What Is DSA (Digital Signature Algorithm)?

This section describes the DSA (Digital Signature Algorithm) algorithm, which consists of 2 parts: generation of a pair of public key and private key; generation and verification of digital signature.

What Is DSA (Digital Signature Algorithm)? DSA is a United States Federal Government standard for digital signatures. It was proposed by the National Institute of Standards and Technology (NIST) in August 1991 for use in their Digital Signature Standard (DSS), specified in FIPS 186 in 1993.

The first part of the DSA algorithm is the public key and private key generation, which can be described as:

• Choose a prime number q, which is called the prime divisor.
• Choose another primer number p, such that p-1 mod q = 0. p is called the prime modulus.
• Choose an integer g, such that 1 < g < p, g**q mod p = 1 and g = h**((p–1)/q) mod p. q is also called g's multiplicative order modulo p.
• Choose an integer, such that 0 < x < q.
• Compute y as g**x mod p.
• Package the public key as {p,q,g,y}.
• Package the private key as {p,q,g,x}.

The second part of the DSA algorithm is the signature generation and signature verification, which can be described as:

To generate a message signature, the sender can follow these steps:

• Generate the message digest h, using a hash algorithm like SHA1.
• Generate a random number k, such that 0 < k < q.
• Compute r as (g**k mod p) mod q. If r = 0, select a different k.
• Compute i, such that k*i mod q = 1. i is called the modular multiplicative inverse of k modulo q.
• Compute s = i*(h+r*x) mod q. If s = 0, select a different k.
• Package the digital signature as {r,s}.

To verify a message signature, the receiver of the message and the digital signature can follow these steps:

• Generate the message digest h, using the same hash algorithm.
• Compute w, such that s*w mod q = 1. w is called the modular multiplicative inverse of s modulo q.
• Compute u1 = h*w mod q.
• Compute u2 = r*w mod q.
• Compute v = (((g**u1)*(y**u2)) mod p) mod q.
• If v == r, the digital signature is valid.