Statement: reprint with clear indication of oneself or source, please inform as far as possible at your convenience.
Respect originality and make progress together.
The profile
Elliptic Curve Digital Signature Algorithm (ECDSA) : a Digital Signature Algorithm using Elliptic Curve encryption Algorithm. Reference 3
Security level (bit indicates the maximum number of possible decryption operations). For example, an 80bit public key means that it may take up to 2^80 operations to find the private key.
At the 80-bit security level, the public key length of the ECDSA is 160 bits, while the public key length of the DSA is 320 bits, which is greatly reduced in size.
The basic flow
-
The basic idea of the algorithm:
- Pick a curve
- Choose a point on the curve as your origin
- Generate a random number for your private key
- Take the origin and random number, and go through a bunch of magical math to get your public key
-
After generating the public key, the basic logic for your signature is:
- Gets the Hash of the data (or file) to be signed
- Use the private key to pair this
Hash
Signature and generateR
andS
Detailed instructions
-
After completing the signature, the basic logic for others to verify the signature is as follows:
- use
S
And the public key, through a magical mathematical operation, is generatedR'
- contrast
R
andR'
, if the two are the same, the signature is valid. Otherwise, illegalDetailed instructions
The public key, with modern computing power, is virtually impossible to reverse, so it is safe for the most part (see security level). For convenience, the public key length of ECDSA is set to 160 bits, that is, 20 bytes
Brief introduction of algorithm Principle
Hash
It’s a summary of the data. It’s standardECDSA
It’s using the Hash algorithmSHA1
But this can be replaced, such as availableSHA3
Algorithm for data summarization. The larger the length of this abstract, the more computation, the higher the theoretical security.- Elliptic curve formula
y^2 = (x^3 + a * x + b) mod p
And some additionpoint addition
It is the basis of ECDSA.Reference 2. - A secret function
trapdoor function
, one-way operation is simple, reverse operation is difficult.ECDSA
It belongs to a kind of secret door function of discrete logarithm class. It belongs to the encryption algorithm with mature theory and relatively high security factor.Reference 4 ECDSA
Parameters to be set in the algorithm include:y^2 = (x^3 + a * x + b) mod p
In thea
.b
, specify the curve.p
Is a prime number. There’s moreN
, the number of points on the elliptic curve,0 < N < p
And,N
isperfect square. AndG
The point on any curve, as the origin of your operation.- The existence of public key alone cannot prove whether the signature of private key is legal or not, and the operation needs to use the same parameter.
Some details
Create a signature
The 40-byte signature is divided into two parts. R and S, 20 bytes each
Generation of R:
- To generate, a random algorithm is used to generate a 20-byte
k
- To usePoint multiplicationI get point P,
P=k*G
- The x coordinate value of point P is, then
R
Generation of S:
- Gets the Hash value of the data, which is z
S = k^-1 (z + dA * R) mod p
.dA
The private key
Verify the signature
P = S^-1*z*G + S^-1 * R * Qa
.Qa
The public key- If the x coordinate of P is equal to R, the signature is legal, otherwise it is illegal.
Algorithmic risk point
k
Random value. The value must be a random number of encryption strength. If its pseudo-random value can be guessed/reproduced, it means it has been hacked. The existing cases areSONY PLAYSTATION 3 was hacked
The specific implementation
- C version
- Go version
Expand the implementation
- secp256k1The realization of bitcoins
Standards for Efficient Cryptography(SEC)
. The realization of this algorithm was gradually paid attention to and adopted by the industry after Bitcoin became popular. The root cause is that it is about 30% faster than other implementations.
Reference documentation
- By snifikino UNDERSTANDING HOW ECDSA PROTECTS YOUR DATA www.instructables.com/id/Understa…
- Security level En.wikipedia.org/wiki/Securi…
- Elliptic Curve Digital Signature Algorithm En.wikipedia.org/wiki/Ellipt…
- Trapdoor function En.wikipedia.org/wiki/Trapdo…
- Discrete logarithm En.wikipedia.org/wiki/Discre…
- Perfect square(Square number) En.wikipedia.org/wiki/Square…
- Secp256k1 En. Bitcoins. It/wiki/Secp25…