ELECTRONICS, VOL. 15, NO. 2, DECEMBER 2011 73 Abstract—In this paper the realization of one algorithm for digital signature, DSA (Digital Signature Algorithm), is presented. In the algorithm, for calculating the variables needed to generate public and private key, one-way hash function, SHA (Secure Hash Algorithm), is used. A method of realization of SHA and DSA is presented, and the time required to digitally sign messages of different sizes and time required to generate the keys are measured. The results are compared with the analogous result based on another software implemented system for digitally signing with hash function and RSA algorithm. Index Terms—Digital signature, hash function, public key encryption algorithms, software implementation. I. INTRODUCTION UBLIC-KEY algorithms (also called asymmetric algorithms) are designed so that the key used for encryption is different from the key used for decryption. Furthermore, the decryption key cannot (at least in any reasonable amount of time) be calculated from the encryption key [5, 6]. The algorithms are called “public-key” because the encryption key can be made public: A complete stranger can use the encryption key to encrypt a message, but only a specific person with the corresponding decryption key can decrypt the message. In these systems, the encryption key is often called the public key, and the decryption key is often called the private key. Sometimes, messages will be encrypted with the private key and decrypted with the public key; that protects the integrity of the sender (authenticity of the message). This is used in digital signatures. A one-way hash function, often called compression function, message digest, fingerprint, cryptographic checksum, is central to modern cryptography. One-way hash functions are another building block for many protocols. Hash functions have been used in computer science for a long time. A hash Ministry of Science and Technological Development of the Republic of Serbia has partially funded project TR32007 “Multiservice optical transport platform OTN10/40/100 Gbps with DWDM/ROADM and Carrier Ethernet functionalities.” Part of results in this paper was presented at the 55th ETRAN conference, Banja Vruica, 6-9. June 2011. B. R. Pajin is with the IRITEL A.D., Belgrade, Serbia (phone: 00 381 11 3073 451; fax: 00 381 3073 434; e-mail: bojan@iritel.com). P. N. Ivaniš, is with Faculty of Electrical Engineering, University of Belgrade, Belgrade, Serbia (e-mail: predrag.ivanis@etf.rs). function is a function, mathematical or otherwise, that takes a variable-length input string (called a pre-image) and converts it to a fixed-length (generally smaller) output string (called a hash value) [5]. A simple hash function would be a function that takes pre-image and returns a byte consisting of the XOR of all the input bytes. A one-way hash function is a hash function that works in one direction: It is easy to compute a hash value from pre-image, but it is hard to generate a pre- image that hashes to a particular value [5]. The hash function previously mentioned is not one-way: Given a particular byte value, it is trivial to generate a string of bytes whose XOR is that value. A good one-way hash function is also collision- free: It is hard to generate two pre-images with the same hash value. The hash function is public; there’s no secrecy to the process. The security of a one-way hash function is its one- wayness. The output is not dependent on the input in any discernible way. A single bit change in the pre-image changes, on the average, half of the bits in the hash value. Given a hash value, it is computationally unfeasible to find a pre-image that hashes to that value. The purpose of digital signature is to confirm the authenticity of the message content (proof that the message has not changed on the way between sender and recipient) and to ensure a guarantee of the sender identity. Base of digital signature is the contents of the message. Author (call him person A) using a certain cryptographic algorithms, firstly creates a fixed length record of its arbitrary length message, which fully reflects the content of the message (a hash value). After that, he performs certain operations over this record, using several other parameters and his secret key, and thus generates a digital signature that is sent along with the message. When the recipient (call him person B) receives a message with a digital signature, using the sender's public key (public key of person A) and the summary record of messages, which makes himself, and applying of certain operations as a result gets a number. Person B compares that number with the number who has received in the form of digital signature and thereby determines the authenticity of the message. Considering that operations in the message summary (hash value) use a secret key, nobody else can generate the digital signature except the person who sending the message (the only person A knows its secret key). This way, the recipient (person B) knowing the sender's public key (A) is a sure that just got a message from him, because the calculated value match only if Analysis of Software Realized DSA Algorithm for Digital Signature Bojan R. Pajin and Predrag N. Ivaniš P