Welcome Ninjas. This blog will discuss the signature scheme concepts and their security requirements. Before proceeding with the topic, what does a signature specify in real life? They determine that whoever's signed it is responsible for it and agrees with the terms and conditions.

What if we want the same scheme for digital documents and messages? Here, we introduce the signature schemes. Let us get started!

Signature Schemes

A digital signature scheme protects a digital document from unauthorized access. A Digital Signature Scheme has two components

a private signing algorithm that permits a user to sign a message securely

a public verification algorithm that allows anyone to verify that the signature is authentic and verified.

A signature scheme forms a tuple (P, A, K, S, V) where:

P defines a finite set of possible messages

A represents a finite set of possible signatures

K represents a finite set of possible keys

For all k, there is a signature algorithm sigk in S and a verification algorithm verk in V such that:

sigk : P â†’ A

verk : P Ã— A â†’ {true,false}

verk(x,y) = true iff y=sigk (x)

A pair (x,y) that belongs to P Ã— A is called a signed message

We have various signing algorithms that bind a signature to a message or document so that the same signature can not be used to sign another document or modify the original message.

Security Requirements for Signature Schemes

Possible Attacks

Let's say we have two people, John and Tom. John is the signer, and Tom is the attacker.

Key only attack: In this, tom possesses or knows John's public key verification algorithm.

Known message attack: In this, Tom has a list of all the signed messages.

Chosen message attack: In this attack, Tom asks John for signatures on a list of messages.

Total break: Tom can access John's private signing algorithm.

Selective forgery: Tom can form a valid signature on a message with some nonnegligible probability.

Existential forgery: Tom can form a valid signature for at least one message.

Signature schemes are always used in collaboration with the Hash Functions. Hash functions condense an arbitrary length message to a fixed size.

We assume that the hash function is public and not private keyed. In a cryptographic hash function, we have:

Given message x

Produce digest h(x)

Sign digest h(x) to create (x,sigk(h(x)))

And to verify, we have- Get (x,y), Compute h(x), Check verk (h(x),y). The following are the requirements for a cryptographic hash function:

The input is of arbitrary length.

The output has a fixed length.

The hash function is easy to compute.

The hash function is one-way.

Two different messages can not produce the same hash value and hence is collision-free.

Now, let's discuss the Secure Hash Algorithm.

SHA - Secure Hash Algorithm

SHA and its successors, SHA-1, SHA-2, and SHA-3, are a part of the government standard hash functions.

SHA-1 - Like any hash function, it takes an arbitrary length input and produces a 160-bit message, and processes a message in 512-bit blocks.

SHA-2 was released to overcome the drawbacks of SHA-1. There are various versions/variants of it:

SHA-256 - produces a 256-bit message digest by using a 512-bit block size.

SHA-224 - a reduced version of the SHA-256, which produces a 224-bit digest by using a 512-bit block size.

SHA-512 - produces a 512-bit message digest using a 1,024-bit block size.

SHA-384 - a reduced version of the SHA-512 hash, which produces a 384-bit digest using a 1,024-bit block size.

SHA-3 was released in 2015, having a different structure than SHA-1 & SHA-2. SHA-3. It offers the same variants as SHA-2 but uses more secure algorithms.

Frequently Asked Questions

Give examples of digital signature algorithms.

Three algorithms that can be used as digital signatures are Key Generation Algorithms, Signing Algorithms, and Signature Verification Algorithms.

What do you mean by encryption and decryption?

Encryption means converting plaintext to ciphertext. Decryption is the opposite of encryption; it converts the ciphertext to plaintext.

What does a key signify in cryptography?

Key represents a set of bits used by cryptographic algorithms to decrypt a message or convert a ciphertext to plaintext.

Conclusion

We hope the blog helped you understand the concept of signature schemes and their security requirements.

If you found this blog interesting and insightful, refer to similar blogs: