<a href="https://colab.research.google.com/github/Codewiz22/AES/blob/main/DSA_Implementation.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

In [1]:
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import dsa
from cryptography.hazmat.backends import default_backend
from cryptography.exceptions import InvalidSignature

class DSAManager:
    """
    A professional-grade Digital Signature Algorithm (DSA) implementation.
    Standard: FIPS 186-4 (Digital Signature Standard).

    DSA is used for digital signatures only (authentication and integrity).
    It cannot be used for data encryption.
    """
    def __init__(self, key_size=2048):
        # Generate DSA parameters and private key
        # key_size should be 2048 or 3072 for modern security standards.
        self.private_key = dsa.generate_private_key(
            key_size=key_size,
            backend=default_backend()
        )
        self.public_key = self.private_key.public_key()

    def sign_message(self, message: str) -> bytes:
        """
        Signs a message using the DSA private key.
        The algorithm hashes the message (SHA-256) before signing.
        """
        message_bytes = message.encode('utf-8')

        # DSA signature consists of two integers (r, s)
        signature = self.private_key.sign(
            message_bytes,
            hashes.SHA256()
        )
        return signature

    def verify_signature(self, message: str, signature: bytes) -> bool:
        """
        Verifies the signature using the DSA public key.
        Returns True if valid, False otherwise.
        """
        message_bytes = message.encode('utf-8')

        try:
            self.public_key.verify(
                signature,
                message_bytes,
                hashes.SHA256()
            )
            return True
        except InvalidSignature:
            return False

# --- Usage Example for Week 5 Presentation ---
if __name__ == "__main__":
    print("--- Digital Signature Algorithm (DSA) Demo ---")

    # 1. Setup
    dsa_tool = DSAManager(key_size=2048)
    original_document = "Official Directive: Deploy software update v2.1.0 to production."

    print(f"Document: {original_document}")

    # 2. Signing
    print("\n[Sender] Generating Digital Signature...")
    sig = dsa_tool.sign_message(original_document)
    print(f"Signature (hex): {sig.hex()[:64]}...")

    # 3. Verification
    print("\n[Receiver] Verifying Signature...")
    is_valid = dsa_tool.verify_signature(original_document, sig)
    print(f"Verification Result: {'✅ AUTHENTIC' if is_valid else '❌ INVALID'}")

    # 4. Tampering Simulation
    tampered_document = "Official Directive: Deploy software update v2.1.0 to STAGING."
    print(f"\n[Attacker] Modifying Document to: '{tampered_document}'")
    is_valid_tamper = dsa_tool.verify_signature(tampered_document, sig)
    print(f"Verification Result: {'✅ AUTHENTIC' if is_valid_tamper else '❌ INVALID'}")

    # 5. Presentation Point: Randomness
    print("\n[Technical Note]")
    print("DSA is highly sensitive to randomness. If the same random value 'k'")
    print("is used to sign two different messages, the private key can be leaked.")

--- Digital Signature Algorithm (DSA) Demo ---
Document: Official Directive: Deploy software update v2.1.0 to production.

[Sender] Generating Digital Signature...
Signature (hex): 304402201faee21213cf3137b01f582e8f819adba0f0a6d578ee83d7551ba99e...

[Receiver] Verifying Signature...
Verification Result: ✅ AUTHENTIC

[Attacker] Modifying Document to: 'Official Directive: Deploy software update v2.1.0 to STAGING.'
Verification Result: ❌ INVALID

[Technical Note]
DSA is highly sensitive to randomness. If the same random value 'k'
is used to sign two different messages, the private key can be leaked.
