cryptography, Authentication, Integrity and Non-repudiation, Message digest, Digital signature.

I. INTRODUCTION

Digital signature plays an important role in online communication. In these days most of the electronic documents are identified by the digital signature only. Digital signature is a branch of cryptography [2, 15, 16]. Cryptography is defined as secret writing. Cryptography mainly consists of symmetric key algorithms, asymmetric key algorithms and message digest algorithms. The asymmetric key and symmetric key differs from each other by number of keys. Single key is used in the symmetric key algorithm and two keys (public and private) are used in the asymmetric key algorithm [4]. Message digest algorithm is used to generate message digest of a given input message. Message digest is also called hash code or finger print of the input message [3]. Digital signature scheme is designed using two algorithms, one is asymmetric key or public key cryptographic algorithm and the other is message digest algorithm [7-10]. Symmetric key and asymmetric key cryptographic algorithms cannot provide any authentication mechanisms but they provide security to the information that may be either transmitted data or stored data. Broadly authentication mechanisms are categorized into two, data authentication and entity authentication.

The data authentication can be achieved by digital signature schemes. Digital signatures [5, 6,18] are used in most of the security applications and protocols and they also play an important role in every online communication which may be either personal or organizational communication.

II. OVERVIEW OF DIGITAL SIGNATURES

A. The Rivest-Shamir-Adleman (RSA)digital signature scheme

The RSA signature scheme is a deterministic digital signature scheme which facilitates message verification and recovery. For the RSA public-key encryption scheme the message space M and the cipher text space C are Zn= {0,1,2, ... ,n-1}.

Key generation

In RSA public key cryptosystems each user

a) Generates two large distinct random primes p and q,

b) Computes n = pq and Ф = (p-1)(q-1)

c) Selects a random integer e,1 < e < Ф, such that gcd(e,Ф) = 1

d) Computes the unique integer d,1 < d < Ф, such that ed ≡1 mod Ф

Now the public key of Alice (sender) is (n,e) and the private key is d.

Signature generation

To sign a message m Є M, Alice

a) Identifies m with a number ~ m in Zn through a map R : M → Zn.

b) Computes the signature s = ~ md mod n.

Verification

To verify the signature of Alice, Bob (receiver) a) Chooses the public key (e,n) of Alice. b) Computes ~ m = se mod n.

(2)

International Journal of Emerging Technology and Advanced Engineering

610 c) Verifies that ~ m Є M‘ where M‘ denotes the set

of images of R. If it does not hold, the signature is rejected else recovers the message as m = R

-1_{(~ m).}

B. The Digital Signature Scheme (DSS)

The DSS makes use of the following parameters: a) p = a prime modulus, where 2L-1 < p < 2L for 512

and L for 1024 wherein L is multiple of 64 b) q = a prime divisor of p - 1, where 2159 < q < 2160 c) g = h(p-1)/q mod p, where h is any integer with 1< h<

p-1 such that h(p-1)/q mod p>1 (g has order q mod p)

d) x = a randomly or pseudo randomly generated integer with 0 < x < q

e) y = gx mod p

f) k = a randomly or pseudo randomly generated integer with 0 < k < q

The p, q, and g integers can be public or limited to a group of users. Private and public keys of a user are x and y respectively. They are normally fixed for a period of time. Parameters x and k are only used for signature generation and must be kept secret. Parameter k must be regenerated for each signature. Parameters p and q shall be generated by common methods or by using FIPS approved security methods. Parameters x and k shall be generated by the processes similar to that of p and q.

The signature of a message M is the pair of numbers r and s computed according to the equations below:

r = (gk mod p) mod q and s = (k-1(SHA-1(M) + xr)) mod q

In the above, k-1 is the multiplicative inverse of k, mod q; i.e., (k-1 k) mod q = 1 and 0 < k-1 < q. The value of SHA-1(M) is a 160-bit string output by the Secure Hash Algorithm specified in FIPS 180-1. For computing ‗s‘, this string must be converted to an integer. As an option, one may wish to check if r = 0 or s = 0. If either r = 0 or s = 0, a new value of k should be generated and the signature should be recalculated. It is extremely unlikely condition that r = 0 or s = 0 when signatures are generated properly. The signature is transmitted along with the message to the verifier.

Verification

Prior to verifying the signature in a signed message, p, q and g along with the sender's public key and identity are made available to the verifier in an authenticated manner.

Let M¢, r¢, and s¢ be the received versions of M, r and s respectively, and let y be the public key of the signatory. To verify the signature, the verifier first checks to see that 0 < r¢ < q and 0 < s¢ < q; if either condition is violated the signature shall be rejected. If these two conditions are satisfied, the verifier computes

w = (s¢)-1 mod q

u1 = ((SHA-1(M¢))w) mod q u2 = ((r¢)w) mod q

v = (((g)u1 (y)u2) mod p) mod q

If v = r¢, then the signature is verified and the verifier can have high confidence that the received message was sent by the party holding the secret key x corresponding to y. The v = r¢ when M¢ = M, r¢ = r, and s¢ = s. If v does not equal to r¢, then the message might have been modified, incorrectly signed by the signatory, or signed by an impostor. The message should be considered invalid.

C. The Elliptic Curve Digital Signature Algorithm (ECDSA)

This section describes the procedures to generate and verify the signatures using ECDSA[17].

Generation

To sign a message m, an entity ‗A‘ with domain parameters D=(q,FR,a,b,G,n,h) and associated key pair (d,Q) does the following:

a. Select a random or pseudorandom integer k,1<=k<=n-1

b. Compute kG=(x1,y1) and convert x1 to an integer x11

c. Compute r= x1 mod n. If r=0 then go to step 1

d. Compute k-1 mod n

e. Compute SHA-1(m) and convert this bit string to an integer e

f. Compute s= k-1 (e+dr) mod n . If s=0 then go to step 1

Signature of A for the message m is (r,s)

Verification

To verify A‘s signature (r,s) on m, B obtains an authentic copy of A‘s domain parameters D=(q,FR, a,b,G,n,h) and associated public key Q. It is recommended that B also validates D and Q. Then B does the following:

a. Verify that r and s are integers in the interval [1, n-1] b. Compute SHA-1 (m) and convert this bit string to an

integer e

c. Compute w=s-1 mod n

d. Compute u1=ew mod n and u2=rw mod n e. Compute x=u1G + u2Q

(3)

International Journal of Emerging Technology and Advanced Engineering

611 f. If x=O, then reject the signature. Otherwise, convert

the x-coordinate x1 of X to an integer x11 and compute

v= x1 mod n

Accept the signature if and only if v=r

D. The ELGamal Signature Scheme

The ELGamal signature scheme is a digital signature scheme which requires a hash function h: {0,1}* →Zp,

where p is large prime. In this scheme, the system parameters p, a are large prime numbers

g - a generator of Z*p

h- a secure collision free one-way hash function

xA- a random integer in (1,p-1), it works as secret key of Alice.

yA- where, yA= gxA mod p, works as the public key of Alice.

To sign a binary message m of arbitrary length, the user Alice selects a random integer k Є (1,p-1) such that gcd(k,p-1) = 1. Alice computes r = gk mod p and k-1 mod p-1. He further computes s = k-1[h(m) - xAr] mod p - 1.

Alice's signature for the message m is (r,s,m).

Verification

To verify the signature (r,s,m) Bob checks that: 1 < r < (p - 1) to accept a valid commitment r Computes v1= yArrs mod p

Computes h(m) and v2= gh(m) mod p The signature is valid if and only v1= v2

III. PROPOSED RSADIGITAL SIGNATURE SCHEME USING ASH160

The Algorithm for Secure Hashing-160 (ASH160) is a cryptographic hash algorithm, which was designed using co-ordinate geometry concepts. The algorithm ASH160 takes a message as input and produces a 160-bit message digest as output [1, 11-14]. Generation of digital signature using RSA and ASH160 as described below:

Key generation

a) Select two large prime numbers p,q(p≠q). b) Calculate n= p x q

c) Calculate ø(n) =(p-1)(q-1)

d) Select e, gcd(ø(n), e)=1 and 1<e< ø(n) e) Calculate d≡ e-1 mod ø(n)

Private key(K-PR)={e,n} and Public key(K-PU) ={d,n}

Signature Generation

In signature generation process first of all the message digest (MD) of a given input message (M) is found using ASH160 and encrypt (E) the message digest using public key cryptosystem with senders private key (K-PR), to obtain digital signature (DS) of input message.

DS=EK-PR (MD=H(M))

Fig 1. Digital Signature generation process

Signature Verification

Fig 2. Digital Signature Verification process

In signature verification process the received digital signature (DS) is decrypted by public key cryptosystem using public key (K-PU) of sender to obtain the message digest (MD).

MD=DK-PU (DS)

Where,

M=input message

(4)

International Journal of Emerging Technology and Advanced Engineering

612 DS=digital signature

E=encryption

H=ASH160 hash algorithm MD=message digest D=decryption

||=concatenation operation

IV. RESULTS AND DISCUSSIONS

Here we provide comparative results of RSA digital signature scheme using ASH160, SHA1 and RIPEMD160. RSA encryption and decryption process uses 1024-bit key. The experiment results conclude that the encryption of RSA with ASH160 takes less time when compared to RSA with SHA1 and RIPEMD160. However a slight increase in decryption time with ASH160 may not be considered, since ASH160 is more secure than the SHA1 and RIPEMD160.

TABLEI

COMPARATIVE RESULTS OF RSA DIGITAL SIGNATURE SCHEME (1024

BITS KEY) USING ASH160,SHA1 AND RIPEMD160

Hash function Input message Message digest Encry ption time (ms) Decry ption time (ms) ASH 160 The quick brown fox jumps over the lazy cog

bcd938376 53d808387 7e752dbf42 9b22415b7 9ee 13 423 The quick brown fox jumps over the lazy dog

a4e4132a0 88a0aaa668 1caaa89def e13c95548 cc 12 408 The quick brown fox jumps over the lazy eog

4b32ac607 70fa13ea82 2716fef11o f724a642b9 a 13 386 SHA1 The quick brown fox f6d047f68d 19c6e5eda6 17 411 jumps over the lazy cog

9b1dd3f34 384356424 9f The quick brown fox jumps over the lazy dog

408d94384 216f890ff7 a0c3528e8 bed1e0b01 621 30 396 The quick brown fox jumps over the lazy eog

2a78ace432 d92b905e9 15e4fb6006 bde1dc5b1 be 16 395 RIPEMD 160 The quick brown fox jumps over the lazy cog

e17b58593 64bb9d15c 68a4685fe6 4cd5536e1 000 29 397 The quick brown fox jumps over the lazy dog

fc850169b1 f2ce72e3f8 aa0aeb5ca8 7d6f8519c6 28 392 The quick brown fox jumps over the lazy eog

d2984119c 22fbccf046 0d24d6a68 370e21bfee d4 29 312 V. CONCLUSION

This paper describes RSA digital signature scheme using ASH160, SHA1 and RIPEMD160. The experimentation is done on three different data values, which differ by a bit alone.

(5)

International Journal of Emerging Technology and Advanced Engineering

613 On the basis of experimental results we can conclude that RSA digital signature scheme using ASH160 consumes less CPU time while encryption process but a little bit more time in decryption process. But in the security point of view the ASH160 is stronger than the SHA1 and RIPEMD160 algorithms. This work show a path to design new message digests for digital signatures and also strengthen the existing hash algorithms by introducing new mathematical functions which takes less CPU time and withstand against security attacks.

REFERENCES

[1] Venkateswara Rao Pallipamu, Thammi Reddy K and Suresh Varma P, 2014. ASH-160: A Novel Algorithm for Secure Hashing Using Geometric Concepts. Journal of Information Security and Applications, Elsevier, DOI: 10.1016/j.jisa.2014.05.001, in press. [2] Rivest,R.,A.Shamir and L. Aldeman, 1978.A method for obtaining

digital signatures and public key cryptosystems. Communications of the ACM, 21:120-126.

[3] Diffie,W. and M.E. Hellman, 1978. New directions in cryptography. IEEE Trans. Information Theory, IT-22: 472-492.

[4] Menezes, A., J. Van Oorshot and PCSA Vanstone, 1997. Handbook of Applied Cryptography. CRC Press.

[5] J-S. Coron and D. Naccache, ―Security analysis of the Gennaro-Halevi-Rabin signature scheme,‖ proc. Advances in Cryptology – Eurocrypt‘00,Lecture Notes in Computer Science vol.1807,pp.91-101,2000.

[6] D. Pointcheval and J.Stern,‖ Security arguments for digital signatures and blind signatures,‖ Journal of Cryptology, vol.13,no.3,pp.361-396,2000.

[7] D. Boneh, I. Mironov and V. Shoup ,A Secure signatures scheme from bilinear map,‖Proc. Topics in Cryptology-CT-RSA‘03,lecture notes in Computer Science , Vol.2612, pp.98-110,2003.

[8] J. Camenisch and A. Lysyanskaya,‖ A Signature scheme with efficient protocols,‖ Proc. The 3rd_{Conference on Security in}

Communication Networks-SCN‘02, Lecture Notes in Computer Science vol.2576,pp.274-295,2003.

[9] C.H.Tan,‖ Key substitution attacks on some provable secure signature schemes,‖ IEICE Trans. On Fundamentals, vol.E87-A, no.1,pp.226-227, Jan. 2004.

[10] C.H.Tan,‖ Key substitution attacks on provably secure signature schemes,‖ IEICE Trans. On Fundamentals, vol.E88-A, no.2,pp.611-612, Feb. 2005.

[11] S. F. Tzeng, and M.S. Hwang, ―A new digital signature scheme based on factoring and discrete logarithms,‖ International journal of computer mathematics,vol.81,no.1, pp.9-14,2004.

[15] Mikko T.Siponen and Harri Oinas-Kukkonen,‖ Areview of Information Security Issues and Respective Research Contributions‖, The DATA BASE for Advances in Information Systems.vol.38.Number 1, February 2007.