dsa

Are .Net's and Java's DSA implementation compatible?

I am trying to digitally sign requests made by a mobile client running J2ME and want to verify the signature by the .Net Framework. Does anyone know if the implementations DSACryptoServiceProvider //.Net and Signature.getInstance("SHA1withDSA", "SUN") //Java are compatible? Or does anyone have a better idea? After some resea...

Automating terminal login with DSA key

How would I go about doing this on the terminal? sftp then asks me for a password. how do I include my DSA key so that I do not have to use the password? ...

Mathematical attack on the Digital Signature Algorithm

Does anybody know the mathematics behind an attack on DSA where modulus p has p-1 made up of only small factors. In reality, this would not happen as the key generator would guarantee that this is not so. There is much information on the web on generating good input paramters for DSA so that it is hard to crack but no information on ho...

Worked Example of Digital Signature Algorithm

Hi Folks, Does anybody have a DSA worked example with simple values on how to calculate r,s and verify v == r. As this standard has been around awhile and is implemented in librarys e.g. the Java Cryptography Extension I'm finding it very hard to find an example of how the algorithm works. Compute r=(gk mod p) mod q Compute s=(k-1 * ...

What is the difference between DSA and RSA?

It appears they are both encryption algorithms that require public and private keys. Why would I pick one versus the other to provide encryption in my client server application? ...

C# A random BigInt generator

Hi, I'm about to implement the DSA algorithm, but there is a problem: choose "p", a prime number with L bits, where 512 <= L <= 1024 and L is a multiple of 64 How to implement a random generator of that number? Int64 has "only" 63 bits length ...

Tiny asymmetric cipher implementation to validate download

To allow a small C++ application to update itself at clients connected over the internet, I am in need of a mechanism that validates the download based on a public key. Algorithms such as DSA or RSA seem to be able to do this nicely. However, looking at well-known available libraries for this (Crypto++, LibTomCrypt) they all end up maki...

Storage of private and public key in MySQL-DB

Probably somebody asked that already, but I couldn't find any usefull information and I've never done it before. So here is the problem. If I'll get a set of key pairs (DSA public and private keys) with different time validity and unique ID, what is the best way to store them in MySQL-DB using Java? Is it a good idea at all to store t...

M2Crypto: verifying DSA signatures

I'm having trouble verifying DSA signatures using Python/M2Crypto. The signatures are generated in Java, using standard java.security.Signature class, with Sun's crypto provider and SHA1withDSA algorithm designation. Here's some shell output: >>> pk <M2Crypto.DSA.DSA_pub instance at 0x20b6a28> >>> sig = '302c02141c4bbb218215ebfec572880...

How would one write a private/public key system for a server authentication?

Hi all, I guess this might have been posted somewhere, I did search, but couldn't find anything. I have this server on which I run a game server, and where I want to have some TCP server (possibly written in Ruby) that will provide a pseudo-session with few commands available (like restart the game server, send the logs, etc.) What I ...

Java SHA1withDSA to PHP, convertible?

Any success in implementing SHA1withDSA signature with PHP? A failure reported here. PKCS8EncodedKeySpec prvSpec = new PKCS8EncodedKeySpec(prvKeyBytes); KeyFactory keyFactory = KeyFactory.getInstance("DSA"); PrivateKey prvKey = keyFactory.generatePrivate(prvSpec); Signature sig = Signature.getInstance("SHA1withDSA"); sig.initSign(prvKey...

DSA: What can a hacker do with *just* a public key?

The shareware registration system I'm currently developing embeds the public DSA key in the executable itself, and the private key resides on a server. (For the sake of discussion let's assume that the server is 100% secure, and there is no way for anybody to get their hands on the private key.) Whenever the program is purchased, the se...