The most important and interesting about encryption.
A series of articles understandable even to non-specialists.
Unlike RSA, ECDSA is based on far more complex mathematical calculations. It is used only for digital signatures. The use of algebraic properties of elliptic curves in cryptography was first proposed in 1985. However, ECDSA has been used as the digital signature standard since the 1990s.
The cryptographic robustness of ECDSA
Mathematically, the ECDSA is based on discrete logarithm in the group of points of an elliptic curve. Even the name of the mathematical problem suggests that this one is much more complicated than the factorization on which RSA is based. An elliptic curve is a set of pairs of points (X and Y) that satisfy the equation: Y2 = ax3 + bx + c. Elliptic curves look pretty nice: -)
General view of the elliptic curve:
The elliptic curve of Bitcoin, described by the equation y2 = x3 + 7, looks like this:
Elliptic curves have several remarkable properties.
For example, a non-vertical line crossing an elliptic curve at two points (P and Q) will inevitably cross it at the third point (R):
And if the non-vertical line is tangent to the curve at any point (P), then this line will inevitably cross the curve at another point (R):
Elliptic curves in the framework of finite fields are changing beyond recognition. But, despite the lost beauty, all mathematical properties of the curve remain the same.
In addition, ECDSA uses not only the algebraic properties of elliptic curves, but also finite fields. A finite field is a given range of positive numbers within which the results of algebraic calculations lie.
Elliptic curves in the framework of finite fields change beyond recognition. But, despite the lost beauty, all mathematical properties of the curve remain the same. For example, the elliptic curve of Bitcoin combined with a finite field looks like this:
Thanks to all these remarkable mathematical properties, it has not yet been possible to hack the ECDSA with the help of computing power. It turned out only to crack the digital signature of the ECDSA on smartphones with the help of the so-called “third-party attack”. The fact is that when smartphones generate a digital signature, ECDSA consumes a certain amount of energy and generate electromagnetic waves. A cybercriminal can measure the wavelength and extract the secret key. But for this, it is necessary to be in close proximity to the device.
The advantage of ECDSA over RSA is that the ECDSA key required to achieve approximately the same level of protection is significantly shorter than RSA key.
As we mentioned, ECDSA is only used in digital signatures. A digital signature is an encrypted hash of the message. The process looks like this. Firstly we need to get the hash of the message. Here you can read about hash, the hash function and how the hash-imprints are collated. The original message is processed using a hash function (the message is hashed), and the resulting irreversible hash (the digital imprint of the message) is converted to a bit number that is then encrypted using ECDSA.
To generate a digital signature ECDSA, the private key is used. But anyone can verify the authenticity of the digital signature with a public key.
Finally, despite the complexity of the ECDSA algorithm, it is also vulnerable to quantum computers. Read more about it here.