Sections 8.3 & 9.5; Due November 10

Difficult: Am I allowed to put "Section 8.3" here and leave it at that? Probably not. SHA-1 is quite confusing though, which is probably its point in the first place. I have a hard time following the steps, partially because of all of the newly defined operations, and partially because of the sudden introduction of Hexadecimal, with which I am only vaguely familiar. The diagrams (8.2 and 8.3) are definitely not clarifying matters. I see that all of the important parts come in step 3 and I understand how they adjust the message to a specified length where it can be split into 512 bit blocks though.

Reflective: While the text does discuss many ways in which the DSA is more secure than ElGamal, it does not mention birthday attacks on this algorithm. I suppose this is because it is assumed to be secure from a birthday attack as long as you choose a large enough prime? Or is it because there are two "coded" parts. You would need to have the right hash first, and then work out the signature from there, so that complicates matters too.