Elliptic Curve Digital Signature Algorithm (ECDSA)

Table of contents

1. Definition
2. Reference
3. Deep Dive

---

Definition

• Elliptic Curve Digital Signature Algorithm (ECDSA) is a Digital Signature Algorithm (DSA) which uses keys derived from Elliptic Curve Cryptography (ECC). It is a particularly efficient equation based on Public Key Cryptography (PKC), providing robust, efficient encryption.

Reference

Please refer to the listed reference below. That help you understand what is ECDSA in deatil.

• ECDSA High Level Definition
• ECDSA Overview
• ECDSA Paper

Deep Dive

1. Elliptic Curve Digital Signature Algorithm (ECDSA)
   • The ESDSA is a cryptographically secure digital signature scheme, based on the elliptic-curve cryptography (ECC).
   • The ECDSA sign / verify algorithm relies on Elliptic Curve point multiplication.
   • ECDSA keys and signatures are shorter than in RSA for the same security level, which means that ECDSA is more efficient than RSA in terms of computation and resource. (256-bit ECDSA signature has the same security strength like 3072-bit RSA signature)
   • ECDSA is also used for Transport Layer Security (TLS), the successor to Secure Sockets Layer (SSL), by encrypting connections between web browsers and a web application. The encrypted connection of an HTTPS website, illustrated by an image of a physical padlock shown in the browser, is made through signed certificates using ECDSA.
2. Digital Signature
   • As simplified explanation, Digital Signature based on ECDSA is a set of ‘r’ and ’s’, which are 32 byte positive integer respectively. The ‘r’ and ’s’ are computed by Elliptical Curve and Private and Public Key. Then, they are appended at the end of certificate or message. We call them Digtal Signautre and the object is signed.
   • A receiver will get these two values and verify the received ’s’ with the received ‘r’, crypto information menteiond in the certificate and ECC.
   • In other word, we reconstruct ‘s1’ based on the received ‘r’ and the information in the certificate. Then compare ‘s1’ to the received ’s’ and check if they are same. If not, the received data is fabricated.
3. Mathematical Explanation (r, v) and Digital Signature Verification
   • For better understanding of Digital Signature based on ECDSA, let’s take a look at the math behind the ECDSA.

   
   [Pic.1] Computation process of Digital Signature

   • The computed ‘r’ and ‘s’ values are appended at the end of certificate as shown in [Pic.2]

   
   [Pic.2] Certificate with Digital Signature

   • Verification Process of Digital Signature is shown in [Pic.3]

   
   [Pic.3] Verification Process of Digital Signature

   • In this mathmetical process, SHA is a type of Hash Function that returns a unique value.