Design of RSA Digital Signature Scheme Using A Novel Cryptographic Hash Algorithm

(1)

International Journal of Emerging Technology and Advanced Engineering

Website: www.ijetae.com (ISSN 2250-2459, ISO 9001:2008 Certified Journal, Volume 4, Issue 6, June 2014)

609

Design of RSA Digital Signature Scheme Using A Novel

Cryptographic Hash Algorithm

Venkateswara Rao Pallipamu

1

, Thammi Reddy K

2

, Suresh Varma P

3

1,3

Department of Computer Science, Adikavi Nannaya University, Rajahmundry 533105, Andhra Pradesh, India, 2_{Department of Computer Science and Engineering, GITAM University, Visakhapatnam 530045, Andhra Pradesh, India}

Abstract—Internet became a part of human life and these days online communication gained more popularity than traditional communication. Eventually paper based documents are replaced by electronic documents. Digital Signature is a security mechanism used to check the authenticity and integrity of an electronic document. It is also used to achieve non-repudiation service, which provides proof for sent or received messages. In this paper we propose a new digital signature scheme using a novel message digest algorithm, ‘Algorithm for Secure Hashing-160 (ASH-160)’. This proposed scheme has been implemented in java and the results are analyzed and compared with RSA digital signature scheme using SHA1 and RIPEMD160. The analysis of experimental results reveals an increase in security strength and slight improvement in the efficiency of RSA with ASH160 than the compared schemes.

Keywords— Cryptography, Authentication, Integrity and Non-repudiation, Message digest, Digital signature.

I. INTRODUCTION

Digital signature plays an important role in online communication. In these days most of the electronic documents are identified by the digital signature only. Digital signature is a branch of cryptography [2, 15, 16]. Cryptography is defined as secret writing. Cryptography mainly consists of symmetric key algorithms, asymmetric key algorithms and message digest algorithms. The asymmetric key and symmetric key differs from each other by number of keys. Single key is used in the symmetric key algorithm and two keys (public and private) are used in the asymmetric key algorithm [4]. Message digest algorithm is used to generate message digest of a given input message. Message digest is also called hash code or finger print of the input message [3]. Digital signature scheme is designed using two algorithms, one is asymmetric key or public key cryptographic algorithm and the other is message digest algorithm [7-10]. Symmetric key and asymmetric key cryptographic algorithms cannot provide any authentication mechanisms but they provide security to the information that may be either transmitted data or stored data. Broadly authentication mechanisms are categorized into two, data authentication and entity authentication.

The data authentication can be achieved by digital signature schemes. Digital signatures [5, 6,18] are used in most of the security applications and protocols and they also play an important role in every online communication which may be either personal or organizational communication.

II. OVERVIEW OF DIGITAL SIGNATURES

A. The Rivest-Shamir-Adleman (RSA)digital signature scheme

The RSA signature scheme is a deterministic digital signature scheme which facilitates message verification and recovery. For the RSA public-key encryption scheme the message space M and the cipher text space C are Zn= {0,1,2, ... ,n-1}.

Key generation

In RSA public key cryptosystems each user

a) Generates two large distinct random primes p and q,

b) Computes n = pq and Ф = (p-1)(q-1)

c) Selects a random integer e,1 < e < Ф, such that gcd(e,Ф) = 1

d) Computes the unique integer d,1 < d < Ф, such that ed ≡1 mod Ф

Now the public key of Alice (sender) is (n,e) and the private key is d.

Signature generation

To sign a message m Є M, Alice

a) Identifies m with a number ~ m in Zn through a map R : M → Zn.

b) Computes the signature s = ~ md mod n.

Verification

To verify the signature of Alice, Bob (receiver)

(2)

International Journal of Emerging Technology and Advanced Engineering

610

c) Verifies that ~ m Є M‘ where M‘ denotes the set of images of R. If it does not hold, the signature is rejected else recovers the message as m = R

-1_{(~ m).}

B. The Digital Signature Scheme (DSS)

The DSS makes use of the following parameters: a) p = a prime modulus, where 2L-1 < p < 2L for 512

and L for 1024 wherein L is multiple of 64 b) q = a prime divisor of p - 1, where 2159 < q < 2160 c) g = h(p-1)/q mod p, where h is any integer with 1< h<

p-1 such that h(p-1)/q mod p>1

(g has order q mod p)

d) x = a randomly or pseudo randomly generated integer with 0 < x < q

e) y = gx mod p

f) k = a randomly or pseudo randomly generated integer with 0 < k < q

The p, q, and g integers can be public or limited to a group of users. Private and public keys of a user are x and y respectively. They are normally fixed for a period of time. Parameters x and k are only used for signature generation and must be kept secret. Parameter k must be regenerated for each signature. Parameters p and q shall be generated by common methods or by using FIPS approved security methods. Parameters x and k shall be generated by the processes similar to that of p and q.

The signature of a message M is the pair of numbers r and s computed according to the equations below:

r = (gk mod p) mod q and s = (k-1(SHA-1(M) + xr)) mod q

In the above, k-1 is the multiplicative inverse of k, mod q; i.e., (k-1 k) mod q = 1 and 0 < k-1 < q. The value of SHA-1(M) is a 160-bit string output by the Secure Hash Algorithm specified in FIPS 180-1. For computing ‗s‘, this string must be converted to an integer. As an option, one may wish to check if r = 0 or s = 0. If either r = 0 or s = 0, a new value of k should be generated and the signature should be recalculated. It is extremely unlikely condition that r = 0 or s = 0 when signatures are generated properly. The signature is transmitted along with the message to the verifier.

Verification

Prior to verifying the signature in a signed message, p, q and g along with the sender's public key and identity are made available to the verifier in an authenticated manner.

Let M¢, r¢, and s¢ be the received versions of M, r and s respectively, and let y be the public key of the signatory. To verify the signature, the verifier first checks to see that 0 < r¢ < q and 0 < s¢ < q; if either condition is violated the signature shall be rejected. If these two conditions are satisfied, the verifier computes

w = (s¢)-1 mod q

u1 = ((SHA-1(M¢))w) mod q u2 = ((r¢)w) mod q

v = (((g)u1 (y)u2) mod p) mod q

If v = r¢, then the signature is verified and the verifier can have high confidence that the received message was sent by the party holding the secret key x corresponding to y. The v = r¢ when M¢ = M, r¢ = r, and s¢ = s. If v does not equal to r¢, then the message might have been modified, incorrectly signed by the signatory, or signed by an impostor. The message should be considered invalid.

C. The Elliptic Curve Digital Signature Algorithm (ECDSA)

This section describes the procedures to generate and verify the signatures using ECDSA[17].

Generation

To sign a message m, an entity ‗A‘ with domain parameters D=(q,FR,a,b,G,n,h) and associated key pair (d,Q) does the following:

a. Select a random or pseudorandom integer k,1<=k<=n-1

b. Compute kG=(x1,y1) and convert x1 to an integer x11

c. Compute r= x1 mod n. If r=0 then go to step 1

d. Compute k-1_{mod n}

e. Compute SHA-1(m) and convert this bit string to an integer e

f. Compute s= k-1 (e+dr) mod n . If s=0 then go to step 1

Signature of A for the message m is (r,s)

Verification

To verify A‘s signature (r,s) on m, B obtains an authentic copy of A‘s domain parameters D=(q,FR, a,b,G,n,h) and associated public key Q. It is recommended that B also validates D and Q. Then B does the following:

a. Verify that r and s are integers in the interval [1, n-1] b. Compute SHA-1 (m) and convert this bit string to an

integer e

c. Compute w=s-1 mod n

d. Compute u1=ew mod n and u2=rw mod n

(3)

International Journal of Emerging Technology and Advanced Engineering

611

f. If x=O, then reject the signature. Otherwise, convert the x-coordinate x1 of X to an integer x11 and compute

v= x1 mod n

Accept the signature if and only if v=r

D. The ELGamal Signature Scheme

The ELGamal signature scheme is a digital signature scheme which requires a hash function h: {0,1}* →Zp,

where p is large prime. In this scheme, the system parameters p, a are large prime numbers

g - a generator of Z*p

h- a secure collision free one-way hash function

xA- a random integer in (1,p-1), it works as secret key of Alice.

yA- where, yA= gxA mod p, works as the public key of Alice.

To sign a binary message m of arbitrary length, the user Alice selects a random integer k Є (1,p-1) such that gcd(k,p-1) = 1. Alice computes r = gk mod p and k-1 mod p-1. He further computes s = k-1[h(m) - xAr] mod p - 1.

Alice's signature for the message m is (r,s,m).

Verification

To verify the signature (r,s,m) Bob checks that: 1 < r < (p - 1) to accept a valid commitment r Computes v1= yArrs mod p

Computes h(m) and v2= gh(m) mod p The signature is valid if and only v1= v2

III. PROPOSED RSADIGITAL SIGNATURE SCHEME USING ASH160

The Algorithm for Secure Hashing-160 (ASH160) is a cryptographic hash algorithm, which was designed using co-ordinate geometry concepts. The algorithm ASH160 takes a message as input and produces a 160-bit message digest as output [1, 11-14]. Generation of digital signature using RSA and ASH160 as described below:

Key generation

a) Select two large prime numbers p,q(p≠q). b) Calculate n= p x q

c) Calculate ø(n) =(p-1)(q-1)

d) Select e, gcd(ø(n), e)=1 and 1<e< ø(n) e) Calculate d≡ e-1 mod ø(n)

Private key(K-PR)={e,n} and Public key(K-PU) ={d,n}

Signature Generation

In signature generation process first of all the message digest (MD) of a given input message (M) is found using ASH160 and encrypt (E) the message digest using public key cryptosystem with senders private key (K-PR), to obtain digital signature (DS) of input message.

[image:3.612.321.561.222.377.2]

DS=EK-PR (MD=H(M))

Fig 1. Digital Signature generation process

Signature Verification

Fig 2. Digital Signature Verification process

In signature verification process the received digital signature (DS) is decrypted by public key cryptosystem using public key (K-PU) of sender to obtain the message digest (MD).

MD=DK-PU (DS)

Where,

M=input message

[image:3.612.326.573.417.589.2]

(4)

International Journal of Emerging Technology and Advanced Engineering

612

DS=digital signature E=encryption

H=ASH160 hash algorithm MD=message digest D=decryption

||=concatenation operation

IV. RESULTS AND DISCUSSIONS

Here we provide comparative results of RSA digital signature scheme using ASH160, SHA1 and RIPEMD160. RSA encryption and decryption process uses 1024-bit key. The experiment results conclude that the encryption of RSA with ASH160 takes less time when compared to RSA with SHA1 and RIPEMD160. However a slight increase in decryption time with ASH160 may not be considered, since ASH160 is more secure than the SHA1 and RIPEMD160.

TABLEI

COMPARATIVE RESULTS OF RSA DIGITAL SIGNATURE SCHEME (1024

BITS KEY) USING ASH160,SHA1 AND RIPEMD160 Hash function Input message Message digest Encry ption time (ms) Decry ption time (ms) ASH 160

The quick

brown fox

jumps over

the lazy cog

bcd938376

53d808387

7e752dbf42

9b22415b7

9ee

13 423

The quick

brown fox

jumps over

the lazy dog

a4e4132a0

88a0aaa668

1caaa89def

e13c95548

cc

12 408

The quick

brown fox

jumps over

the lazy eog

4b32ac607

70fa13ea82

2716fef11o

f724a642b9

a

13 386

SHA1

The quick

brown fox

f6d047f68d

19c6e5eda6

17 411

jumps over

the lazy cog

9b1dd3f34

384356424

9f

The quick

brown fox

jumps over

the lazy dog

408d94384

216f890ff7

a0c3528e8

bed1e0b01

621

30 396

The quick

brown fox

jumps over

the lazy eog

2a78ace432

d92b905e9

15e4fb6006

bde1dc5b1

be

16 395

RIPEMD 160

The quick

brown fox

jumps over

the lazy cog

e17b58593

64bb9d15c

68a4685fe6

4cd5536e1

000

29 397

The quick

brown fox

jumps over

the lazy dog

fc850169b1

f2ce72e3f8

aa0aeb5ca8

7d6f8519c6

28 392

The quick

brown fox

jumps over

the lazy eog

d2984119c

22fbccf046

0d24d6a68

370e21bfee

d4

29 312

V. CONCLUSION

(5)

International Journal of Emerging Technology and Advanced Engineering

613

On the basis of experimental results we can conclude that RSA digital signature scheme using ASH160 consumes less CPU time while encryption process but a little bit more time in decryption process. But in the security point of view the ASH160 is stronger than the SHA1 and RIPEMD160 algorithms. This work show a path to design new message digests for digital signatures and also strengthen the existing hash algorithms by introducing new mathematical functions which takes less CPU time and withstand against security attacks.

REFERENCES

[1] Venkateswara Rao Pallipamu, Thammi Reddy K and Suresh Varma

P, 2014. ASH-160: A Novel Algorithm for Secure Hashing Using Geometric Concepts. Journal of Information Security and Applications, Elsevier, DOI: 10.1016/j.jisa.2014.05.001, in press.

[2] Rivest,R.,A.Shamir and L. Aldeman, 1978.A method for obtaining

digital signatures and public key cryptosystems. Communications of the ACM, 21:120-126.

[3] Diffie,W. and M.E. Hellman, 1978. New directions in cryptography.

IEEE Trans. Information Theory, IT-22: 472-492.

[4] Menezes, A., J. Van Oorshot and PCSA Vanstone, 1997. Handbook

of Applied Cryptography. CRC Press.

[5] J-S. Coron and D. Naccache, ―Security analysis of the

Gennaro-Halevi-Rabin signature scheme,‖ proc. Advances in Cryptology – Eurocrypt‘00,Lecture Notes in Computer Science vol.1807,pp.91-101,2000.

[6] D. Pointcheval and J.Stern,‖ Security arguments for digital

signatures and blind signatures,‖ Journal of Cryptology, vol.13,no.3,pp.361-396,2000.

[7] D. Boneh, I. Mironov and V. Shoup ,A Secure signatures scheme

from bilinear map,‖Proc. Topics in Cryptology-CT-RSA‘03,lecture notes in Computer Science , Vol.2612, pp.98-110,2003.

[8] J. Camenisch and A. Lysyanskaya,‖ A Signature scheme with

efficient protocols,‖ Proc. The 3rd_{Conference on Security in}

Communication Networks-SCN‘02, Lecture Notes in Computer Science vol.2576,pp.274-295,2003.

[9] C.H.Tan,‖ Key substitution attacks on some provable secure

signature schemes,‖ IEICE Trans. On Fundamentals, vol.E87-A, no.1,pp.226-227, Jan. 2004.

[10] C.H.Tan,‖ Key substitution attacks on provably secure signature

schemes,‖ IEICE Trans. On Fundamentals, vol.E88-A, no.2,pp.611-612, Feb. 2005.

[11] S. F. Tzeng, and M.S. Hwang, ―A new digital signature scheme

based on factoring and discrete logarithms,‖ International journal of computer mathematics,vol.81,no.1, pp.9-14,2004.

[12] M. Ayoub Khan and Y.P.Singh,‖ On the Security of Joint Signature

[13] Chuanhua Zhou, Baohua Zhao,Gemei Zhu and Wei Wei,‖Study of

[14] S.R.Subramanya and Byung K.YI.,‖ Digital Signatures‖,

[15] Mikko T.Siponen and Harri Oinas-Kukkonen,‖ Areview of

Information Security Issues and Respective Research

Contributions‖, The DATA BASE for Advances in Information Systems.vol.38.Number 1, February 2007.

[16] Hu Chaoju and Wang Xuning,‖ Zero Watermark Protocol Based on

[17] Deng Jian-zhi, Cheng Xiao-hui and Gui Qiong,‖ Design of Hyper

[18] Iuon-Chang Lin, Hsing-Leiwang, An Improved Digital Signature