Types of Digital Signature Attacks
Digital Signature is a mathematical technique that verifies the authenticity of the message or document and also provides non repudiation where the sender cannot deny signing the document. As the digital signature provides authenticity and non repudiation in order to secure important data it is very much susceptible to various attacks.
Types of Digital Signature Attacks :
There are three types of attacks on Digital Signatures:
Attention reader! Don’t stop learning now. Get hold of all the important CS Theory concepts for SDE interviews with the CS Theory Course at a student-friendly price and become industry ready.
1. Chosen-message Attack 2. Known-message Attack 3. Key only Attack
Let us consider an example where c is the attacker and A is the victim whose message and signature are under attack.
1. Chosen-message Attack :
The chosen attack method is of two types:
- Generic chosen-method – In this method C tricks A to digitally sign the messages that A does not intend to do and without the knowledge about A’s public key.
- Direct chosen-method – In this method C has the knowledge about A’s public key and obtains A’s signature on the messages and replaces the original message with the message C wants A to sign with having having A’s signature on them unchanged.
2. Known-message Attack :
In the known message attack, C has few previous messages and signatures of A. Now C tries to forge the signature of A on to the documents that A does not intend to sign by using the brute force method by analyzing the previous data to recreate the signature of A. This attack is similar to known-plain text attack in encryption.
3. Key-only Attack :
In key-only attack, the public key of A is available to every one and C makes use of this fact and try to recreate the signature of A and digitally sign the documents or messages that A does not intend to do. This would cause a great threat to authentication of the message which is non repudiated as A cannot deny signing it.