# Digital Signature Algorithm (DSA) #### The Problem with Diffie-Hellman While Diffie-Hellman allows two parties to **securely agree on a shared secret**, it has one major weakness: * A malicious actor could **intercept the public keys** during exchange. * They could substitute their own keys, posing as Alice or Bob. * This is known as a **man-in-the-middle attack**. 👉 **Solution:** Use **digital signatures** to prove that a public key actually belongs to the claimed sender. *** #### What is a Digital Signature? A **digital signature** is like a physical signature — it links an **identity** to a message. * Unlike handwritten signatures, digital signatures are **easy to verify** using math. * By signing at least one public key exchange message in Diffie-Hellman, parties ensure the key is really from its owner. 👉 The most widely adopted algorithm is the **Digital Signature Algorithm (DSA)**, chosen as the **U.S. government standard**. *** #### Parameters in DSA Similar to Diffie-Hellman, DSA uses: * **p** → a large prime number. * **q** → a prime divisor of (p−1). * **g** → a generator point. Alice and Bob each: * Pick a **private key** (random number less than p). * Compute the corresponding **public key**: * * `A = gᵃ mod p` * `B = gᵇ mod p` #### Signing a Message (m) To generate a signature for message **m**: 1. Choose a random number **k**. 2. Compute: * `r = (gᵏ mod p) mod q` * `s = (k⁻¹(m + a·r)) mod q` 3. The signature is the pair **(r, s)**. *** #### Verifying a Signature To check if a signature **(r, s)** is valid: 1. Compute `z = s⁻¹ mod q`. 2. Compute: * `w₁ = (m·z) mod q` * `w₂ = (r·z) mod q` 3. Verify: * `v = (gʷ¹ · Aʷ² mod p) mod q` * If **v = r**, the signature is valid. *** ✅ **Summary:** Digital signatures prevent **man-in-the-middle attacks** by verifying the authenticity of exchanged keys. The **DSA algorithm** provides a secure, standardized way to sign and validate messages, ensuring both **identity** and **integrity** in communication. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://hub.bsvblockchain.org/higher-learning/bsv-academy/bitcoin-primitives-hash-functions/ripemd-160-overview/digital-signature-algorithm-dsa.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.