**Any private key value that you enter or we generate is not stored on this site . Also, notice that this tool is provided via an HTTPS URL to ensure that private keys cannot be stolen**

OpenSSL Commands for Generatoing DSA Param, Singing File & verify File

openssl dsaparam 2048 < /dev/random > dsa_param.pem

openssl gendsa dsa_param.pem -out dsa_priv.pem

openssl dsa -in dsa_priv.pem -pubout -out dsa_pub.pem

# DSA system now made up of: dsa_param.pem, dsa_pub.pem, dsa_priv.pem

echo "foobar" > foo.txt

openssl sha1 < foo.txt > foo.txt.sha1

openssl dgst -dss1 -sign dsa_priv.pem foo.txt.sha1 > foo.txt.sig

openssl dgst -dss1 -verify dsa_pub.pem -signature foo.txt.sig foo.txt.sha1

DSA (Digital Signature Algorithm)

DSA is a variant on the ElGamal and Schnorr algorithms creates a 320 bit signature, but with 512-1024 bit security security again rests on difficulty of computing discrete logarithms has been quite widely accepted

DSA Key Generation

firstly shared global public key values (p,q,g) are chosen:

choose a large prime p = 2 power L

where L= 512 to 1024 bits and is a multiple of 64

choose q, a 160 bit prime factor of p-1

choose g = h power (p-1)/q

for any h1

then each user chooses a private key and computes their public key:

choose x compute y = g power x(mod p)

DSA key generation is related to, but somewhat more complex than El Gamal. Mostly because of the use of the secondary 160-bit modulus q used to help speed up calculations and reduce the size of the resulting signature.

DSA Signature Creation and Verification

to sign a message M

generate random signature key k, k compute

r = (g power k(mod p))(mod q)

s = k-1.SHA(M)+ x.r (mod q)

send signature (r,s) with message

to verify a signature, compute:

w = s-1(mod q)

u1= (SHA(M).w)(mod q)

u2= r.w(mod q)

v = (g power u1.y power u2(mod p))(mod q)

if v=r then the signature is verified