DSA SECURITY ENHANCEMENT THROUGH EFFICIENT NONCE GENERATION
Akash Nag*1, Sunil Karforma2
|Corresponding Author: Akash Nag, E-mail: [email protected]|
|Related article at Pubmed, Scholar Google|
The Digital Signature Algorithm (DSA) has become the de facto standard for authentication of transacting entities since its inception as a standard by NIST. An integral part of the signing process in DSA is the generation of a random number called a nonce or an ephemeral key. If sufficient caution is not taken while generating the nonce, it can lead to the discovery of the private-key paving the way for critical security violations further on. The standard algorithms for generation of the nonce as specified by NIST, as well as the widely implemented random number generators, fail to serve as true random sources, thus leaving the DSA algorithm open to attack, resulting in possible signature forgery in electronic transactions, by potential attackers. Furthermore, the user can select the nonce arbitrarily, which leads to a subliminal channel being present to exchange messages through each signature, which may be intolerable for security reasons. In this paper, we have improved the security of the DSA algorithm by proposing an efficient nonce-generation process, which ensures that the generated nonce is sufficiently random as well as unique for each generated signature, thereby securing the signing process. Furthermore, our algorithm also ensures that there are no subliminal channels present in DSA.