The Mathematics of Public-Key Cryptography, Lecture 19

November 21, 2000

Summary of material covered in lecture 19

• use of hash functions in signature schemes
  • summary of attacks on signature schemes through possible weaknesses of hash functions (key-only, known message, chosen message)
  • one-way, collision-free and strongly collision free properties of hash functions and how they prevent the attacks
  • collision-free property requires range of hash function >= 2^{160} due to birthday attack
• ElGamal signature scheme
  • description of scheme
  • existential forgery on basic scheme without hash function
  • parameters and signature size
• DSA
  • description of scheme
  • parameters and signature size