The DSS (Digital Signature Standard) algorithm makes use of the following
parameters:
- p: A prime modulus, where
2L-1 < p < 2L
for 512 <= L <= 1024
and L
a
multiple of 64
.
- q: A prime divisor of
p - 1
, where 2159
< q < 2160
.
- g: Where
g = h(p-1)/q mod p
, where
h
is any integer with 1 < h < p - 1
such
that h (p-1)/q mod p > 1
(g
has order
q mod p
).
- x: A randomly or pseudorandomly generated integer with
0 < x
< q
.
- y:
y = gx mod p
.
- k: A randomly or pseudorandomly generated integer with
0 < k
< q
.
The integers
p
,
q
, and
g
can be
public and can be common to a group of users. A user's private and public
keys are
x
and
y
, respectively. They are normally
fixed for a period of time. Parameters
x
and
k
are
used for signature generation only, and must be kept secret. Parameter
k
must be regenerated for each signature.
The signature of a message
M
is the pair of numbers
r
and
s
computed according to the equations below:
r = (gk mod p) mod q
and
s = (k-1(SHA(M) + xr)) mod q
.
In the above,
k-1
is the multiplicative inverse of
k
,
mod q
; i.e.,
(k-1 k) mod q = 1
and
0 < k-1 < q
. The value of
SHA(M)
is a 160-bit string output by the Secure Hash Algorithm specified in FIPS 180.
For use in computing
s
, this string must be converted to an
integer.
As an option, one may wish to check if
r == 0
or
s == 0
. If either
r == 0
or
s == 0
, a new value
of
k
should be generated and the signature should be
recalculated (it is extremely unlikely that
r == 0
or
s ==
0
if signatures are generated properly).
The signature is transmitted along with the message to the verifier.
References:
- Digital
Signature Standard (DSS), Federal Information Processing Standards
Publication 186. National Institute of Standards and Technology.
clone
public Object clone()
Returns a clone copy of this instance.
- clone in interface ISignature
- clone in interface BaseSignature
- a clone copy of this instance.
generateSignature
protected Object generateSignature()
throws IllegalStateException
- generateSignature in interface BaseSignature
setupForSigning
protected void setupForSigning(PrivateKey k)
throws IllegalArgumentException
- setupForSigning in interface BaseSignature
setupForVerification
protected void setupForVerification(PublicKey k)
throws IllegalArgumentException
- setupForVerification in interface BaseSignature
sign
public static final BigInteger[] sign(DSAPrivateKey k,
byte[] h)
sign
public static final BigInteger[] sign(DSAPrivateKey k,
byte[] h,
Random rnd)
sign
public static final BigInteger[] sign(DSAPrivateKey k,
byte[] h,
IRandom irnd)
verify
public static final boolean verify(DSAPublicKey k,
byte[] h,
BigInteger[] rs)
verifySignature
protected boolean verifySignature(Object sig)
throws IllegalStateException
- verifySignature in interface BaseSignature