Documents or messages are signed so that the recipient can be sure that the integrity of the document and the sender is correct.
In the script you can find a section on signature algorithms entitled "Hashfunctions and Digital Signatures". There you can obtain further information about digital signatures and, in particular, the significance of hash functions for digital signatures is explained there.
CrypTool supports signature algorithms which are based on the following cryptographically relevant problems:
The CrypTool implementation of the two methods specified above is based on the provisional draft (Draft Version 8, October 1998) of the IEEE P1363 working group on Standard Specifications for Public Key Cryptography. In that draft, the elliptic curve signature algorithms used, which are implemented in CrypTool, can be found under the following headings:
ECSP-DSA (Elliptic Curve Signature Primitive – DSA variant) is a variant of DSA which makes use of the elliptic curve discrete logarithm problem but is otherwise very similar to DSA.
ECSP-NR (Elliptic Curve Signature Primitive – Nyberg-Rueppel variant) is a signature algorithm which is named after its inventors (Nyberg and Rueppel).
If one chooses the menu option Sign message, the content of the document currently active in CrypTool is signed with a user-specified procedure and a user-specified hash function that is suitable for this procedure. The parameters are selected in the Create message signature dialog.
The output of this command appears in hexadecimal form (see ASCII Table) Here one can find the signature of the message, the procedure used, the hash function used, the name under which the key pair used was stored following creation, together with the signed message.
For ECSP-DSA and ECSP-NR a message signature consists of two numbers, c and d. These numbers can be found in the output window after the character string "Signature:". Here, [c=] specifies the beginning of number c, while [d=] stands for the beginning of number d. This means that the two character strings [c=] and [d=] really do not belong to the signature – they are simply used to distinguish the two numbers c and d from each other in the output.
The Examples chapter provides an example which illustrates message signing using the RSA procedure.