SlideShare a Scribd company logo

A New Signature Protocol Based on RSA and Elgamal Scheme

Zac Darcy, profile picture
Zac Darcy

This paper presents a novel digital signature protocol combining RSA and ElGamal schemes, targeting security against potential vulnerabilities in traditional systems. The authors detail the protocol's construction, efficiency, and security analysis, illustrating it with examples to demonstrate its operation. The work suggests that this method could serve as a viable alternative if existing systems are compromised.

Engineering
1 of 6
Download to read offline
1
2
3
4
5
6
International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016 DOI: 10.5121/ijitmc.2016.4302 11 A NEW SIGNATURE PROTOCOL BASED ON RSA AND ELGAMAL SCHEME J. Ettanfouhi and O. Khadir Laboratory of Mathematics, Cryptography and Mechanics, Fstm, University Hassan II of Casablanca, Morocco ABSTRACT In this paper, we present a new signature scheme based on factoring and discrete logarithm problems. Derived from a variant of ElGamal signature protocol and the RSA algorithm, this method can be seen as an alternative protocol if known systems are broken. KEYWORDS Factoring, DLP, PKC, ElGamal signature scheme, RSA. MSC: 60 94A 1. INTRODUCTION In 1977, Rivest, Shamir, and Adleman[6 ] described the famous RSA algorithm which is based on the presumed difficulty of factoring large integers. In 1985, ElGamal [2] proposed a signature digital protocol that uses the hardness of the discrete logarithm problem[5 p.116, 7 p. 213, 8 p. 228 ]. Since then, many similar schemes were elaborated and published[1,3]. Among them, a new variant was conceived in 2010 by the second author[ 4 ].In this work, we apply a combination of the new variant of Elgamal and RSA algorithm to build a secure digital signature. The efficiency of the method is discussed and its security analyzed. The paper is organised as follows: In section 2, we describe the basic ElGamal digital signature algorithm and its variant. Section 3 is devoted to our new digital signature method. We end with the conclusion in section 4. In the paper, we will respect ElGamal work notations [3]. N, Z are respectively the sets of integers and non-negative integers. For every positive integer n , we denote by Z Z n / the finite ring of modular integers and by * ) / ( Z Z n the multiplicative group of its invertible elements. Let a ,b , c be three integers. The GCD of a and b is written as ) , ( b a gcd . We write ] [ 0.1 c cm b a ≡ if c divides b a − , and c b a mod = if a is the rest in the division of b by c . The bit length of n is the number of bits in its binary model, with n an integer .We start by presenting the basic ElGamal digital signature algorithm and its variant:
International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016 12 2. ELGAMAL SIGNATURE SCHEME In this section we recall ElGamal signature scheme[2] and its variant[4]. 1. Alice chooses three numbers: - p , a large prime integer. - α , a primitive root of the finite multiplicative group * ) / ( Z Z p - x , a random element of {1,2,..., 1 − p } 2. She computes x y α = mod p . Alice’s public key is ) , , ( y p α , and x is her private key. 3. To sign the document m , Alice must solve the problem: (1) where s r, are the unknown variables. Alice fixes arbitrary r to be k r α = mod p , where k is chosen randomly and invertible modulo 1 − p . Equation (1) is then equivalent to: (2) Since Alice has the secret key x , and as the number k is invertible modulo 1 − p , she calculates the other unknown variable s by (3) 4. Bob can verify the signature by checking if congruence (1) is valid for the variables r and s given by Alice. 3. VARIANT OF ELGAMAL SIGNATURE SCHEME We present a variant of ElGamal digital signature system. This variant Error! Reference source not found. is based on the equation: (4) t s r , , are the unknown parameters, and ) , , ( y p α are Alice public keys. p is an integer (a large prime). α is a primitive root of * p Z . y is calculated by x y α = mod p . x is a random element of {1,2,...,p-1}.
International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016 13 Let ) ( = M h m , where h is a hash function, and M the message to be signed by Alice. To give the solution (3), she fixes randomly r as p mod r k α ≡ , and s to be p mod s l α ≡ , where l k, are selected arbitrary in {1,2,...,p-1}. Equation (3) is then equivalent to: (5) as Alice recognize the values of x m l k s r , , , , , , she is able to calculate the last unknown variable t . Bob verify the signature by verifying the congruence (4). this system does not use the extended Euclidean algorithm for calculating 1) ( 1 − − p mod k . We clarify the scheme by the example given by the creator of this alternative[4]. 3.1 EXAMPLE Let ) , , ( y p α be Alice public keys where: 509 = p , 2 = α and 482 = y . We assert that we are not confident if using a small value of α does not abate the protocol. The private key is 281 = x . Suppose that Alice wants to generate a signature for the document M for which 432[508] ) ( ≡ ≡ M h m with the exponents 208 = k and 386 = l are randomly taken. She computes ] 332[ 2208 p r k ≡ ≡ ≡ α , ] 39[ 2386 p s l ≡ ≡ ≡ α and 1] 440[ − ≡ + + ≡ p lm ks rx t . Bob or anyone can verify the relation ] [p s r y m s r t ≡ α . Indeed, we find that ] 436[p ≡ α and ] 436[p s r y m s r ≡ . 4. OUR PROTOCOL 4.1 DESCRIPTION In this section, we describe our new digital signature. The protocol is based simultaneously on two hard problems. We assume first that h is a public secure hash function like SHA1[5 p.348, 7 p. 242 , 8 p.133]. We suppose that Alice public keys are ) , , , ( e y P α where: - 1 2 = + pq P , p , q are three primes. - α , a primitive root of the multiplicative group * ) / ( Z Z p . - x y α = mod P , where x is the private key of Alice, which is randomly taken in 1} {1,2,..., − P .
International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016 14 - Element e is the public exponent in the RSA cryptosystem. We propose the following protocol: If Alice wants to sign the message M , she must give a solution for the modular equation: (6) where ) ( = M h m mod p , and r , s , t are unknown. To solve equation (5) , Alice starts by putting: (7) (8) Equation (5) becomes: (9) Alice uses the new variant of Elgamal algorithm[4] to solve equation (9) and to get the values of r′ , s′ and t . Then with her RSA private key she solves equations (7) and (8) . The cupel r and s is her signature for the message M . Bob or anybody can check that the signature is valid by replacing r , s and t in relation (5) . 4.2 EXAMPLE Let us illustrate the method by the following example. Suppose that Alice’s public key is: 104543 = 1 313 * 167 * 2 = + P , 5 = α , 23292 = y , 7 = e . The private keys for RSA and ElGamal systems are respectively: 9502 = x , 7399 = d . Assume that 12345 = ) ( = M h m is the hashed message that she likes to sign. If she takes Randomly 845 = k and 2561 = l . She will find from equation 8 that 17744 = r′ , 31839 = s′ . Relation 4 implies 57764 = t . Alice uses (6) and (7) to obtain:
International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016 15 r ≡ 1] [ − ′ P r d ≡ 75282 s ≡ 1] [ − ′ P s d ≡ 19005. To verify Bob puts 62833 = mod = P A t α , 79849 = mod = 1 mod P y B P e r − , 83421 = mod 1) mod ( = 1) mod ( P P r C P e s e − − and 212997 = mod 1) mod ( = P P s D m e − , and checks if P D C B A mod * * = . 4.3 SECURITY ANALYSIS Now that we have presented the protocol, we will discuss some possible attacks. Assume that Oscar is Alice’s opponent. ATTACK 1: If the attacker try to imitate the computation made by Alice, he can find r and s , but to find t he needs the value of the private key x to solve equation 4 . ATTACK 2: Suppose Oscar is capable to solve the discrete logarithm problem [2]. He cannot calculate r and s from equation (7) and (8) he will be confronted to the factorisation of a large composite modulus [5,8]. ATTACK 3: Suppose Oscar is capable to solve RSA equations (7) and (8) . Oscar cannot get t from equation (9) since x is Alice’s secret key. If he tries to get t from equation (4) , he will be stopped by the discrete logarithm problem. 4.4 COMPLEXITY OF OUR ALGORITHM As in [1], let exp T , mult T and h T be appropriately the time to calculate an exponentiation, a multiplication and hash function of a document M . We neglect the time needed for modular substraction, additions, comparisons and apply the conversion mult exp T T 240 = . 4.4.1 SIGNATURE COMPLEXITY To sign the message M , Alice must compute the six parameters: ) ( = M h m mod P , k r α ≡ ′ ] [P , l s α ≡ ′ ] [P , d r r ′ ≡ 1] [ − P , d s s ′ ≡ 1] [ − P , lm s k r x t + ′ + ′ ≡ 1] [ − P . Alice needs to perform four modular exponentiations, three modular multiplications and one hash function computation. So the global required time is : h mult h mult exp T T T T T T + + + 963 = 3 4 = 1 4.4.2 VERIFICATION COMPLEXITY Bob should calculate 4 exponentiations, 2 multiplications and one hash function. So the global required time is : h mult h mult exp T T T T T T + + + 962 = 2 4 = 2
International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016 16 5. CONCLUSION In this work, we proposed a new signature protocol that can be an alternative if old systems are broken. Our method is based simultanyously on RSA cryptosystem and DLP. ACKNOWLEDGEMENTS This work is supported by the MMS e-orientation project. REFERENCES [1] R. R. Ahmad, E. S. Ismail,and N. M. F. Tahat , A new digital signature scheme based on factoring and discrete logarithms , J. of Mathematics and Statistics (4): (2008), pp. . [2] T. ElGamal, A public key cryptosystem and a signature scheme based on discrete logarithm problem, IEEE Trans. Info. Theory, IT-31, (1985), pp. . [3] L.C. Guillou, J.J. Quisquater, A Paradoxial Identity-based SIgnature Scheme Resulting from Zero- Knowledge, Advances in cryptography, LNCS 403, (1990) pp. . [4] O. Khadir, New variant of ElGamal signature scheme, Int. J. Contemp. Math. Sciences, Vol. 5, no. 34, (2010), pp. . [5] A. J. Menezes, P. C. van Oorschot and S. A. Vanstone, Handbook of applied cryptography, CRC Press, Boca Raton, Florida, 1997. [6] R. Rivest, A. Shamir and L. Adeleman, A method for obtaining digital signatures and public key cryptosystems, Communication of the ACM, Vol. no 21, (1978), pp. . [7] J. Buchmann, Introduction to Cryptography,(Second Edition), Springer 2000. [8] D. R. Stinson, Cryptography, theory and practice, second Edition, Chapman & Hall/CRC, 2006. Authors Jaouad Ettanfouhi holds an engineer degree in Computer Science from the University of Hassan II of Casablanca (2011). Member of the laboratory of Mathematics, Cryptography and Mechanics, he is preparing a thesis in public key cryptography. Dr Omar Khadir received his Ph.D. degree in Computer Science from the University of Rouen, France (1994). Co-founder of the Laboratory of Mathematics, Cryptography and Mechanics at the University of Hassan II Casablanca, Morocco, where he is a professor in the Department of Mathematics. He teaches cryptography for graduate students preparing a degree in computer science. His current research interests include public key cryptography, digital signature, primality, factorisation of large integers and more generally, all subjects connected to the information technology.

More Related Content

PDF
A New Signature Protocol Based on RSA and Elgamal Scheme
Zac Darcy
 
PDF
A Signature Algorithm Based on DLP and Computing Square Roots
Zac Darcy
 
PDF
A SIGNATURE ALGORITHM BASED ON DLP AND COMPUTING SQUARE ROOTS
Zac Darcy
 
PDF
A Signature Algorithm Based on DLP and Computing Square Roots
Zac Darcy
 
PDF
A SIGNATURE ALGORITHM BASED ON DLP AND COMPUTING SQUARE ROOTS
Zac Darcy
 
PDF
New Digital Signature Protocol Based on Elliptic Curves
ijcisjournal
 
PPT
Signyourd digital signature certificate provider
Kishankant Yadav
 
PDF
1508.07756v1
Samir Crypticus
 
A New Signature Protocol Based on RSA and Elgamal Scheme
Zac Darcy
 
A Signature Algorithm Based on DLP and Computing Square Roots
Zac Darcy
 
A SIGNATURE ALGORITHM BASED ON DLP AND COMPUTING SQUARE ROOTS
Zac Darcy
 
A Signature Algorithm Based on DLP and Computing Square Roots
Zac Darcy
 
A SIGNATURE ALGORITHM BASED ON DLP AND COMPUTING SQUARE ROOTS
Zac Darcy
 
New Digital Signature Protocol Based on Elliptic Curves
ijcisjournal
 
Signyourd digital signature certificate provider
Kishankant Yadav
 
1508.07756v1
Samir Crypticus
 

Similar to A New Signature Protocol Based on RSA and Elgamal Scheme (20)

PPTX
EL GAMAL computer and network security .pptx
peter1097
 
PPTX
Elgamal digital signature
MDKAWSARAHMEDSAGAR
 
PPTX
Elgamal_digital_signature_scheme.pptx
Karim Monir
 
PPT
Digital Signature.ppt
SABITHARASSISTANTPRO
 
PPT
CHAPTER 09 - Digital signatures.ppt
SAJADESKANDARI1
 
PDF
Analysis of Shared RSA Modulus
Dharmalingam Ganesan
 
PPT
Digital signature algorithm (de la cruz, genelyn).ppt 2
YooGenelyn
 
PPT
Other public key systems
Aravindharamanan S
 
PPTX
Information and network security 44 direct digital signatures
Vaibhav Khanna
 
PPT
Information and data security digital signatures
Mazin Alwaaly
 
PPT
Digital Signature in CryptographyElgammal
JPrince9
 
PPTX
Digital signature
Shwetang (shweacha)
 
PPTX
Asymmetric Key Signatures
David Evans
 
PPSX
Digital signature
Nisha Menon K
 
PDF
An ElGamal Encryption Scheme of Adjacency Matrix and Finite Machines
Computer Science Journals
 
PPTX
Public Key Algorithms
Bit Hacker
 
PPT
Key Digital Signatures
phanleson
 
PPTX
Demystifying Zero Knowledge Proofs [FINAL].pptx
RedWhite12
 
PDF
lecture10.pdf
AlaaElhaddad3
 
PDF
Implementation of Elliptic Curve Digital Signature Algorithm Using Variable T...
ijceronline
 
EL GAMAL computer and network security .pptx
peter1097
 
Elgamal digital signature
MDKAWSARAHMEDSAGAR
 
Elgamal_digital_signature_scheme.pptx
Karim Monir
 
Digital Signature.ppt
SABITHARASSISTANTPRO
 
CHAPTER 09 - Digital signatures.ppt
SAJADESKANDARI1
 
Analysis of Shared RSA Modulus
Dharmalingam Ganesan
 
Digital signature algorithm (de la cruz, genelyn).ppt 2
YooGenelyn
 
Other public key systems
Aravindharamanan S
 
Information and network security 44 direct digital signatures
Vaibhav Khanna
 
Information and data security digital signatures
Mazin Alwaaly
 
Digital Signature in CryptographyElgammal
JPrince9
 
Digital signature
Shwetang (shweacha)
 
Asymmetric Key Signatures
David Evans
 
Digital signature
Nisha Menon K
 
An ElGamal Encryption Scheme of Adjacency Matrix and Finite Machines
Computer Science Journals
 
Public Key Algorithms
Bit Hacker
 
Key Digital Signatures
phanleson
 
Demystifying Zero Knowledge Proofs [FINAL].pptx
RedWhite12
 
lecture10.pdf
AlaaElhaddad3
 
Implementation of Elliptic Curve Digital Signature Algorithm Using Variable T...
ijceronline
 
Ad

Recently uploaded (20)

PPTX
Geodesy 1.pptx...............................................
abhi1361yadav
 
PPTX
KTU 2019 -S7-MCN 401 MODULE 2-VINAY.pptx
VinayB68
 
PDF
Well-logging-methods_new................
ZafriFarid
 
PPTX
CH1 Production IntroductoryConcepts.pptx
RacemMellouli1
 
DOCX
ASol_English-Language-Literature-Set-1-27-02-2023-converted.docx
AYUSHMANAV
 
PPTX
web development for engineering and engineering
keshriji700
 
PDF
Automation-in-Manufacturing-Chapter-Introduction.pdf
pcmth867
 
PPTX
Lecture Notes Electrical Wiring System Components
eedgecbhojpur
 
PPTX
Engineering Ethics, Safety and Environment [Autosaved] (1).pptx
MehrabTaseenTalukder
 
PPTX
MET 305 2019 SCHEME MODULE 2 COMPLETE.pptx
VinayB68
 
PPTX
Welding lecture in detail for understanding
sahilpoonia10
 
PDF
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
PDF
Enhancing Cyber Defense Against Zero-Day Attacks using Ensemble Neural Networks
IJCNCJournal
 
PPTX
OOP with Java - Java Introduction (Basics)
Rashmi T V
 
PDF
Mitigating Risks through Effective Management for Enhancing Organizational Pe...
IJAEMSJORNAL
 
PDF
R24 SURVEYING LAB MANUAL for civil enggi
MNANDITHACIVILSTAFF
 
PPTX
UNIT-1 - COAL BASED THERMAL POWER PLANTS
Chandra Kumar S
 
PDF
July 2025 - Top 10 Read Articles in International Journal of Software Enginee...
sebastianku31
 
PDF
BMEC211 - INTRODUCTION TO MECHATRONICS-1.pdf
ryankakungu
 
PPTX
MCN 401 KTU-2019-PPE KITS-MODULE 2.pptx
VinayB68
 
Geodesy 1.pptx...............................................
abhi1361yadav
 
KTU 2019 -S7-MCN 401 MODULE 2-VINAY.pptx
VinayB68
 
Well-logging-methods_new................
ZafriFarid
 
CH1 Production IntroductoryConcepts.pptx
RacemMellouli1
 
ASol_English-Language-Literature-Set-1-27-02-2023-converted.docx
AYUSHMANAV
 
web development for engineering and engineering
keshriji700
 
Automation-in-Manufacturing-Chapter-Introduction.pdf
pcmth867
 
Lecture Notes Electrical Wiring System Components
eedgecbhojpur
 
Engineering Ethics, Safety and Environment [Autosaved] (1).pptx
MehrabTaseenTalukder
 
MET 305 2019 SCHEME MODULE 2 COMPLETE.pptx
VinayB68
 
Welding lecture in detail for understanding
sahilpoonia10
 
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
Enhancing Cyber Defense Against Zero-Day Attacks using Ensemble Neural Networks
IJCNCJournal
 
OOP with Java - Java Introduction (Basics)
Rashmi T V
 
Mitigating Risks through Effective Management for Enhancing Organizational Pe...
IJAEMSJORNAL
 
R24 SURVEYING LAB MANUAL for civil enggi
MNANDITHACIVILSTAFF
 
UNIT-1 - COAL BASED THERMAL POWER PLANTS
Chandra Kumar S
 
July 2025 - Top 10 Read Articles in International Journal of Software Enginee...
sebastianku31
 
BMEC211 - INTRODUCTION TO MECHATRONICS-1.pdf
ryankakungu
 
MCN 401 KTU-2019-PPE KITS-MODULE 2.pptx
VinayB68
 
Ad

A New Signature Protocol Based on RSA and Elgamal Scheme

  • 1. International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016 DOI: 10.5121/ijitmc.2016.4302 11 A NEW SIGNATURE PROTOCOL BASED ON RSA AND ELGAMAL SCHEME J. Ettanfouhi and O. Khadir Laboratory of Mathematics, Cryptography and Mechanics, Fstm, University Hassan II of Casablanca, Morocco ABSTRACT In this paper, we present a new signature scheme based on factoring and discrete logarithm problems. Derived from a variant of ElGamal signature protocol and the RSA algorithm, this method can be seen as an alternative protocol if known systems are broken. KEYWORDS Factoring, DLP, PKC, ElGamal signature scheme, RSA. MSC: 60 94A 1. INTRODUCTION In 1977, Rivest, Shamir, and Adleman[6 ] described the famous RSA algorithm which is based on the presumed difficulty of factoring large integers. In 1985, ElGamal [2] proposed a signature digital protocol that uses the hardness of the discrete logarithm problem[5 p.116, 7 p. 213, 8 p. 228 ]. Since then, many similar schemes were elaborated and published[1,3]. Among them, a new variant was conceived in 2010 by the second author[ 4 ].In this work, we apply a combination of the new variant of Elgamal and RSA algorithm to build a secure digital signature. The efficiency of the method is discussed and its security analyzed. The paper is organised as follows: In section 2, we describe the basic ElGamal digital signature algorithm and its variant. Section 3 is devoted to our new digital signature method. We end with the conclusion in section 4. In the paper, we will respect ElGamal work notations [3]. N, Z are respectively the sets of integers and non-negative integers. For every positive integer n , we denote by Z Z n / the finite ring of modular integers and by * ) / ( Z Z n the multiplicative group of its invertible elements. Let a ,b , c be three integers. The GCD of a and b is written as ) , ( b a gcd . We write ] [ 0.1 c cm b a ≡ if c divides b a − , and c b a mod = if a is the rest in the division of b by c . The bit length of n is the number of bits in its binary model, with n an integer .We start by presenting the basic ElGamal digital signature algorithm and its variant:
  • 2. International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016 12 2. ELGAMAL SIGNATURE SCHEME In this section we recall ElGamal signature scheme[2] and its variant[4]. 1. Alice chooses three numbers: - p , a large prime integer. - α , a primitive root of the finite multiplicative group * ) / ( Z Z p - x , a random element of {1,2,..., 1 − p } 2. She computes x y α = mod p . Alice’s public key is ) , , ( y p α , and x is her private key. 3. To sign the document m , Alice must solve the problem: (1) where s r, are the unknown variables. Alice fixes arbitrary r to be k r α = mod p , where k is chosen randomly and invertible modulo 1 − p . Equation (1) is then equivalent to: (2) Since Alice has the secret key x , and as the number k is invertible modulo 1 − p , she calculates the other unknown variable s by (3) 4. Bob can verify the signature by checking if congruence (1) is valid for the variables r and s given by Alice. 3. VARIANT OF ELGAMAL SIGNATURE SCHEME We present a variant of ElGamal digital signature system. This variant Error! Reference source not found. is based on the equation: (4) t s r , , are the unknown parameters, and ) , , ( y p α are Alice public keys. p is an integer (a large prime). α is a primitive root of * p Z . y is calculated by x y α = mod p . x is a random element of {1,2,...,p-1}.
  • 3. International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016 13 Let ) ( = M h m , where h is a hash function, and M the message to be signed by Alice. To give the solution (3), she fixes randomly r as p mod r k α ≡ , and s to be p mod s l α ≡ , where l k, are selected arbitrary in {1,2,...,p-1}. Equation (3) is then equivalent to: (5) as Alice recognize the values of x m l k s r , , , , , , she is able to calculate the last unknown variable t . Bob verify the signature by verifying the congruence (4). this system does not use the extended Euclidean algorithm for calculating 1) ( 1 − − p mod k . We clarify the scheme by the example given by the creator of this alternative[4]. 3.1 EXAMPLE Let ) , , ( y p α be Alice public keys where: 509 = p , 2 = α and 482 = y . We assert that we are not confident if using a small value of α does not abate the protocol. The private key is 281 = x . Suppose that Alice wants to generate a signature for the document M for which 432[508] ) ( ≡ ≡ M h m with the exponents 208 = k and 386 = l are randomly taken. She computes ] 332[ 2208 p r k ≡ ≡ ≡ α , ] 39[ 2386 p s l ≡ ≡ ≡ α and 1] 440[ − ≡ + + ≡ p lm ks rx t . Bob or anyone can verify the relation ] [p s r y m s r t ≡ α . Indeed, we find that ] 436[p ≡ α and ] 436[p s r y m s r ≡ . 4. OUR PROTOCOL 4.1 DESCRIPTION In this section, we describe our new digital signature. The protocol is based simultaneously on two hard problems. We assume first that h is a public secure hash function like SHA1[5 p.348, 7 p. 242 , 8 p.133]. We suppose that Alice public keys are ) , , , ( e y P α where: - 1 2 = + pq P , p , q are three primes. - α , a primitive root of the multiplicative group * ) / ( Z Z p . - x y α = mod P , where x is the private key of Alice, which is randomly taken in 1} {1,2,..., − P .
  • 4. International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016 14 - Element e is the public exponent in the RSA cryptosystem. We propose the following protocol: If Alice wants to sign the message M , she must give a solution for the modular equation: (6) where ) ( = M h m mod p , and r , s , t are unknown. To solve equation (5) , Alice starts by putting: (7) (8) Equation (5) becomes: (9) Alice uses the new variant of Elgamal algorithm[4] to solve equation (9) and to get the values of r′ , s′ and t . Then with her RSA private key she solves equations (7) and (8) . The cupel r and s is her signature for the message M . Bob or anybody can check that the signature is valid by replacing r , s and t in relation (5) . 4.2 EXAMPLE Let us illustrate the method by the following example. Suppose that Alice’s public key is: 104543 = 1 313 * 167 * 2 = + P , 5 = α , 23292 = y , 7 = e . The private keys for RSA and ElGamal systems are respectively: 9502 = x , 7399 = d . Assume that 12345 = ) ( = M h m is the hashed message that she likes to sign. If she takes Randomly 845 = k and 2561 = l . She will find from equation 8 that 17744 = r′ , 31839 = s′ . Relation 4 implies 57764 = t . Alice uses (6) and (7) to obtain:
  • 5. International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016 15 r ≡ 1] [ − ′ P r d ≡ 75282 s ≡ 1] [ − ′ P s d ≡ 19005. To verify Bob puts 62833 = mod = P A t α , 79849 = mod = 1 mod P y B P e r − , 83421 = mod 1) mod ( = 1) mod ( P P r C P e s e − − and 212997 = mod 1) mod ( = P P s D m e − , and checks if P D C B A mod * * = . 4.3 SECURITY ANALYSIS Now that we have presented the protocol, we will discuss some possible attacks. Assume that Oscar is Alice’s opponent. ATTACK 1: If the attacker try to imitate the computation made by Alice, he can find r and s , but to find t he needs the value of the private key x to solve equation 4 . ATTACK 2: Suppose Oscar is capable to solve the discrete logarithm problem [2]. He cannot calculate r and s from equation (7) and (8) he will be confronted to the factorisation of a large composite modulus [5,8]. ATTACK 3: Suppose Oscar is capable to solve RSA equations (7) and (8) . Oscar cannot get t from equation (9) since x is Alice’s secret key. If he tries to get t from equation (4) , he will be stopped by the discrete logarithm problem. 4.4 COMPLEXITY OF OUR ALGORITHM As in [1], let exp T , mult T and h T be appropriately the time to calculate an exponentiation, a multiplication and hash function of a document M . We neglect the time needed for modular substraction, additions, comparisons and apply the conversion mult exp T T 240 = . 4.4.1 SIGNATURE COMPLEXITY To sign the message M , Alice must compute the six parameters: ) ( = M h m mod P , k r α ≡ ′ ] [P , l s α ≡ ′ ] [P , d r r ′ ≡ 1] [ − P , d s s ′ ≡ 1] [ − P , lm s k r x t + ′ + ′ ≡ 1] [ − P . Alice needs to perform four modular exponentiations, three modular multiplications and one hash function computation. So the global required time is : h mult h mult exp T T T T T T + + + 963 = 3 4 = 1 4.4.2 VERIFICATION COMPLEXITY Bob should calculate 4 exponentiations, 2 multiplications and one hash function. So the global required time is : h mult h mult exp T T T T T T + + + 962 = 2 4 = 2
  • 6. International Journal of Information Technology, Modeling and Computing (IJITMC) Vol. 4, No.3, August 2016 16 5. CONCLUSION In this work, we proposed a new signature protocol that can be an alternative if old systems are broken. Our method is based simultanyously on RSA cryptosystem and DLP. ACKNOWLEDGEMENTS This work is supported by the MMS e-orientation project. REFERENCES [1] R. R. Ahmad, E. S. Ismail,and N. M. F. Tahat , A new digital signature scheme based on factoring and discrete logarithms , J. of Mathematics and Statistics (4): (2008), pp. . [2] T. ElGamal, A public key cryptosystem and a signature scheme based on discrete logarithm problem, IEEE Trans. Info. Theory, IT-31, (1985), pp. . [3] L.C. Guillou, J.J. Quisquater, A Paradoxial Identity-based SIgnature Scheme Resulting from Zero- Knowledge, Advances in cryptography, LNCS 403, (1990) pp. . [4] O. Khadir, New variant of ElGamal signature scheme, Int. J. Contemp. Math. Sciences, Vol. 5, no. 34, (2010), pp. . [5] A. J. Menezes, P. C. van Oorschot and S. A. Vanstone, Handbook of applied cryptography, CRC Press, Boca Raton, Florida, 1997. [6] R. Rivest, A. Shamir and L. Adeleman, A method for obtaining digital signatures and public key cryptosystems, Communication of the ACM, Vol. no 21, (1978), pp. . [7] J. Buchmann, Introduction to Cryptography,(Second Edition), Springer 2000. [8] D. R. Stinson, Cryptography, theory and practice, second Edition, Chapman & Hall/CRC, 2006. Authors Jaouad Ettanfouhi holds an engineer degree in Computer Science from the University of Hassan II of Casablanca (2011). Member of the laboratory of Mathematics, Cryptography and Mechanics, he is preparing a thesis in public key cryptography. Dr Omar Khadir received his Ph.D. degree in Computer Science from the University of Rouen, France (1994). Co-founder of the Laboratory of Mathematics, Cryptography and Mechanics at the University of Hassan II Casablanca, Morocco, where he is a professor in the Department of Mathematics. He teaches cryptography for graduate students preparing a degree in computer science. His current research interests include public key cryptography, digital signature, primality, factorisation of large integers and more generally, all subjects connected to the information technology.