Does anybody have any feedback on why r is computed to mod p but s is computed to mod p-1. I know it is related to Fermat's little theorem of course but what are the specifics? Thx
I believe I clearly understand the attack at the beginning of the video however in the real world wouldn't PKI with certs signed by a CA preempt such an attack. Thanks again for such a great course
Given than same KE cannot be chosen more than once, how does this digital signature work in practise? I assume the setup phase happens only once and the public key is published to key servers. So everytime the key is used to sign, the random number(for KE) chosen should be remembered to not use again. If more than one device is used to sign using the same key, they should somehow sync the list of KEs chosen to sign. Am I missing something here?
ja i also had the same problem i mean that tricked my mind,coz if the same KE is used more than once than it can be synced,i think thats why larger numbers are used so as to have a large scope of such values to choose
@@introductiontocryptography4223 Thank you for answering dear professor, but the general representation of dlp is; g^x ≡ β (mod p) and the variable that we are trying to find is 'x', the computation in this video is; x ≡ s^e (mod n) and if Oscar choose x firstly, the variable that we are trying to find is 's', These equations do not look similar. How can it be discrete logarithm problem? Do we need to take logarithm to find s from x?