Digital Signature Algorithm (DSA)是Schnorr和ElGamal簽名算法的變種,被美國(guó)NIST作為DSS(DigitalSignature Standard)。算法中應(yīng)用了下述參數(shù):
p:L bits長(zhǎng)的素?cái)?shù)。L是64的倍數(shù),范圍是512到1024;
q:p - 1的160bits的素因子;
g:g = h^((p-1)/q) mod p,h滿足h < p - 1, h^((p-1)/q) mod p > 1;
x:x < q,x為私鑰 ;
y:y = g^x mod p ,( p, q, g, y )為公鑰;
H( x ):One-Way Hash函數(shù)。DSS中選用SHA( Secure Hash Algorithm )。
p, q, g可由一組用戶共享,但在實(shí)際應(yīng)用中,使用公共模數(shù)可能會(huì)帶來(lái)一定的威脅。簽名及驗(yàn)證協(xié)議如下:
1. P產(chǎn)生隨機(jī)數(shù)k,k < q;
2. P計(jì)算 r = ( g^k mod p ) mod q
s = ( k^(-1) (H(m) + xr)) mod q
簽名結(jié)果是( m, r, s )。
3. 驗(yàn)證時(shí)計(jì)算 w = s^(-1)mod q
u1 = ( H( m ) * w ) mod q
u2 = ( r * w ) mod q
v = (( g^u1 * y^u2 ) mod p ) mod q
若v = r,則認(rèn)為簽名有效。
DSA是基于整數(shù)有限域離散對(duì)數(shù)難題的,其安全性與RSA相比差不多。DSA的一個(gè)重要特點(diǎn)是兩個(gè)素?cái)?shù)公開(kāi),這樣,當(dāng)使用別人的p和q時(shí),即使不知道私鑰,你也能確認(rèn)它們是否是隨機(jī)產(chǎn)生的,還是作了手腳。RSA算法卻作不到。
標(biāo)簽:
Algorithm
Signature
Digital
Schnorr
上傳時(shí)間:
2014-01-01
上傳用戶:qq521
密碼學(xué)界牛人Victor Shoup用C++編寫(xiě)數(shù)論類(lèi)庫(kù)。
NTL is a high-performance, portable C++ library providing data structures and algorithms for arbitrary length integers for vectors, matrices, and polynomials over the integers and over finite fields and for arbitrary precision floating point arithmetic.
NTL provides high quality implementations of state-of-the-art algorithms for:
* arbitrary length integer arithmetic and arbitrary precision floating point arithmetic
* polynomial arithmetic over the integers and finite fields including basic arithmetic, polynomial factorization, irreducibility testing, computation of minimal polynomials, traces, norms, and more
* lattice basis reduction, including very robust and fast implementations of Schnorr-Euchner, block Korkin-Zolotarev reduction, and the new Schnorr-Horner pruning heuristic for block Korkin-Zolotarev
* basic linear algebra over the integers, finite fields, and arbitrary precision floating point numbers.
標(biāo)簽:
high-performance
providing
portable
library
上傳時(shí)間:
2014-01-04
上傳用戶:exxxds