Home | Trees | Indices | Help |
|
---|
|
DSA public-key signature algorithm.
DSA is a widespread public-key signature algorithm. Its security is based on the discrete logarithm problem (DLP). Given a cyclic group, a generator g, and an element h, it is hard to find an integer x such that g^x = h. The problem is believed to be difficult, and it has been proved such (and therefore secure) for more than 30 years.
The group is actually a sub-group over the integers modulo p, with p prime. The sub-group order is q, which is prime too; it always holds that (p-1) is a multiple of q. The cryptographic strength is linked to the magnitude of p and q. The signer holds a value x (0<x<q-1) as private key, and its public key (y where y=g^x mod p) is distributed.
In 2012, a sufficient size is deemed to be 2048 bits for p and 256 bits for q. For more information, see the most recent ECRYPT report.
DSA is reasonably secure for new designs.
The algorithm can only be used for authentication (digital signature). DSA cannot be used for confidentiality (encryption).
The values (p,q,g) are called domain parameters; they are not sensitive but must be shared by both parties (the signer and the verifier). Different signers can share the same domain parameters with no security concerns.
The DSA signature is twice as big as the size of q (64 bytes if q is 256 bit long).
This module provides facilities for generating new DSA keys and for constructing them from known components. DSA keys allows you to perform basic signing and verification.
>>> from Crypto.Random import random >>> from Crypto.PublicKey import DSA >>> from Crypto.Hash import SHA >>> >>> message = "Hello" >>> key = DSA.generate(1024) >>> h = SHA.new(message).digest() >>> k = random.StrongRandom().randint(1,key.q-1) >>> sig = key.sign(h,k) >>> ... >>> if key.verify(h,sig): >>> print "OK" >>> else: >>> print "Incorrect signature"
Classes | |
_DSAobj Class defining an actual DSA key. |
|
DSAImplementation A DSA key factory. |
|
error |
Functions | |||
|
|||
|
Function Details |
Attention: You should always use a cryptographically secure random number generator, such as the one defined in the Crypto.Random module; don't just use the current time and the random module. |
Construct a DSA key from a tuple of valid DSA components. The modulus p must be a prime. The following equations must apply:
|
Home | Trees | Indices | Help |
|
---|
Generated by Epydoc 3.0.1 on Thu May 24 09:02:36 2012 | http://epydoc.sourceforge.net |