Signatures

Used to bring authenticity in pk-encryption setting.

Properties:

publicly verifiable
transferable
non-repudiation

Definition: Digital signature scheme consists of three PPT algorithms:

$Gen (1^{n}) \to (p k, s k)$
$Sign (s k, m) \to σ$
$Vrfy (p k, σ) \to b \in {0, 1}$

Signature experiment: $Sig-forge_{A, Π} (n)$ :

$Gen (1^{n})$ is run to obtain $p k, s k$

$A$ has access to $Sign_{s k} (\cdot)$ oracle, and outputs $m, σ$ . Let $Q$ be set of all queries by $A$ .

$A$ succeeds if $Vrfy_{p k} (\cdot) = 1$ and $m \neq \in Q$ .

$Pr [Sig-forge_{A, Π} (n) = 1] \leq negl (n)$

Hash-and-Sign paradigm: use a hash when a signature scheme of length $l$ is available, and messages are of longer length to create a digest of length $l$ as $H_{s} (m)$ where $s = Gen_{H} (1^{n})$ .

rsa signatures

TODO

PKI

Digital Certificate: just a notion of public key signature binding the identity of a public entity to that public key.

$cert_{C \to B} d e f Sign_{s k_{C}} (Bob’s key is pk_{B})$

Party $C$ signature should be trustworthy to be considered a certificate, and is generally known as Certificate authority (CA). Certificate can be used to build trust between two strange parties using a trusted party that notarises that $P_{1}$ indeed is the owner of the key.

Can build a web of trust using single CA, but susceptible to attacks and single point of failure.
Multiple CAs are usually configured on every browser, network devices which helps to decentralise the power a CA has.
Certificate Chain is employed where any root authority with a certificate gives power to the party to issue certificates as a proxy.
PGP: complete cypherpunk approach to web of trust. Anyone can issue a certificate for anyone else, and recipient has to choose whether to believe the authority issuing the certificate.
Revocation of certificates: using expiration or Certificate expiration list broadcasted by CA at periodic time.

lonerapier.xyz

Explorer

Signatures

rsa signatures

PKI

Graph View

Table of Contents

Backlinks