• ElGamal digital signature scheme
• Schnorr digital signature scheme
• Digital signature standard (DSS)
Message authentication
- Protects two parties who exchange messages from third party
-But does not protect the parties against each other
Ability:
-Verify author, date,time
-authenticate message content
-Be verifiable by third party to resolve disputes
Attacks
-Key-only attack: only knows public key of A whose signature is being attacked
-Known mesage attack: Access to a set of message and signatures
-Generic chosen message attack: 1. Choose a list of messages before attack,indepent of public key of A
2. Then obtains valid signatures from A for the chosen messages
-Directed chosen message attack: 1. Know public key of A,then choose a list of messages
2. Then obtain valid signatures for messages
-Adaptive chosen message attack: 1.Use A as an "oracle" 2. A may request signatures of messages that depend on previously obtained message-signature pairs.