RSA 12 https kjur github iojsrsasignsamplersasign html ECDSA
RSA 전자서명 테스트 12 https: //kjur. github. io/jsrsasign/sample-rsasign. html
ECDSA 14 타원곡선 전자서명 알고리즘(Elliptic Curve Digital Signature Algorithm)
Signature 클래스 17
전자서명을 위한 키생성 18 DSA (Digital Signature Algorithm) RSA (Rivest Shamir Adleman) EC (Elliptic Curve, 타원곡선 암호)
예제: Signature. Example. java 20 // 전자서명 생성 public static byte[] sign(Private. Key private. Key, byte[] plain. Data) throws General. Security. Exception { Signature signature = Signature. get. Instance("SHA 256 with. RSA"); signature. init. Sign(private. Key); signature. update(plain. Data); byte[] signature. Data = signature. sign(); return signature. Data; } // 전자서명 검증 public static boolean verify(Public. Key public. Key, byte[] signature. Data, byte[] plain. Data) throws General. Security. Exception { Signature signature = Signature. get. Instance("SHA 256 with. RSA"); signature. init. Verify(public. Key); signature. update(plain. Data); return signature. verify(signature. Data); }
RSA 전자서명 21 예제: Signature. Example. java 키생성 Key. Pair. Generator generator = Key. Pair. Generator. get. Instance("RSA"); generator. initialize(2048); Key. Pair pair = generator. generate. Key. Pair(); 서명 Signature signature = Signature. get. Instance("SHA 256 with. RSA"); signature. init. Sign(private. Key); signature. update(plain. Data); byte[] signature. Data = signature. sign();
DSA 전자서명 22 예제: Signature. Example. DSA. java 키생성 Key. Pair. Generator generator = Key. Pair. Generator. get. Instance(“DSA"); generator. initialize(2048); Key. Pair pair = generator. generate. Key. Pair(); 서명 Signature signature = Signature. get. Instance("SHA 256 with. DSA"); signature. init. Sign(private. Key); signature. update(plain. Data); byte[] signature. Data = signature. sign();
ECDSA 전자서명 (타원곡선기반 전자서명) 23 예제: Signature. Example. ECDSA. java 키생성 Key. Pair. Generator generator = Key. Pair. Generator. get. Instance(“EC"); generator. initialize(256); Key. Pair pair = generator. generate. Key. Pair(); 서명 Key size must be at most 571 bits 타원곡선암호는 키길이가 작아도 됨 Signature signature = Signature. get. Instance(" SHA 256 with. ECDSA"); signature. init. Sign(private. Key); signature. update(plain. Data); byte[] signature. Data = signature. sign();
RSA/PSS 25 Bouncy Castle에 RSA/PSS 제공 예제: Signature. Example. RSAPSS. java � � 서명, 검증 알고리즘에 “SHA 256 with. RSA/PSS” 또는 “SHA 256 with. RSAand. MGF 1” 지정 메인 클래스에서 BC 프로바이더 추가 Security. add. Provider(new Bouncy. Castle. Provider()); � 같은 키를 사용하더라도 매번 다른 서명값을 출력
전자봉투 생성 27 Bob’s Alice’s Public Key/Private Key Public Key Randomly Generated Session Key Symmetric Key Cryptosystem Encryption Hash Algorithm Encrypted Message Signature Hash Encrypted Session Key Encrypted Message SEND Signing Encryption Signature Encrypted Session Key Public Key Cryptosystem
전자봉투 확인 28 Alice’s Bob’s Public Key/Private Key Public Key Encrypted Session Key Signature Decryption Hash Algorithm Hash 1 RECEIVE Encrypted Message Decryption Signature Verifying Encrypted Session Key Encrypted Message Hash 2
예제: Envelope. java 29 실행 결과
- Slides: 29