ECDSA (Elliptic Curve Digital Signature Algorithm)

This chapter provides tutorial notes on ECDSA (Elliptic Curve Digital Signature Algorithm). Topics includes ECDSA digital signature generation process and verification process; security issue of the private key with same random number k is used; find possible public keys from a digital signature; installing pycoin Python library; using pycoin to generate and manage EC keys; using pycoin to generate and verify ECDSA digital signatures.

These sections are omitted from this Web preview version. To view the full content, see information on how to obtain the full version this book.

ECDSA (Elliptic Curve Digital Signature Algorithm)

ECDSA Digital Signature Generation

ECDSA Digital Signature Verification

ECDSA Problem If k Used Twice

Find ECDSA Public Key from Signature

pycoin.ecdsa.ellipticcurve Module

pycoin.ecdsa.generator_secp256k1 Object

Generate EC Key Pair with pycoin.ecdsa

pycoin.ecdsa.ecdsa.sign() - Signature Generation

pycoin.ecdsa.ecdsa.sign() - Signature Verification

'openssl dgst' - Signing and Verification

Takeaways:

• ECDSA is an algorithm that uses elliptic curve subgroup properties to generate digital signatures of any given messages.
• A ECDSA digital signature contains two parts (r,s), where r represents a random number, and s represents the signature proof of r.
• Do not use the same random number r to generate digital signatures of 2 messages. Eve can recover your private key from those two signatures!
• Eve can also recover two possible public key values from a single signature. But this is not a risk, because everyone knows the public key anyway.
• pycoin Python library for the named elliptic curve subgroup, secp256k1, and methods to generate and verify ECDSA digital signatures. It also offers methods to generate private and public key pairs.
• "openssl dgst -sign" command can be used to generate a digital signature for a given file.
• "openssl dgst -verify" command can be used to verify a digital signature for a given file.