?
Solved

Signatures

Posted on 2003-02-19
12
Medium Priority
?
569 Views
Last Modified: 2010-04-11
Can anyone tell me how to build a signature with the following format:

// Signature part R:
...(10 hex DWORD values)
// Signature part S:
...(10 hex DWORD values)
// Signature part R:
...(10 hex DWORD values)
// Signature part S:
...(10 hex DWORD values)
// BIG p
...
// BIG q
...
// BIG g
...
// BIG y
...

Thanks

bukko
0
Comment
Question by:bukko
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
12 Comments
 
LVL 3

Expert Comment

by:nouellette
ID: 7982274
what kind of signature?  

More information is needed about your project, code needed and what you are attempting to do here.  

Not to mention what you're asking could be misconstrewed as a virus by some.

0
 
LVL 8

Author Comment

by:bukko
ID: 7982638

Fair comment.
The signature is based on a DSA type private key, which I have.
I can create the usual kind of signature using the MS Crypto API, but the kind I need is in the format shown above. The problem is, I don't know what all the bits mean, or how to get them, etc.
I'm working in a Win32 development environment, so ideally I need a Win32 component or VB/C++ code which will produce this structure. Failing that, a description of what each part of the signature is will help!

Thanks

bukko
0
 
LVL 2

Accepted Solution

by:
Jason_Deckard earned 1200 total points
ID: 7982715
Bukko,

Those variables look familar :)  I found this information in FIPS 186-2, which I believe to me the most recent version of the Digital Signature Standard:

======================================
The DSA makes use of the following parameters:

1. p = a prime modulus, where 2L-1 < p < 2L for 512 £ L £ 1024 and L a multiple of 64
2. q = a prime divisor of p - 1, where 2159 < q < 2160
3. g = h(p-1)/q mod p, where h is any integer with 1 < h < p - 1 such that h(p-1)/q mod p > 1 (g has order q mod p)
4. x = a randomly or pseudorandomly generated integer with 0 < x < q
5. y = gx mod p
6. k = a randomly or pseudorandomly generated integer with 0 < k < q
The integers p, q, and g can be public and can be common to a group of users. A user's private and public keys are x and y, respectively. They are normally fixed for a period of time. Parameters x and k are used for signature generation only, and must be kept secret. Parameter k must be regenerated for each signature.
Parameters p and q shall be generated as specified in Appendix 2, or using other FIPS approved security methods. Parameters x and k shall be generated as specified in Appendix 3, or using other FIPS approved security methods.

The signature of a message M is the pair of numbers r and s computed according to the equations below:

r = (gk mod p) mod q and
s = (k-1(SHA-1(M) + xr)) mod q.
In the above, k-1 is the multiplicative inverse of k, mod q; i.e., (k-1 k) mod q = 1 and 0 < k-1 < q. The value of SHA-1(M) is a 160-bit string output by the Secure Hash Algorithm specified in FIPS 180-1.
For use in computing s, this string must be converted to an integer. The conversion rule is given in Appendix 2.2.
As an option, one may wish to check if r = 0 or s = 0. If either r = 0 or s = 0, a new value of k should be generated and the signature should be recalculated (it is extremely unlikely that r = 0 or s = 0 if signatures are generated properly).
======================================

Although that defines the variables you mentioned, as well as how they are used to create M, you may still want to check the entire document: http://palms.ee.princeton.edu/fiskiran/repository/unclassified/nist00fips.pdf

Best of luck,
Jason Deckard
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 
LVL 2

Expert Comment

by:Jason_Deckard
ID: 7982739
Correction: M is the plain text message.  The DSA does not derive M.  The last sentence in my original reply indicates otherwise.  Sorry for any confusion.
0
 
LVL 8

Author Comment

by:bukko
ID: 7982765

Thanks Jason, and thanks especially for your second post; I would have been confused otherwise!!! :)

A couple of questions still remain:
(1) Is it ok to swear on this site?
(2) Does anyone know of a component which will produce the above, otherwsise I've got more work to do that my brain can handle.

If anyone can help any further on this, I don't mind upping the points!

Regards - and thanks again

bukko
0
 
LVL 2

Expert Comment

by:Jason_Deckard
ID: 7982800
Bukko,

(1) From time to time we wish it were :)

(2) Download the OpenSSL library source code from http://openssl.org/ and review their implementation of DSA.  It is likely that their implementation of large numbers differs from yours, but the premise is the same.  With a decent set of functions to manipulate your large numbers, you should be able to pull this off rather painlessly.

-Jason
0
 
LVL 2

Expert Comment

by:Jason_Deckard
ID: 7982868
If you decide to review the OpenSSL code, you will find the creation of variables (p, q, g, etc) in dsa_gen.c (crypto/dsa/dsa_gen.c) and the actual signing appears to happen in dsa_ossl.c (the signing function in dsa_sign.c simply calls a function found in dsa_ossl.c).
0
 
LVL 8

Author Comment

by:bukko
ID: 7983051

Thanks again Jason.

I'll have a go (though I'm a VB developer with a tiny smidgen of C++) and let you know if I run into any problems. Hmmm.....

Regards

bukko
0
 
LVL 8

Author Comment

by:bukko
ID: 7983077

p.s. just noticed a warning at the bottom of the OpenSSL page:

PLEASE REMEMBER THAT EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY SOFTWARE, PROVIDING CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME PARTS OF THE WORLD. SO, WHEN YOU IMPORT THIS PACKAGE TO YOUR COUNTRY, RE-DISTRIBUTE IT FROM THERE OR EVEN JUST EMAIL TECHNICAL SUGGESTIONS OR EVEN SOURCE PATCHES TO THE AUTHOR OR OTHER PEOPLE YOU ARE STRONGLY ADVISED TO PAY CLOSE ATTENTION TO ANY EXPORT/IMPORT AND/OR USE LAWS WHICH APPLY TO YOU. THE AUTHORS OF OPENSSL ARE NOT LIABLE FOR ANY VIOLATIONS YOU MAKE HERE. SO BE CAREFUL, IT IS YOUR RESPONSIBILITY.

Maybe I should accept this answer and ask EE to scrub the question?

bukko
0
 
LVL 8

Author Comment

by:bukko
ID: 7986498

Thanks for the help, Jason.
I'll try and take it from there!

Regards

bukko
0
 
LVL 8

Author Comment

by:bukko
ID: 7986804

Jason,

if you add a comment to http://www.experts-exchange.com/Programming/Q_20520878.html I'll give you those points as well.

Thanks

bukko
0
 
LVL 2

Expert Comment

by:Jason_Deckard
ID: 7989225
Thanks!
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
The well known Cerber ransomware continues to spread this summer through spear phishing email campaigns targeting enterprises. Learn how it easily bypasses traditional defenses - and what you can do to protect your data.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question