Types of Digital Signature Attacks
Digital Signature is a mathematical technique that verifies the authenticity of the message or document and also provides non-repudiation where the sender cannot deny signing the document. As the digital signature provides authenticity and non-repudiation in order to secure important data, it is very much susceptible to various attacks.
Types of Digital Signature Attacks :
There are three types of attacks on Digital Signatures:
1. Chosen-message Attack 2. Known-message Attack 3. Key-only Attack
Let us consider an example where c is the attacker and A is the victim whose message and signature are under attack.
1. Chosen-message Attack :
The chosen attack method is of two types:
- Generic chosen-method – In this method C tricks A to digitally sign the messages that A does not intend to do and without the knowledge about A’s public key.
- Direct chosen-method – In this method C has the knowledge about A’s public key and obtains A’s signature on the messages and replaces the original message with the message C wants A to sign with having A’s signature on them unchanged.
2. Known-message Attack :
In the known message attack, C has a few previous messages and signatures of A. Now C tries to forge the signature of A on to the documents that A does not intend to sign by using the brute force method by analyzing the previous data to recreate the signature of A. This attack is similar to known-plain text attack in encryption.
3. Key-only Attack :
In key-only attack, the public key of A is available to every one and C makes use of this fact and try to recreate the signature of A and digitally sign the documents or messages that A does not intend to do. This would cause a great threat to authentication of the message which is non-repudiated as A cannot deny signing it.