Digital Signature Standard: Detecting Forgery and Tampering of Digital Signatures

02 Aug

Digital Signature Standard (DSS) is basically a digital signature algorithm (DSA) which is developed by the U.S. National Security Agency (NSA) to generate a digital signature for authenticating the electronic documents. DSS was introduced by the National Institute of Standards and Technology (NIST) IN 1994, and has turned out to be the U.S. Government standard for authenticating the electronic documents.

DSA refers to a pair of large numbers that are calculated as per the specified algorithm within the parameters that allow the authentication of the signatory, and as a result, the integrity of the data attached. Digital signatures are generated with the help of DSA and verified too. Signatures are created in conjunction with the use of a private key; verification takes place in reference to a corresponding public key. Each of the signatory has its own paired public and private keys. Since a digital signature can only be created by an authorized person using their private key, the corresponding public key can be used by anyone to validate the signature.

THE Digital Signature Standard Approach 

Digital Signature Standard makes use of an algorithm designed to provide the digital signature function. Unlike RSA, it cannot be utilized for the sake of encryption or key exchange. Nonetheless, it is a public-key technique.

When we talk about the RSA approach, the message to be signed is input to a hash function that generates a secure hash code of fixed length. This hash code is then further encrypted using the sender’s private key to form the signature. Both the message and the signature are then finally transmitted. The recipient received the message and produces hash code. Moreover, the recipient also decrypts the signature using the public key of the sender. If the calculated hash code matches with the decrypted signature, the signature is then accepted as valid. Since only the sender knows about the private key, only the sender could have produced a valid signature.

On the contrary, the DSS approach also makes use of a hash function. The hash code is provided as an input to a signature function together with a random number k generated for this particular signature. The signature function also depends on the sender’s private key and set of parameters known to a group of communicating principals. At the receiving end, the hash code of the incoming message gets generated. The hash code together with the signature is input to a verification function. The verification function also depends on the global public key as well as the sender’s public key which is further paired with the private key of the sender. The output of the verification function is basically a value that is equal to the signature component if the signature is valid. The signature function is such that only the sender, with knowledge of the private key, could have generated the valid signature.

The following figure depicts the DSS and RSA approach:

Understanding the Digital Signature

Compared to a handwritten signature, a digital signature is much more difficult to forge as long as the keys used to create it are kept safe. However, when applied to a document created with your PDF software, the digital signature includes a graphical representation of your signature in your own hand writing, common name of your choosing, the location where you signed the document together with a time stamp showing the date and time you applied the signature, thus creating an official record of this very event. Hence, pairing all such features with the capability of creating electronic documents that do not require any printing provides businesses with a cost-effective and complete solution for their electronic document requirements. The Digital Signature Standard also ensures non-rejection with respect to the signatures and provides a shield for scam prevention and tracking of the digitally signed documents.

* The email will not be published on the website.