Unformatted text preview: firm that yaab mod p = gM mod p Each ElGamal signature or encryption requires a new value of k, and that value must be chosen randomly. If Eve ever recovers a k that Alice used, she can recover Alice’s private key, x. If Eve ever gets two messages signed or encrypted using the same k, even if she doesn’t know what it is, she can recover x. This is summarized in Table 19.5. For example, choose p = 11 and g = 2. Choose private key x = 8. Calculate y = gx mod p = 28 mod 11 = 3 The public key is y = 3, g = 2, and p = 11. To authenticate M = 5, first choose a random number k = 9. Confirm that gcd(9, 10) = 1. Compute a = gk mod p = 29 mod 11 = 6 and use the extended Euclidean algorithm to solve for b: M = (ax + kb) mod (p  1) 5 = (8 * 6 + 9 * b) mod 10 Previous Table of Contents Next Products  Contact Us  About Us  Privacy  Ad Info  Home Use of this site is subject to certain Terms & Conditions, Copyright © 19962000 EarthWeb Inc. All rights reserved. Reproduction whole or in part in any form or medium without express written permission of EarthWeb is prohibited. Read EarthWeb's privacy statement. To access the contents, click the chapter and section titles. Applied Cryptography, Second Edition: Protocols, Algorthms, and Source Code in C (cloth)
Go!
Keyword
Brief Full Advanced Search Search Tips (Publisher: John Wiley & Sons, Inc.) Author(s): Bruce Schneier ISBN: 0471128457 Publication Date: 01/01/96 Search this book:
Go! Previous Table of Contents Next
 The solution is b = 3, and the signature is the pair: a = 6 and b = 3. Table 19.5 ElGamal Signatures Public Key: p prime (can be shared among a group of users) g <p (can be shared among a group of users) y = gx mod p Private Key: x <p Signing: k choose at random, relatively prime to p  1 a (signature) = gk mod p b (signature) such that M = (xa + kb) mod (p  1) Verifying: Accept as valid if yaab mod p = gM mod p To verify a signature, confirm that yaab mod p = gM mod p 36 63 mod 11 = 25 mod 11 A variant of ElGamal for signatures is in [1377]. Thom...
View
Full
Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details