Everything You Need to Know About DSA Algorithm

The Covid-19  pandemic has given a new life to the work-from-home initiative, taking the corporate world into an untapped phase. Without a doubt, most of the users reading this have had to digitally sign some official documents over the past couple of years because of the lack of face-to-face interaction and standard distance constraints. To maintain the authenticity and integrity of such documents holding critical information, the DSA Algorithm was proposed and passed as a global standard for verifying digital signatures.

Before moving forward with the algorithm, you will get a refresher on asymmetric encryption, since it verifies digital signatures according to asymmetric cryptography architecture, also known as public-key cryptography architecture.

FREE Course: Introduction to Cyber Security

Learn and master the basics of cybersecurityEnrol Now
FREE Course: Introduction to Cyber Security

What Is Asymmetric Encryption?

You utilize two distinct keys in asymmetric encryption methods, one for encryption and the other for decryption. You use the public key for encryption; meanwhile, you use the private key for decryption. However, you must generate both keys from the receiver’s end.

process.

Using separate keys for encryption and decryption, as seen in the figure above, has helped eliminate key exchange, as seen in the case of symmetric encryption.

For example, if Alice needs to send a message to Bob, both the private and public keys must belong to Bob.

alice.

The process for the above image is as follows:

  • Step 1: Alice first uses Bob’s public key to encrypt the message
  • Step 2: The encrypted message reaches Bob
  • Step 3: Bob decrypts the message with his secret key

This eliminates the requirement for the sender and recipient to exchange any secret keys, minimizing the window of opportunity for exploitation.

Now that you learned how asymmetric encryption happens, you will look at how the digital signature architecture is set up. 

What Are Digital Signatures?

The objective of digital signatures is to authenticate and verify documents and data. This is necessary to avoid tampering and digital modification or forgery during the transmission of official documents.

With one exception, they work on the public key cryptography architecture. Typically, an asymmetric key system encrypts using a public key and decrypts with a private key. For digital signatures, however, the reverse is true. The signature is encrypted using the private key and decrypted with the public key. Because the keys are linked, decoding it with the public key verifies that the proper private key was used to sign the document, thereby verifying the signature's provenance.

ds_process-DSA_Algorithm.

M - Plaintext

H - Hash function

h - Hash digest 

‘+’ - Bundle both plaintext and digest   

E - Encryption

D - Decryption

The image above shows the entire process, from the signing of the key to its verification. So, go through each step to understand the procedure thoroughly.

  • Step 1: M, the original message is first passed to a hash function denoted by H# to create a digest.
  • Step 2: Next, it bundles the message together with the hash digest h and encrypts it using the sender’s private key.
  • Step 3: It sends the encrypted bundle to the receiver, who can decrypt it using the sender’s public key.
  • Step 4: Once it decrypts the message, it is passed through the same hash function (H#), to generate a similar digest.
  • Step 5: It compares the newly generated hash with the bundled hash value received along with the message. If they match, it verifies data integrity.

There are two industry-standard ways to implement the above methodology. They are:

  1. RSA Algorithm
  2. DSA Algorithm

Both the algorithms serve the same purpose, but the encryption and decryption functions differ quite a bit. So, now that you understand how it is supposed to function while verifying the signature, let’s deep dive into our focus for today, the DSA Algorithm.

What Is the DSA Algorithm?

Digital Signatures Algorithm is a FIPS (Federal Information Processing Standard) for digital signatures. It was proposed in 1991 and globally standardized in 1994 by the National Institute of Standards and Technology (NIST). It functions on the framework of modular exponentiation and discrete logarithmic problems, which are difficult to compute as a force-brute system.

DSA Algorithm provides three benefits, which are as follows:

  • Message Authentication: You can verify the origin of the sender using the right key combination.
  • Integrity Verification: You cannot tamper with the message since it will prevent the bundle from being decrypted altogether.
  • Non-repudiation: The sender cannot claim they never sent the message if verifies the signature.

dsa-DSA_Algorithm

The image above shows the entire procedure of the DSA algorithm. You will use two different functions here, a signing function and a verification function. The difference between the image of a typical digital signature verification process and the one above is the encryption and decryption part. They have distinct parameters, which you will look into in the next section of this lesson on the DSA Algorithm.

PGP in Cyber Security With Modules From MIT SCC

Your Cyber Security Career Success Starts Here!View Course
PGP  in Cyber Security With Modules From MIT SCC

Steps in DSA Algorithm

Keeping the image above in mind, go ahead and see how the entire process works, starting from creating the key pair to verifying the signature at the end.

1. Key Generation

  • You first choose a prime number q, which is known as the prime divisor.
  • Another prime number, p, is chosen such that p-1 mod q = 0.
  • Choose an integer g (1<g<p), satisfying the two conditions, g**q mod p = 1 and g = h**((p–1)/q) mod p
  • x is our private key, and it is a random integer such that 0 < x < q.
  • y is our public key, and you can calculate it as y = gx mod p.
  • Now the private key package is {p,q,g,x}.
  • The public key package is {p,q,g,y}.

2. Signature Generation

  • It passes the original message (M) through the hash function (H#) to get our hash digest(h).
  • It passes the digest as input to a signing function, whose purpose is to give two variables as output, s, and r.
  • Apart from the digest, you also use a random integer k such that 0 < k < q.
  • To calculate the value of r, you use the formula r = (gk mod p) mod q.
  • To calculate the value of s, you use the formula s = [K-1(h+x . R)mod q].
  • It then packages the signature as {r,s}.
  • The entire bundle of the message and signature {M,r,s} are sent to the receiver.

3. Signature Verification 

  • You use the same hash function (H#) to generate the digest h.
  • You then pass this digest off to the verification function, which needs other variables as parameters too.
  • Compute the value of w such that: s*w mod q = 1
  • Calculate the value of u1 from the formula, u1 = h*w mod q
  • Calculate the value of u2 from the formula, u2 = r*w mod q
  • The final verification component v is calculated as v = [((gu1 . yu2) mod p) mod q].
  • It compares the value of v to the value of r received in the bundle.
  • If it matches, the signature verification is complete.

Having understood the functionality of the DSA Algorithm, you must know the advantages this algorithm offers over alternative standards like the RSA algorithm.

Advantages of DSA

advantages.

  • Highly Robust: DSA is highly robust in the security and stability aspect compared to alternative signature verification algorithms.
  • Better Speed: The key generation is much faster compared to the RSA algorithm and such.
  • Less Storage: DSA requires less storage space to work its entire cycle.
  • Patent Free: When NIST released it, it was patent-free to enable its global use free of cost.

This sums up our lesson on the DSA Algorithm.

Learn the types of attacks on a system, the techniques used, and more with the Certified Ethical Hacking Course. Enroll now!

How Can Simplilearn Help You?

Hope this article has helped you understand how vital digital signatures are in this digital age and the impact of cryptography in shaping the threat model of our corporate sector. This is, however, a small drop in the vast ocean that is cybersecurity, which is an industry that has a growing demand for trained professionals.

Simplilearn provides a "Cybersecurity Expert" course that will teach you all you need to know to get started in a cybersecurity profession or improve in one. The course is jam-packed with industry-leading learning topics to help you understand all you need to know before moving ahead in this field.

Conclusion

With this, you have understood the importance of asymmetric cryptography, the working of digital signatures, the functionality of DSA, the steps involved in the signature verification, and its advantages over similar counterparts. Hope this tutorial helped you understand the DSA algorithm.

Do you have any questions or queries regarding this article on the DSA algorithm? Please do let us know in the comment section of this tutorial, and we’d be happy to have our experts answer them for you.

About the Author

SimplilearnSimplilearn

Simplilearn is one of the world’s leading providers of online training for Digital Marketing, Cloud Computing, Project Management, Data Science, IT, Software Development, and many other emerging technologies.

View More
  • Disclaimer
  • PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.