Cryptography and Network Security: Principles and Practice, 6 th Edition, by William

Stallings

CHAPTER 13: DIGITAL SIGNATURES

TRUE OR FALSE

T F 1. A digital signature can guarantee the integrity but not the source of
the message.

T F 2. It must be computationally infeasible to forge a digital signature,

either by constructing a new message for an existing digital
signature or by constructing a fraudulent digital signature for a
given message.

T F 3. The global public key components for DSA are p, q, and h.

T F 4. The most important development from the work on public-key

cryptography is the digital signature.

T F 5. The ElGamal signature scheme involves the use of the public key
for encryption and the private key for decryption.

T F 6. It is important in a direct digital signature to perform an outer

confidentiality function first and then the signature function.

T F 7. Message authentication protects two parties who exchange

messages from any third party, however, it does not protect the
two parties against each other.

T F 8. The digital signature function does not include the authentication

function.

T F 9. The DSS approach makes use of a hash function.

T F 10. It must be relatively difficult to recognize and verify the digital

signature.

T F 11. The Schnorr signature scheme is based on discrete logarithms.

T F 12. The main work for signature generation depends on the message
and is done during the idle time of the processor.

T F 13. Unlike RSA, DSS cannot be used for encryption or key exchange.
Cryptography and Network Security: Principles and Practice, 6 th Edition, by William
Stallings
T F 14. The global public key components of DSA are the same as for the
Schnorr signature scheme.

T F 15. The first part of the Schnorr digital signature scheme is the
generation of a private/public key pair.

MULTIPLE CHOICE

1. The __________ is formed by taking the hash of the message and encrypting the
message with the creator's private key.

A. timestamp B. message digest

C. hash code D. digital signature

2. __________ is where the attacker forges a signature for a particular message

chosen by the attacker.

A. Total break B. Universal forgery

C. Existential forgery D. Selective forgery

3. The digital signature standard is a __________ standard that uses the secure
hash algorithm.

A. IEEE B. NIST

C. ISO D. ITIL

4. With a __________ attack the attacker is given access to a set of messages and
their signatures.

A. known message B. key-only

C. directed chosen message D. generic chosen message

Cryptography and Network Security: Principles and Practice, 6 th Edition, by William
Stallings
5. Similar to the generic attack, except that the list of messages to be signed is
chosen after the attacker knows the user's public key but before any
signatures are seen, is the __________ attack.

A. directed chosen B. key-only

C. adaptive chosen D. known message

6. A __________ is where the attacker determines the user's private key.

A. universal forgery B. selective forgery

C. existential forgery D. total break

7. As with ElGamal encryption, the global elements of __________ are a prime

number q and a, which is a primitive root of q.

A. ElGamal digital signature B. digital signature standard

C. digital signature D. direct digital signature

8. The _________________, which is the latest of the RSA schemes, is the one that
RSA Laboratories recommends as the most secure of the RSA schemes.

A. RSA-PSS B. ECDSA

C. DSA-SDS D. EDSDS

9. The digital signature approach uses an algorithm that is designed to provide

only the _________ function.

A. digital signature B. ElGamal

C. DSA D. timestamp

10. In the __________ approach only the sender knows the private key so only the
sender could have produced a valid signature.

A. EDS B. DSA

C. DSS D. RSA
Cryptography and Network Security: Principles and Practice, 6 th Edition, by William
Stallings

11. The ____________ components of DSA are the same as in the Schnorr
signature scheme.

A. private key B. EDS

C. global public key D. message digest

12. To create a __________ a user calculates two quantities, r and s, that are
functions of the public key components (p, q, g), the user's private key (x),
the hash code of the message H(M), and an additional integer k that should
be generated randomly or pseudorandomly and be unique for each signing.

A. signature B. hash authentication

C. secret key D. global key

13. The __________ scheme minimizes the message dependent amount of

computation required to generate a signature.

A. Rabin B. SHA-1

C. ElGamal D. Schnorr

14. With a __________ attack the attacker is allowed to use the user as an "oracle".
This means that the user may request signatures of messages that depend on
previously obtained message-signature pairs.

A. adaptive chosen message B. generic chosen

C. directed chosen message D. known message

15. In the digital signature algorithm the user's __________ is represented by x,

which is a random or pseudorandom integer with 0 < x < q.

A. per message secret number B. private key

C. global key D. public key

Cryptography and Network Security: Principles and Practice, 6 th Edition, by William
Stallings
SHORT ANSWER

1. A _____digital signautre____ is an authentication mechanism that enables the

creator of a message to attach a code that acts as a signature.

2. The first stage in generating an RSA-PSS signature of a message

M is to generate from M a fixed-length message digest, called an ______________.

3. The attacker finds an efficient signing algorithm that provides an equivalent

way of constructing signatures on arbitrary messages is a ______universal
forgery_____ .

4. A digital signature must have the following properties: it must verify the
author and the date and time of the signature; it must authenticate the
contents at the time of the signature; and it must ____be verifiable by 3 rd
parties_______ to resolve disputes.

5. The DSS makes use of the Secure Hash Algorithm and presents a new digital
signature technique known as the ______DSA________ .

6. The _____generic chosen message_____ attack is where the attacker chooses a

list of messages before attempting to break the user's signature scheme,
independent of the user's public key. The attacker then obtains from the
user valid signatures for the chosen messages.

7. _____DSA____ specifies that if the signature generation process results in a

value of s = 0 a new value of k should be generated and the signature should
be recalculated.

8. The term _____direct digital signature_____ refers to a digital signature scheme

that involves only the communicating parties.

9. The ___el gamal_______ encryption scheme is designed to enable encryption by

a user's public key with decryption by the user's private key.

10. The __________ scheme minimizes the message dependent amount of

computation required to generate a signature.

11. The message dependent part of the Schnorr digital signature generation
requires multiplying a __________ with an n-bit integer.

12. In addition to the NIST Digital Signature Algorithm and ECDSA, the 2009
version of FIPS 186 also includes several techniques based on ____DSA_____ ,
all of which were developed by RSA Laboratories and are in wide use.
Cryptography and Network Security: Principles and Practice, 6 th Edition, by William
Stallings
13. The _________ is based on the difficulty of computing discrete logarithms and
is based on schemes originally presented by ElGamal and Schnorr.

14. FIPS 186 -3 incorporates digital signature algorithms based on RSA and on
_____eliptic curve_____ cryptography.

15. Administrative controls relating to the security of private keys can be

employed by including a ____timestamp______ (which includes date and time)
and to require prompt reporting of compromised keys to a central authority.