The Digital Signature Algorithm (DSA) can be used by the recipient of a message to verify that the message has not been altered during transit as well as ascertain the originator’s identity. A digital signature is an electronic version of a written signature in that the digital signature can be used in proving to the recipient or a third party that the message was, in fact, signed by the originator. Digital signatures may also be generated for stored data and programs so that the integrity of the data and programs may be verified at any later time.
Digital Signature Generation and Verification
The DSA is used by a signatory to generate a digital signature on data and by a verifier to verify the authenticity of the signature. Each signatory has a public and private key. The private key is used in the signature generation process and the public key is used in the signature verification process. For both signature generation and verification, the data (which is referred to as a message) is reduced by means of the Secure Hash Algorithm (SHA) specified in FIPS 180-1. An adversary, who does not know the private key of the signatory, cannot generate the correct signature of the signatory. In other words, signatures cannot be forged. However, by using the signatory’s public key, anyone can verify a correctly signed message.
The Digital Signature Algorithm is a United States Federal Government standard for digital signatures. DSA was proposed by the National Institute of Standards and Technology (NIST) in August 1991 for use in their Digital Signature Standard (DSS), specified in FIPS 186. A minor revision was issued as FIPS 186-1, and the standard was expanded further as FIPS 186-2. DSA , as described in U.S. Patent 5,231,668, is attributed to David W. Kravitz, a former National Security Agency (NSA) employee. The NIST has made this patent available world-wide royalty-free. The standard continues to be revised and updated periodically by NIST.
VOCAL’s DSA implementation is available in several forms. The forms include pure optimized software and varying levels of hardware complexity utilizing UDI instructions for improved performance. When special assistance hardware is not available, operations are implemented via software.
- Secure Hash Algorithm
- Reference Designs
- Communication Security Software
- Communication Security Research