Computes \( v \) in the public key:

Computes the fingerprint and the ephemeral key:

Computes the signature of the message:

Enter the message (or integer) that Samantha wants to sign:

Hit **enter** to generate the parameters and use the
**left** and **right** arrow keys to navigate.

A trusted third party publish a prime number \( p \) and a generator \( g \) of the group \( \mathbb{Z}_{p}^{*} \).

Samantha chooses the secret key \( sk = s \) and computes \( v \). She then sends the public key \( pk = (p, g, v) \) to Victor.

Samantha computes the fingerprint \( \mathcal{H}(m) \) of the message \( m \) by using a public known hash function \( \mathcal{H} \).

To compute the signature, which consists of the two values \( \sigma_{1} \) and \( \sigma_{2} \), she needs a random ephemeral key \( e \) that is unique for this signature and its inverse \( e^{-1} \).

She randomly choose a \( 1 \leq e \leq p-1 \) until \( \gcd(e, p-1) = 1 \) and the inverse \( e^{-1} \) is computed with the extended Euclidean algorithm.

Samantha computes the signature of the fingerprint \( \mathcal{H}(m) \) which consists of the two values \( \sigma_{1} \) and \( \sigma_{2} \).

She then sends the message \( m \) and the signature \( (\sigma_{1}, \sigma_{2}) \) to Victor.

Victor uses the same hash function \( \mathcal{H} \) as Samantha to compute the fingerprint \( \mathcal{H}(m) \) of the message \( m \).

If nobody has tampered with the content of the message Victor gets the same fingerprint as Samantha.

Victor verifies the signature of the fingerprint \( \mathcal{H}(m) \).

If the two computed values are equals, the message was signed by Samantha and nobody has tampered with the content of the message.

Receives the public key \( pk = (p, g, v) \)

Receives the signature \( (\sigma_{1}, \sigma_{2}) \) and the message \( m \)

Computes the fingerprint \( \mathcal{H}(m) \):

Verifies the signature of the fingerprint: