Shopping on line can be easy, simple and save you lots of money. It can also take a lot of your time, frustrate you, and result in unwanted purchases. Now the same can be said for regular high street shopping, but with the vast opportunity presented by the Internet it will pay you to spend a few minutes reading this and understanding how to better optimize your Digital Signature Algorithm shopping experience:

1. Compare - without doubt the biggest advantage that the Digital Signature Algorithm offers shoppers today is the ability to compare thousands of Digital Signature Algorithm at a time. This is a great thing, but not necessarily all the time! Too much can be daunting at times so take advantage of the great comparison sites and where possible let them do the hard work for you.

2. Research - if it has been said it will be on the internet. Ignorance is no longer a justifiable reason for buying the wrong thing. Take the time to research in detail everything that you could possible want to know about

3. Testimonials - don't know anybody that has bought a Digital Signature Algorithm? Wrong! If the Digital Signature Algorithm is good the internet will let you know. Use the Internet as a friend and get testimonials before you buy.

4. Questions - Got a question about Digital Signature Algorithm then search the Forums, FAQ's, Blogs etc. Don't be afraid to ask .....

5. Reputation - Never heard of the company selling Digital Signature Algorithm? Don't worry, no reason why you should know every company in the world, but you know someone that does! Use the internet to find out what people are saying about Digital Signature Algorithm and build up a picture of their reputation for sales, returns, customer service, delivery etc.

6. Returns - still worried that even after all of the above your Digital Signature Algorithm wont be what you want? Check out the returns policy. There is so much competition now that someone, somewhere is bound to offer the terms that you are comfortable with.

7. Feedback - happy with your Digital Signature Algorithm then let people know, after all you are depending on others people input in your buying decision, so why not give a little back.

8. Security - check for the yellow padlock on the Digital Signature Algorithm site before you buy, and the s after http:/ /i.e. https:// = a secure site

9. Contact - got a question about Digital Signature Algorithm, or want to leave a comment then check out the sites contact page. Reputable companies have them and respond.

10. Payment - ready to pay for your Digital Signature Algorithm, then use your credit card or PayPal! Be aware of companies that don't accept them, there may be genuine reasons but given the huge amount of choice you have when buying online there is no reason at all not to buy via credit card or PayPal.

The Digital Signature Algorithm (DSA) is a Federal government of the United States Federal Information Processing Standard or Federal Information Processing Standard for digital signatures. It was proposed by the National Institute of Standards and Technology (NIST) in August 1991 for use in their Digital Signature Standard (DSS), specified in Federal Information Processing Standard 186 , adopted in 1993. A minor revision was issued in 1996 as FIPS 186-1 , and the standard was expanded further in 2000 as FIPS 186-2 .

DSA is covered by , filed July 26, 1991, and attributed to David W. Kravitz, a former National Security Agency employee. This patent was given to "The United States of America as represented by the Secretary of Commerce, Washington, D.C." and the NIST has made this patent available world-wide royalties-free. Claus P. Schnorr claims that his covers DSA; this claim is disputed.

Key generation Key generation has two phases. The first phase is a choice of algorithm parameters which may be shared between different users of the system:

• Choose a cryptographic hash function H. In the original DSS, H was always SHA-1, but stronger hash functions from the SHA family are also in use. Sometimes the output of a newer hash function is truncated to the size of an older one for compatibility with existing key pairs.
• Decide on a key length L. This is the primary measure of the cryptographic strength of the key. The original DSS constrained L to be a multiple of 64 between 512 and 1024 (inclusive). Later, FIPS-186-2, change notice 1 specifies that L should always be 1024. Later yet, NIST 800-57 recommends lengths of 2048 (or 3072) for keys with security lifetimes extending beyond 2010 (or 2030).
• Choose a prime q with the same number of bits as the output of H.
• Choose a L-bit prime p such that p–1 is a multiple of q.
• Choose g, a number whose multiplicative order modulo p is q. This may be done by setting g = h(p–1)/q mod p for some arbitrary h (1 < h < p-1), and trying again if the result comes out as 1. Most choices of h will lead to a usable g; commonly h=2 is used.

The algorithm parameters (p, q, g) may be shared between different users of the system.The second phase computes private and public keys for a single user:

• Choose x by some random method, where 0 < x < q.
• Calculate y = gx mod p.
• Public key is (p, q, g, y). Private key is x.

The forthcoming FIPS 186-3 (available as a draft ) uses SHA-224/256/384/512 as the hash function, q of size 224 and 256 bits, and L equal to 2048 and 3072, respectively.

There exist efficient algorithms for computing the modular exponentiations ha mod p and gx mod p.

Signing

• Generate a random per-message value k where 0 < k < q
• Calculate r = (gk mod p) mod q
• Calculate s = (k-1(H(m) + x*r)) mod q
• Recalculate the signature in the unlikely case that r=0 or s=0
• The signature is (r,s)

The extended Euclidean algorithm can be used to compute the modular inverse k-1 mod q.

Verifying

• Reject the signature if either 0< r The Digital Signature Algorithm (DSA) is a Federal government of the United States Federal Information Processing Standard or Federal Information Processing Standard for digital signatures. It was proposed by the National Institute of Standards and Technology (NIST) in August 1991 for use in their Digital Signature Standard (DSS), specified in Federal Information Processing Standard 186 , adopted in 1993. A minor revision was issued in 1996 as FIPS 186-1 , and the standard was expanded further in 2000 as FIPS 186-2 .
  
  DSA is covered by , filed July 26, 1991, and attributed to David W. Kravitz, a former National Security Agency employee. This patent was given to "The United States of America as represented by the Secretary of Commerce, Washington, D.C." and the NIST has made this patent available world-wide royalties-free. Claus P. Schnorr claims that his covers DSA; this claim is disputed.
  
  Key generation Key generation has two phases. The first phase is a choice of algorithm parameters which may be shared between different users of the system:
  • Choose a cryptographic hash function H. In the original DSS, H was always SHA-1, but stronger hash functions from the SHA family are also in use. Sometimes the output of a newer hash function is truncated to the size of an older one for compatibility with existing key pairs.
  • Decide on a key length L. This is the primary measure of the cryptographic strength of the key. The original DSS constrained L to be a multiple of 64 between 512 and 1024 (inclusive). Later, FIPS-186-2, change notice 1 specifies that L should always be 1024. Later yet, NIST 800-57 recommends lengths of 2048 (or 3072) for keys with security lifetimes extending beyond 2010 (or 2030).
  • Choose a prime q with the same number of bits as the output of H.
  • Choose a L-bit prime p such that p–1 is a multiple of q.
  • Choose g, a number whose multiplicative order modulo p is q. This may be done by setting g = h(p–1)/q mod p for some arbitrary h (1 < h < p-1), and trying again if the result comes out as 1. Most choices of h will lead to a usable g; commonly h=2 is used.
  The algorithm parameters (p, q, g) may be shared between different users of the system.The second phase computes private and public keys for a single user:
  • Choose x by some random method, where 0 < x < q.
  • Calculate y = gx mod p.
  • Public key is (p, q, g, y). Private key is x.
  
  
  The forthcoming FIPS 186-3 (available as a draft ) uses SHA-224/256/384/512 as the hash function, q of size 224 and 256 bits, and L equal to 2048 and 3072, respectively.
  
  There exist efficient algorithms for computing the modular exponentiations ha mod p and gx mod p.
  
  Signing
  • Generate a random per-message value k where 0 < k < q
  • Calculate r = (gk mod p) mod q
  • Calculate s = (k-1(H(m) + x*r)) mod q
  • Recalculate the signature in the unlikely case that r=0 or s=0
  • The signature is (r,s)
  
  
  The extended Euclidean algorithm can be used to compute the modular inverse k-1 mod q.
  
  Verifying
  • Reject the signature if either 0< r