p>p:L bits long prime number. L is a multiple of 64, ranging from 512 to 124;
the prime factor of 16bits of q: p-1;
g: g = h ((p-1)/q) mod p, and h satisfies h <; p - 1, h^((p-1)/q) mod p > 1;
x:x < Q and x are private keys;
y: y = g x mod p, (p, q, g, y) is the public key;
h (x): one-way hash function. SHA( Secure Hash Algorithm) is selected in DSS.
p, q, g can be enjoyed by a group of users * * *, but in practical application, using public * * * modulus may bring some threats. The signature and verification protocols are as follows:
1. P Generate random numbers k, k <; q;
2. P calculate r = (g k mod p) mod q
s = (k (-1) (h (m)+xr)) mod q
the signature result is (m, r, s).
3. calculate w = s (-1) mod q
u1 = (h (m) * w) mod q
U2 = (r * w) mod q
v = ((g u1 * y U2) mod p) mod q
.
DSA is based on integer finite field discrete logarithm problem, and its security is similar to RSA. An important feature of DSA is that two prime numbers are public, so that when using other people's P and Q, you can confirm whether they are randomly generated or tampered with even if you don't know the private key. RSA algorithm can't.