RSA 数字签名的基本思想

RSA数字签名的安全性依赖于大数分解的困难性。

1、参数与密钥生成

首先选取两个大素数p和q，计算

n=pq

其欧拉函数值

（p-1）*（q-1）

然后选取随机整数e，满足

gcd（e，（p-1）*（q-1））)=1

并计算

d=e^-1 mod（（p-1）*（q-1））

则公钥为（e，n），私钥为d；p，q是秘密参数，需要保密。如不需要

保存，计算出e，d后可销毁。

2、签名算法

设待签名消息为m，对消息m的签名为

S=Sigk（m）=m^d mod n

3、签名的验证算法

当签名接受者收到签名（s，m）时，检验m=s^e mod n是否成立，以确定签名是否有效。-The basic idea of ​ ​ the RSA digital signatures RSA digital signature security depends on the difficulty of factoring large integers. 1, the parameters and the key generated by first selecting two large primes p and q, the calculated N = PQ the Euler function values ​ ​ (p-1)* (q-1) and then select a random integer e, satisfy the GCD (e, (p-1)* (q-1))) = 1 and calculate d = e ^-1 Mod ((p-1)* (q-1)) the public key (e, N), the private key D　p, q is the secret parameters, the need for confidentiality. If do not want to save, calculate e, d can be destroyed. 2, the signature algorithm provided to be signed message m, the signature of the message m S = Sigk (m) = m ^ d mod n 3, when the signature verification of the signature algorithm when receiving the signature (s, m), testing m = s ^ e mod n is set up to determine whether the signature is valid.