What is ECDSA
Unlike RSA, ECDSA is based on far more complex mathematical calculations. It is used only for digital signatures. The use of algebraic properties of elliptic curves in cryptography was first proposed in 1985. However, ECDSA has been used as the digital signature standard since the 1990s.
Mathematically, ECDSA is based on discrete logarithm in the group of points of an elliptic curve. Even the name of the mathematical problem looks very complex. So, this problem is much more complicated than the factorization on which RSA is based. Thus, an elliptic curve is a set of pairs of points (X and Y) that satisfy the equation: Y2 = ax3 + bx + c. Elliptic curves look pretty nice:
General view of the elliptic curve:
The elliptic curve of Bitcoin, described by the equation y2 = x3 + 7, looks like this:
Amazing properties of elliptic curves
For example, a non-vertical line crossing an elliptic curve at two points (P and Q) will inevitably cross it at the third point (R):
Also, if the non-vertical line is tangent to the curve at any point (P), then this line will inevitably cross the curve at another point (R):
In addition, ECDSA uses not only the algebraic properties of elliptic curves. But also finite fields. A finite field is a given range of positive numbers within which the results of algebraic calculations lie.
Elliptic curves in the framework of finite fields change beyond recognition. However, despite the lost beauty, all mathematical properties of the curve remain the same. For example, the elliptic curve of Bitcoin combined with a finite field looks like this:
The cryptographic robustness of ECDSA
Thanks to all these remarkable mathematical properties, it has not yet been possible to hack the ECDSA with the help of computing power. It turned out only to crack the digital signature of the ECDSA on smartphones. And then only by means of a so-called “third-party attack”. It looks like this. A smartphone generates a digital signature ECDSA. This process consumes a certain amount of energy. And generates electromagnetic waves. A cybercriminal can measure the wavelength. And then he can extract the secret key. However, it is possible only in close distance to the device.
What is the advantage of ECDSA over RSA? The fact is that the ECDSA key is significantly shorter than the RSA key at the same level of protection.
As we mentioned, ECDSA is only used in digital signatures. A digital signature is an encrypted hash of the message. The process looks like this. Firstly, we need to get the hash of the message. The original message is processed by the hash function. So, it means the message is hashed. Then the resulting irreversible hash (the digital imprint of the message) is converted to a bit number. Then this bit number is encrypted using ECDSA.
To generate a digital signature ECDSA, the private key is used. But anyone can verify the authenticity of the digital signature with a public key.
Finally, despite the complexity of the ECDSA algorithm, it is also vulnerable to quantum computers.