A New Dynamic Hash Algorithm in Digital Signature

A New Dynamic Hash Algorithm in Digital Signature Erfaneh Noroozi1, Salwani Mohd Daud1, Ali Sabouhi2, and Hafiza Abas1 1

Advanced Informatics School (AIS), Universiti Teknologi Malaysia Kuala Lumpur, Malaysia [email protected], {salwani,hafiza}@ic.utm.my 2 Software Engineering of Computer Science Kuala Lumpur, Malaysia [email protected]

Abstract. This paper presents adoption of a new hash algorithm in digital signature. Digital signature presents a technique to endorse the content of the message. This message has not been altered throughout the communication process. Due to this, it increased the receiver confidence that the message was unchanged. If the message is digitally signed, any changes in the message will invalidate the signature. The comparison of digital signature between Rivest, Shamir and Adleman (RSA) algorithms are summarized. The finding reveals that previous algorithms used large file sizes. Finally the new encoding and decoding dynamic hash algorithm is proposed in a digital signature. The proposed algorithm had reduced significantly the file sizes (8 bytes) during the transferring message. Keywords: Digital signature, public key, encoding, decoding, hash algorithm.

1

Introduction

Along with the thriving improvement of the technologies communication and information, systems of paper-based workflow is quickly substituted by the electronic-based medium in which all information and forms are digitally procedure such as e-government and e-commerce. In these systems, it is very significant to protect the sensitivity and security of digital object from malicious. Thus, how can this message be passed on so that only included or authentic parties obtain the comprehension of the message completely as it was transferred? The main objective in the field of cryptography is to make certain that the included parties communicate securely over a probably insecure channel. When an eavesdropper listens to a conversation between two parties, he should not be able to recognize the message. This can be attained by enciphering a message. This is a cryptographic primeval identified as encryption [1].

2

Digital Signature Schemes

Diffie and Hellman put out an explanation to this problem in their seminal paper entitled "New Direction in Cryptography" [2]. They primarily introduced the important A. Ell Hassanien et al. (Eds.): AMLTA 2012, CCIS 322, pp. 583–589, 2012. © Springer-Verlag Berlin Heidelberg 2012

584

E. Noroozi et al.

view of Public-Key Cryptography. The major proposal of public key cryptosystem is to utilize two different keys; for encryption a public key and for decryption a secret key, that are mathematically associated. The two keys are such that working out the secret key is infeasible from the public key. In fact, digital signature is a procedure that generates the same effects while a real signature and it is a mark where only the sender can create and other people can prove the signature simply. The digital signature is utilized to verify the content of the message by using asymmetric ciphering wherever a pair of keys that are public key and private key being considered. The keys used for digital signature are very long sequence of alphabetical and mathematical characters.

3

Signature and Public Key

Significant and private electronic mail be able to utilize digital signature to confirm that the e-mail is from the sender with approving secret key and the content of the email has not been changed [3]. The scenario of digital signature is similar to this situation: a sender doesn't sign the main text directly but he gets a one way hash of the message and then signs the hash. Most digital signature algorithms don't encrypt the messages that are signed. The sender creates some processing based on the text and his private key to produce the signature. Then, the signature is appended to the main text. The receiver also will build an additional calculation based on the message, the signature and the sender's public key to confirm the signature. A stranger that doesn't distinguish the sender's private key can confirm the signature but can’t produce a legal signature. The Ron Rivest, Adi Shamir and Leonard Adleman(RSA) is a public-key cryptosystem and digital signature are generally deployed today and have developed into important building blocks for producing the emerging public-key communications (PKI) in e-government and e-commerce [4]. There are two kinds of RSA assumptions, which are used to make digital signature schemes; the usual RSA problem (ORSA) and the strong RSA problem (SRSA) which is an alteration of RSA by Bari and Pfitzmann; Fujisaki and Okamoto[5], [6]. On the other hand, a small number of digital signature schemes have been recommended based on the SRSA assumption. The Cramer-Shoup signature scheme (CS) is very interesting in that it is a useful and probably secured in a model of standard security [7]. In digital signatures with functionalities, there are numerous aspects used in e-commerce such as proxy signatures and blind signatures. Previously, with systems based on the standard (RSA) theory; there is no confirmed secure signature with additional functionalities such as an alternative signature or blind signature. Formerly, the signature is applied for individual signatures, in easy background, habitually with single two parties included in the connections, i.e. a signature is made on behalf of an individual. However, in numerous cases these days, a message produced for example by one association needs the approval of a number of members of this organization. Thus, raises the attempt of verification and the need of storages. The complex key to this problem is appearing with the aspect of a group-oriented signature scheme, which has been presented by Desmedt[8]. The point of group-oriented digital signature is to expand method in dealing with multi-signers and multi-verifiers.

A New Dynamic Hash Algorithm in Digital Signature

585

There are a number of definitions for cryptosystem, including multi-signature schemes and the threshold signature schemes[9]. These secure signature schemes present attractive ways to recognize the aspect of the multi-signature and combined signature schemes. To check the validity of a group-oriented signature, it still requires the public keys of all participating signers. Furthermore, each key may come with an associated documentation signed by the Certificate Authority (CA), which must be conforming along with a generated multi-signature [10]. Accordingly, this means that it increases proportionally with the number of the participating signers. In coefficient block (CB-PKC), the group-oriented signature might not present significantly improved performance compared to conventional signature schemes [11]. Clearly, it still uses a signer's arbitrary public key which defeat the main suggestion of the group-oriented digital signature. It can be addressed by using the characteristics of signers rather than using the casual public keys.

4

Encoding and Decoding

4.1

Encoding Process

First step: In encoding process (Fig. 1) for an image a signature with , , , …. and the watermarked image with î, function E is the encoder processing, while imageI and a signature is the input of the function The output is a new image with embedded watermark, becomes the watermarked image, and can be represented mathematically by, E I, S

î

(1)

Fig. 1. Encoding Process

4.2

Decoding Process

Function D is the decoder procedure and image J (J can be a watermarked image) as input of the function and is represented as: D I, J

S

where S´ is the extracted signature from the image J.

(2)

586

E. Noroozi et al.

Fig. 2. Decoding Process

The extracted signature , will be compared with the original owner signature S using comparator, . If both match to each other, the output will be 1 otherwise 0, as follows: 1, (3) , 0, Figure 3 shows the function of comparator C. The correlation of two signatures , , in watermarking scheme can be considered as a three options such as encoding, decoding and comparator.

Fig. 3. Comparator Process

To ensure authentication a watermark should be extracted or detected. In a few schemes of watermarking, a watermark can be extracted in its accurate form; the detection of the watermark can assist it to verify the ownership while the extraction process can prove the owner of the message or image. Main disadvantage using watermark for authentication of a message is the size of the file transfer is very large and will affect the speed of the process.

5

Proposed Algorithm with Hash Code

For the proposed algorithm, the hash code is applied instead of watermarking. The sender and the receiver compare the hash code and checks if it is genuine. The message

A New Dynamic Hash Algorithm in Digital Signature

587

is authentic when the message retrieved by the receiver is similar to the messages originally sent. Any changes to the data will affect the hash code which is sent with the data (Fig. 4). If the significance of the message processes after the encryption and decryption process is similar, then the message is not modified.

Fig. 4. The Algorithm of Digital Signature

The procedures of the suggested algorithm are as follows, do a procedure in a package of 100 bytes. Every one of the byte has loaded from file and does the logical operation of OR with a byte of (00000001), after that setting the product passionate to character of the variable. Subsequent to the dealing out of initial 100 bytes, multiply all of the ORed outcome bytes and maintain them in variable of 32 bits. Utilize the 32 of chief bits development of the outcome. Afterward the second 100 bytes will be procedure through the similar action. Accordingly every 100 bytes of information are cutting to hashed information in 32 bits. The next part is encryption of the information from the secret key belongs to sender. The private key is 16 bytes and applies for encryption of data. There are two characters of arrays, key Key[0..15] and another is hashed. In encoding procedure, the initial byte of hashed H [0] and key ( Key[0] ) will be XOR and place the result in the first byte of the key ( Key[0] ). Then at another time, H [0] and the Key[1] do the same operation until the end of the hashed message. At the end of the process, the result of this operation will be kept in an array of character. Then we compared the proposed algorithms with other hash algorithms in terms of its logical operators and the complexity of the hardware involved as shown in Table 1.

588

E. Noroozi et al. Table 1. Comparison of Logical Operations, Current Status and Hardware Complexity Algorithm

Logical operations

Current status

Hardware complexity

MD5 algorithm

AND,OR,NOT,Rotating shifts

Collision

Medium

AND,OR,NOT,Rotating shifts ,XOR

Collision

Large-scale

AND,OR,NOT,Rotating shifts,XOR

Running

Large

OR and XOR

Running

Low

SHA1 algorithm SHA2 algorithm Proposed Algorithm

From Table 1, the logical operations required for proposed algorithm are OR and XOR compared to other algorithms which required more than four (4) logical operations. The hardware complexity requirement is also lower compared to other algorithms. Hardware complexity contains devices such as Logic Devices, Programmable and Gate Arrays and Application Specific Integrated Circuits. Then Table 2 compares the file size during transmission for these algorithms. Table 2. Comparison of Size of File in Bytes SHA1 MD5 Size of original algorithm algorithm files (Byte) (Byte) (Byte) 14 32 40 18 32 40 72 32 40 1 32 40 (*SHA is Secure Hash Algorithm).

SHA2 algorithm (Byte) 64 64 64 64

Proposed algorithm (Byte) 8 8 8 8

The proposed algorithm had reduced significantly the sizes of the file to be only 8 bytes for various original file sizes compared to other algorithms.

6

Conclusion

In hash function, a small number of bits are generated from a large size file. This mathematical one way encryption produces hash code or hashes. The hash code procedure is more desirable than any other process because the generation of the code is faster than any other methods. Cryptographic hash functions are used extensively due to its cheap construction. The function is further used for digital signatures in

A New Dynamic Hash Algorithm in Digital Signature

589

verification of the authentication of the data [12]. The proposed algorithm is adopted for applications which transfer messages with small file size (such as for multi agent systems), which is a fundamental benefit to improve an application to be fast, simple and secure. In future works, the next process will be implemented are the extracting signature in order to remove any extra signature message and to decrease the encrypted image size and to reduce extra bandwidth in file transmission. Acknowledgment. The authors would like to express greatest appreciation to Ministry of Higher Education (MOHE), Malaysia and Universiti Teknologi Malaysia (UTM) particularly Advanced Informatics School (AIS) for providing the financial support to carry out this research work.

References 1. Fridrich, J., Goljan, M.: Robust Hash Functions for Digital Watermarking. IEEE Information Technology, Coding and Computing, 178–183 (2000) 2. Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory 22, 644–654 (1976) 3. Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among Notions of Security for Public-Key Encryption Schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, p. 26. Springer, Heidelberg (1998) 4. Rivest, R., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public key. Cryptosystems Communications of the ACM 21, 120–126 (1978) 5. Barić, N., Pfitzmann, B.: Collision-Free Accumulators and Fail-Stop Signature Schemes without Trees. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 480–494. Springer, Heidelberg (1997) 6. Fujisaki, E., Okamoto, T.: Secure Integration of Asymmetric and Symmetric Encryption Schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, p. 537. Springer, Heidelberg (1999) 7. Merkle, R.C.: A Digital Signature Based on a Conventional Encryption Function. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 369–378. Springer, Heidelberg (1988) 8. Desmedt, J., Nguyen, T., Bourguet, M.: Electroencephalography and Clinical europhysiology/Evoked Potentials Section 68(1), 1–19 (1987) 9. Bellare, M., Ristenpart, T.: Multi-Property-Preserving Hash Domain Extension and the EMD Transform. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 299–314. Springer, Heidelberg (2006) 10. Luo, H., Kong, J., Zerfos, P., Lu, S., Zhang, L.: Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks. In: IEEE ICNP 2001 (2001) 11. Gordon, D.: A Survey of Fast Exponentiation Methods. Center for Communications Research 27(1), 129–146 (1998) 12. Vaudenay, S.: Secure Communications over Insecure Channels Based on Short Authenticated Strings. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 309–326. Springer, Heidelberg (2005)