Code360 powered by Coding Ninjas X Naukri.com. Code360 powered by Coding Ninjas X Naukri.com
Table of contents
1.
Introduction
2.
Signature Schemes
3.
Security Requirements for Signature Schemes
3.1.
Possible Attacks
3.2.
Hashing & Hash Functions
4.
Frequently Asked Questions
4.1.
Give examples of digital signature algorithms.
4.2.
What do you mean by encryption and decryption?
4.3.
What does a key signify in cryptography?
5.
Conclusion
Last Updated: Mar 27, 2024
Easy

Security Requirements for Signature Schemes

Author Komal
0 upvote
Master Python: Predicting weather forecasts
Speaker
Ashwin Goyal
Product Manager @

Introduction

Welcome Ninjas. This blog will discuss the signature scheme concepts and their security requirements. Before proceeding with the topic, what does a signature specify in real life? They determine that whoever's signed it is responsible for it and agrees with the terms and conditions.

Security Requirements for Signature Schemes

What if we want the same scheme for digital documents and messages? Here, we introduce the signature schemes. Let us get started!

Signature Schemes

A digital signature scheme protects a digital document from unauthorized access. A Digital Signature Scheme has two components

  • a private signing algorithm that permits a user to sign a message securely 
  • a public verification algorithm that allows anyone to verify that the signature is authentic and verified. 

A signature scheme forms a tuple (P, A, K, S, V) where:

  • P defines a finite set of possible messages 
  • A represents a finite set of possible signatures
  • K represents a finite set of possible keys 
signing docs

For all k, there is a signature algorithm sigk in S and a verification algorithm verk in V such that:

  • sigk : P → A
  • verk : P × A → {true,false} 
  • verk(x,y) = true iff y=sigk (x) 

 

A pair (x,y) that belongs to P × A is called a signed message

We have various signing algorithms that bind a signature to a message or document so that the same signature can not be used to sign another document or modify the original message.

Get the tech career you deserve, faster!
Connect with our expert counsellors to understand how to hack your way to success
User rating 4.7/5
1:1 doubt support
95% placement record
Akash Pal
Senior Software Engineer
326% Hike After Job Bootcamp
Himanshu Gusain
Programmer Analyst
32 LPA After Job Bootcamp
After Job
Bootcamp

Security Requirements for Signature Schemes

Possible Attacks

Let's say we have two people, John and Tom. John is the signer, and Tom is the attacker.

  1. Key only attack: In this, tom possesses or knows John's public key verification algorithm.
  2. Known message attack: In this, Tom has a list of all the signed messages.
  3. Chosen message attack: In this attack, Tom asks John for signatures on a list of messages.
  4. Total break: Tom can access John's private signing algorithm. 
  5. Selective forgery: Tom can form a valid signature on a message with some nonnegligible probability.
  6. Existential forgery: Tom can form a valid signature for at least one message.

Also read - active and passive attacks

Hashing & Hash Functions

Signature schemes are always used in collaboration with the Hash Functions. Hash functions condense an arbitrary length message to a fixed size.

encryption-decryption

We assume that the hash function is public and not private keyed. In a cryptographic hash function, we have:

  • Given message x
  • Produce digest h(x) 
  • Sign digest h(x) to create (x,sigk(h(x)))

 

And to verify, we have- Get (x,y), Compute h(x), Check verk (h(x),y). The following are the requirements for a cryptographic hash function:

  • The input is of arbitrary length.
  • The output has a fixed length.
  • The hash function is easy to compute.
  • The hash function is one-way.
  • Two different messages can not produce the same hash value and hence is collision-free.

 

Now, let's discuss the Secure Hash Algorithm.

SHA - Secure Hash Algorithm

SHA and its successors, SHA-1, SHA-2, and SHA-3, are a part of the government standard hash functions.

SHA-1 - Like any hash function, it takes an arbitrary length input and produces a 160-bit message, and processes a message in 512-bit blocks.

SHA-2 was released to overcome the drawbacks of SHA-1. There are various versions/variants of it:

  • SHA-256 - produces a 256-bit message digest by using a 512-bit block size.
  • SHA-224 - a reduced version of the SHA-256, which produces a 224-bit digest by using a 512-bit block size.
  • SHA-512 - produces a 512-bit message digest using a 1,024-bit block size.
  • SHA-384 - a reduced version of the SHA-512 hash, which produces a 384-bit digest using a 1,024-bit block size.
     

SHA-3 was released in 2015, having a different structure than SHA-1 & SHA-2. SHA-3. It offers the same variants as SHA-2 but uses more secure algorithms.

Frequently Asked Questions

Give examples of digital signature algorithms.

Three algorithms that can be used as digital signatures are Key Generation Algorithms, Signing Algorithms, and Signature Verification Algorithms.

What do you mean by encryption and decryption?

Encryption means converting plaintext to ciphertext. Decryption is the opposite of encryption; it converts the ciphertext to plaintext.

What does a key signify in cryptography?

Key represents a set of bits used by cryptographic algorithms to decrypt a message or convert a ciphertext to plaintext.

Conclusion

We hope the blog helped you understand the concept of signature schemes and their security requirements. 

If you found this blog interesting and insightful, refer to similar blogs:

Cryptography

Active Attack and Passive Attack 

Signature Schemes in cryptography

Difference between Public Key and Private Key

Refer to the Basics of C++ with Data StructureDBMS, and Operating System by Coding Ninjas, and keep practicing on our platform Coding Ninjas Studio. You can check out the mock test series on code studio.

You can also refer to our Guided Path on Coding Ninjas Studio to upskill yourself in domains like Data Structures and AlgorithmsCompetitive ProgrammingAptitude, and many more! Refer to the interview bundle if you want to prepare for placement interviews. Check out interview experiences to understand various companies' interview questions.

Give your career an edge over others by considering our premium courses!

Happy Learning!

 

Thankyou image

 

Previous article
RSA Signature Scheme in Cryptography
Next article
What are ElGamal Signature Schemes?
Live masterclass