KCDSA
KCDSA (Korean Certificate-based Digital Signature Algorithm) is a digital signature algorithm created by a team led by the Korea Internet & Security Agency (KISA). It is an ElGamal variant, similar to the Digital Signature Algorithm and . The standard algorithm is implemented over , but an elliptic curve variant (EC-KCDSA) is also specified.
KCDSA requires a collision-resistant cryptographic hash function that can produce a variable-sized output (from 128 to 256 bits, in 32-bit increments). HAS-160, another Korean standard, is the suggested choice.
Domain parameters[]
- : a large prime such that for .
- : a prime factor of such that for .
- : a base element of order in .
User parameters[]
- : signer's private signature key such that .
- : signer's public verification key computed by where .
- : a hash-value of Cert Data, i.e., .
The 1998 spec is unclear about the exact format of the "Cert Data". In the revised spec, z is defined as being the bottom B bits of the public key y, where B is the block size of the hash function in bits (typically 512 or 1024). The effect is that the first input block corresponds to y mod 2^B.
- : the lower B bits of y.
Hash Function[]
- : a collision resistant hash function with |q|-bit digests.
Signing[]
- Signer randomly picks an integer and computes
- Then computes the first part:
- Then computes the second part:
- If , the process must be repeated from the start.
- The signature is
Verifying[]
- Verifier checks that and and rejects the signature as invalid if not.
- Verifier computes
- Then he checks if
External links[]
- Digital signature schemes
- Elliptic curve cryptography
- Public-key cryptography
- Cryptography stubs