Signature Generation Algorithm
| Parameter | |
|---|---|
| q | field size |
| FR | the basis used |
| a, b | field elements defining the point of the curve |
| DPS | DomainParameterSeed, optional |
| G | base point |
| n | order of G |
| h | cofactor |
Suppose Alice wants to send a signed message to Bob. Initially, the curve parameters must be agreed upon. is the field size; is an indication of the basis used; and are two field elements that define the equation of the curve; is an optional bit string that is present if the elliptic curve was randomly generated in a verifiable fashion; is a base point of prime order on the curve (i.e., ); is the order of the point ; and is the cofactor (which is equal to the order of the curve divided by ).
Also, Alice must have a key pair suitable for elliptic curve cryptography, consisting of a private key (a randomly selected integer in the interval ) and a public key (where ). Let be the bit length of the group order .
For Alice to sign a message, she follows these steps:
- Calculate, where HASH is a cryptographic hash function, such as SHA-1, and let be the leftmost bits of .
- Select a random integer from .
- Calculate, where . If, go back to step 2.
- Calculate . If, go back to step 2.
- The signature is the pair .
When computing, the string resulting from shall be converted to an integer. Note that can be greater than but not longer.
It is crucial to select different for different signatures, otherwise the equation in step 4 can be solved for, the private key: Given two signatures and, employing the same unknown for different known messages and, an attacker can calculate and, and since (all operations in this paragraph are done modulo ) the attacker can find . Since, the attacker can now calculate the private key . This cryptographic failure was used, for example, to extract the signing key used in the PlayStation 3 gaming console.
Read more about this topic: Elliptic Curve DSA
Famous quotes containing the words signature and/or generation:
“The childless experts on child raising also bring tears of laughter to my eyes when they say, “I love children because they’re so honest.” There is not an agent in the CIA or the KGB who knows how to conceal the theft of food, how to fake being asleep, or how to forge a parent’s signature like a child.”
—Bill Cosby (20th century)
“But it is fit that the Past should be dark; though the darkness is not so much a quality of the past as of tradition. It is not a distance of time, but a distance of relation, which makes thus dusky its memorials. What is near to the heart of this generation is fair and bright still. Greece lies outspread fair and sunshiny in floods of light, for there is the sun and daylight in her literature and art. Homer does not allow us to forget that the sun shone,—nor Phidias, nor the Parthenon.”
—Henry David Thoreau (1817–1862)