Elliptic Curve Digital Signature

Algorithms (ECDSA)
ECDSA

 The Elliptic Curve Digital Signature Algorithm is a Digital Signature Algorithm (DSA)
that uses elliptic curve cryptography keys.
 It is a very efficient equation that is based on cryptography with public keys.
 ECDSA is utilized in many security systems, is popular in encrypted messaging apps, and
is the foundation of Bitcoin security (with Bitcoin “addresses” serving as public keys).
Categories of Digital signature

• Integer Factorization (IF) Schemes: They rely their security on the integer factorization
problem’s intractability. RSA Signature Schemes are one example.
• Discrete Logarithm (DL) Schemes: Their security is based on the intractable nature of
the discrete logarithm challenge in a finite field.
• Elliptic Curve (EC) Schemes: They rely their security on the elliptic curve discrete
logarithm problem’s intractability. The Elliptic Curve Digital Signature Algorithm, for
example, is being used in this investigation and without a doubt the most recent of the
many designs.
Domain Parameter of ECDSA

An elliptic curve E defined over a discrete space Fq with characteristic p and a base point G
Domain parameters might be distributed by a group of entities or unique to a single user.
Domain parameter generation methods:
 One method for generating cryptographically safe domain parameters is as follows:
• Step 1: Select coefficients a and b from Fq verifiable using a random method.
• Step 2: Compute the value of Number N.
• Step 3: Verify N is divisible by the large prime number if not go to step 1.
• Step 4: Verify N does not divisible by qk -1 for each k where k ranges from 1 to 20.
• Step 5: Verify N is not equal to q if not then go to step 1.
• Step 6: Select an arbitrary point G’∈ Nq and set G=(N/n).
Domain parameter validation:

 Validation of domain parameters ensures that the domain parameters have the necessary
arithmetic features. In practice, domain parameter validation is performed for two reasons:
1. To prevent the intentional insertion of erroneous domain parameters, which may enable
some attacks
2. To detect inadvertent coding or transmission mistakes.
 Steps for domain parameter validation:
• Step 1: usage of a specific algorithm is used to do explicit domain parameter validation.
• Step 2: D is generated by A utilizing a trustworthy system.
• Step 3: A obtains confirmation from a trusted party T, a certification authority, that T
validated D’s explicit domain parameters using a specified Algorithm.
• Step 4: A obtains assurance from a trustworthy third party T that D was generated using a
trustworthy system.
ECDSA key pair

An ECDSA key pair is linked to a specific set of EC domain settings. The public key is a randomly
generated multiple of the base point, whereas the private key is the integer used to generate the
multiple points.
 Key pair generation:
 The key pair of entity A is associated with a certain set of EC domain parameters D = (q, FR, a,
b, G, n, h).
 This relationship can be ensured cryptographically (e.g., with certificates) or contextually (e.g.,
by using the same domain parameters by all organizations).
 Prior to key generation, entity A must be confident that the category parameters are correct.

Creation of an ECDSA key pair. Every item A does these things:

 Input for the algorithm: A public key Q=(xQ, yQ) associated with valid domain
parameters (q, FR, a, b, G,n,h).
 Output for the algorithm: Acceptance or rejection of the validity of h.
1. Check that Q does not equal O.
2. Check that xQ and yQ are properly represented elements of Fq(i.e., integers in the interval |
0, p-1| in case q = p, and bit strings of length A bits in the case q = 2m).
3. Check that h lies on the elliptic curve defined by a and b.
4. Check that nQ = O.
5. If any check fails, then Q is invalid; otherwise Q is valid
Proof of Possession of a Private Key:
• An organization can assert that signed messages came from it if it
can certify another entity’s public key as being its own.
• To prevent this, before the CA verifies the public key as belonging
to A, it should demand that all entities show proof of ownership of
the private keys that match their public keys.
• It should be noted that private key possession evidence offers
distinct guarantees from public key verification.
• The former proves that a private key is in your possession even
though it might correlate to an invalid public key, whereas the latter
proves that a public key is legitimate but that you do not own the
associated private key. With both, a great level of assurance is
offered.
 ECDSA Signature Generation
 The steps for creating and verifying signatures with the ECDSA are described
in this section. An entity A with domain attributes D=(q, FR, a, b, G, n, h) and
associated key pair (d, Q) performs the following actions to sign a message m.
1. Select a random or pseudo-random integer k, where k ranges from 1 to n – 1.
2. Transform x1 to an integer by computing kG = (x1, y1).
3. Compute r = x1 mod n and if r = 0 then go to step 1.
4. Compute k – 1 mod n.
5. Compute s = k – 1(e + dr) mod n. If s is equal to 0 then follow step 1.
6. The message m bears the signature of A. (r,s).
ECDSA Signature Verification

 B receives an authentic copy of A’s domain parameters D = (q, FR, a, b, G, n, h) and related
public key Q in order to validate A’s signature (r, s) on m. It is advised that B verifies D and Q as
well. Next, B performs the following:
1. Check if the integers r and s fall inside the range [1, n – 1].
2. Transform the bit string to a number e and perform SHA – 1(m).
3. Compute w = s-1 mod n.
4. Compute u1 = ew mod n and u2 = rw mod n.
5. Compute X = u1G + u2Q.
6. If X = O, then reject the signature. If not, compute v = x 1 mod n and convert X’s x coordinate x1
to an integer.
7. Accept the signature if and only if v = r.
Key pair generation process.
Signature computation process.
Signature verification process
Hardware configuration of an ECDSA
authentication system
Certificate generation by a key-management
system
Verifying the authenticator’s public key using
the certificate
Signature computation performed by the
authenticator.
Verifying the signature computed by the
authenticator
Reference

 Implementation of Elliptic Curve Digital Signature Algorithm, International Journal of