Types of Digital Signature Attacks

Digital Signature is a mathematical technique that verifies the authenticity of the message or document and also provides non-repudiation where the sender cannot deny signing the document. As the digital signature provides authenticity and non-repudiation in order to secure important data, it is very much susceptible to various attacks. 

Types of Digital Signature Attacks : 

There are three types of attacks on Digital Signatures:

1. Chosen-message Attack
2. Known-message Attack
3. Key-only Attack 

Let us consider an example where c is the attacker and A is the victim whose message and signature are under attack. 

1. Chosen-message Attack : 

The chosen attack method is of two types:

1. Generic chosen-method – In this method C tricks A to digitally sign the messages that A does not intend to do and without the knowledge about A’s public key.
2. Direct chosen-method – In this method C has the knowledge about A’s public key and obtains A’s signature on the messages and replaces the original message with the message C wants A to sign with having A’s signature on them unchanged.

2. Known-message Attack : 

In the known message attack, C has a few previous messages and signatures of A. Now C tries to forge the signature of A on to the documents that A does not intend to sign by using the brute force method by analyzing the previous data to recreate the signature of A. This attack is similar to known-plain text attack in encryption. 

3. Key-only Attack : 

In key-only attack, the public key of A is available to every one and C makes use of this fact and try to recreate the signature of A and digitally sign the documents or messages that A does not intend to do. This would cause a great threat to authentication of the message which is non-repudiated as A cannot deny signing it.