Digital Signature Standard (DSS)

Digital Signature Standard (DSS) is the digital signature algorithm (DSA) developed by the U.S. National Security Agency (NSA) to generate a digital signature for the authentication of electronic documents. DSS was put forth by the National Institute of Standards and Technology (NIST) in 1994, and has become the United States government standard for authentication of electronic documents. DSS is specified in Federal Information Processing Standard (FIPS) 186.

DSA is a pair of large numbers that are computed according to the specified algorithm within parameters that enable the authentication of the signatory, and as a consequence, the integrity of the data attached. Digital signatures are generated through DSA, as well as verified. Signatures are generated in conjunction with the use of a private key; verification takes place in reference to a corresponding public key. Each signatory has their own paired public (assumed to be known to the general public) and private (known only to the user) keys. Because a signature can only be generated by an authorized person using their private key, the corresponding public key can be used by anyone to verify the signature.

A data summary of the information (called a message digest) is created through the use of a hash function (called the Secure Hash Standard, or SHS, and specified in FIPS 180). The data summary is used in conjunction with the DSA algorithm to create the digital signature that is sent with the message. Signature verification involves the use of the same hash function.

This was last updated in May 2007

Continue Reading About Digital Signature Standard (DSS)

Dig Deeper on PKI and digital certificates