SRNCDSA: A Novel Enhancement of ECDSA Using a Single Random Number and Counter for Improved Security

Very recent attacks like ladder leaks demonstrated the feasibility of recovering private keys with side-channel attacks using just one bit of secret nonce. ECDSA nonce bias can be exploited in many ways. Some attacks on ECDSA involve complicated Fourier analysis and lattice mathematics. This paper will enable cryptographers to identify efficient ways in which ECDSA can be cracked on curves NIST256p, SECP256k1, NIST521p, and weak nonce, kind of attacks that can crack ECDSA and how to protect yourself. Initially, we begin with an ECDSA signature to sign a message using the private key and validate the generated signature using the shared public key. Then we use a nonce or a random value to randomize the generated signature. Every time we sign, a new verifiable random nonce value is created, and a way in which the intruder can discover the private key if the signer leaks any one of the nonce values. Then we use Lenstra–Lenstra–Lovasz (LLL) method as a black box, we will try to attack signatures generated from bad nonce or bad random number generator (RAG) on NIST256p, SECP256k1 curves. The combination of nonce generation, post-message signing, and validation in ECDSA helps achieve Uniqueness, Authentication, Integrity, and Non-Repudiation. The analysis is performed by considering all three curves for the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA). The comparative analysis for each of the selected curves in terms of computational time is done with the leak of nonce and with the Lenstra–Lenstra–Lovasz method to crack ECDSA. The average computational costs to break ECDSA with curves NIST256p, NIST521p, and SECP256k1 are 0.016, 0.34,0.46 respectively which is almost zero depicting the strength of the algorithm. The average computational costs to break ECDSA with curves SECP256K1 and NIST256p using LLL are 2.9 and 3.4 respectively

Digital signature and hash algorithms are essential components of the blockchain. Bitcoin and Ethereum use the same digital signature scheme Elliptic Curve Digital Signature Algorithm (ECDSA). However, they use the different hash algorithms. Bitcoin chooses to use Secure Hash Algorithm (SHA), and Ethereum uses Keccak-256. This paper studies the digital signature ECDSA by looking into its design, implementation and security. ECDSA is a variant of Digital Signature Algorithm (DSA). It requires a shorter key length than Rivest–Shamir–Adleman (RSA), so it was preferred to use in the blockchain. Furthermore, this paper will also explore the design and implementation of SHA-256 and Keccak- 256. Bitcoin chose to use SHA-256 since it came out earlier than Keccak-256 with adequate security. Conversely, Keccak-256 is preferred by Ethereum since it has better performance and security compared to SHA-256. The role of SHA-256 and Keccak-256 in Bitcoin and Ethereum are also explored. SHA-256 and Keccak-256 are used in the blockchains’ proof-of-work (or proof-of-stake) and merkle tree structure. The paper will also look into their security by analyzing the result of possible attacks against them. In addition, the paper will provide some thoughts on the security of ECDSA, SHA-256 and Keccak-256 by analyzing their designs and possible attacks.

Penelitian ini mengeksplorasi modifikasi parameter perkalian skalar dalam algoritma Elliptic Curve Digital Signature Algorithm (ECDSA) menggunakan metode Double Base Chain (DBC) dalam Era Revolusi 4.0. ECDSA, sebagai algoritma kriptografi asimetris, umum digunakan untuk memberikan integritas dan otentikasi pada data digital. Penelitian ini menilai apakah penggunaan DBC dapat meningkatkan performa ECDSA dalam hal waktu komputasi dan penggunaan memori. Hasil penelitian menunjukkan bahwa meskipun modifikasi ECDSA dengan DBC tidak selalu memberikan performa yang superior. Waktu yang dibutuhkan untuk key generation, signing, dan verification cenderung lebih lama, dan penggunaan memori bervariasi tergantung pada konfigurasi dan parameter tertentu. Faktor-faktor seperti struktur kurva, panjang kurva, parameter kurva, dan implementasi memiliki dampak signifikan terhadap performa. Pengujian avalanche effect menunjukkan variasi dalam keteracakan kunci privat pada berbagai jenis kurva. Meskipun belum optimal, penelitian ini menyoroti potensi peningkatan keamanan dengan fokus pada peningkatan keteracakan private key pada ECDSA. Temuan ini memberikan dasar bagi eksplorasi lebih lanjut dalam pengembangan algoritma kriptografi yang lebih aman dan efisien, dengan mempertimbangkan keseimbangan antara performa dan keamanan. Dalam konteks Era Revolusi 4.0, di mana keamanan informasi menjadi semakin penting, penelitian ini memberikan wawasan berharga untuk pengembangan teknologi keamanan yang lebih baik. Abstract This study explores the modification of scalar multiplication parameters in the Elliptic Curve Digital Signature Algorithm (ECDSA) using the Double Base Chain (DBC) method in the Era of the Fourth Industrial Revolution (Industry 4.0). ECDSA, as an asymmetric cryptographic algorithm, is commonly used to provide integrity and authentication to digital data. The research evaluates whether the use of DBC can enhance ECDSA performance in terms of computational time and memory usage. The results indicate that, although modifying ECDSA with DBC does not always yield superior performance, the time required for key generation, signing, and verification tends to be longer, and memory usage varies depending on specific configurations and parameters. Factors such as curve structure, curve length, curve parameters, and implementation significantly impact performance. Avalanche effect testing reveals variations in the traceability of private keys across different curve types. Despite not achieving optimal results, the study highlights the potential for improving security by focusing on enhancing the traceability of private keys in ECDSA. These findings provide a foundation for further exploration in the development of more secure and efficient cryptographic algorithms, considering the balance between performance and security. In the context of the Fourth Industrial Revolution, where information security is increasingly crucial, this research offers valuable insights for the advancement of better security technologies.

Very recent attacks like ladder leak demonstrated feasibility to recover private key with side channel attacks using just one bit of secret nonce. ECDSA nonce bias can be exploited in many ways. Some attacks on ECDSA involve complicated Fourier analysis and lattice mathematics. In this paper will enable cryptographers to identify efficient ways in which ECDSA can be cracked on curves NIST256p, SECP256k1, NIST521p and weak nonce, kind of attacks that can crack ECDSA and how to protect yourself. Initially we begin with ECDSA signature to sign a message using private key and validate the generated signature using the shared public key. Then we use a nonce or a random value to randomize the generated signature. Every time we sign, a new verifiable random nonce value is created and way in which the intruder can discover the private key if the signer leaks any one of the nonce value. Then we use Lenstra–Lenstra–Lovasz (LLL) method as a black box, we will try to attack signatures generated from bad nonce or bad random number generator (RAG) on NIST256p, SECP256k1 curves. The analysis is performed by considering all the three curves for implementation of Elliptic Curve Digital Signature Algorithm (ECDSA).The comparative analysis for each of the selected curves in terms of computational time is done with leak of nonce and with Lenstra–Lenstra–Lovasz method to crack ECDSA. The average computational costs to break ECDSA with curves NIST256p, NIST521p and SECP256k1 are 0.016, 0.34, 0.46 respectively which is almost to zero depicts the strength of algorithm. The average computational costs to break ECDSA with curves SECP256K1 and NIST256p using LLL are 2.9 and 3.4 respectively.

Power analysis against elliptic curve digital signature algorithm (ECDSA) has been researched for many years. Nowadays traditional methods like simple power analysis (SPA) or differential power analysis (DPA) are no longer effective against secure ECDSA implementations. In this situation, Howgrave-Graham and Smart introduced a new lattice-based attack to recover the secret key of Digital Signature Algorithm (DSA) even if only several bits of the nonce are revealed. Later Nguyen and Shparlinski extended the attack to ECDSA. In this paper, we further extend the attack to SM2 Digital Signature Algorithm (SM2-DSA), which is a Chinese version of ECDSA. We implemented the secure SM2-DSA implementation on Atmega128 microcontroller to evaluate its security under lattice attack. We performed experiments with different parameter configuration to find optimal key-recovery strategies. We also performed the same experiments on ECDSA to show that due to the differences on scheme between the two algorithms, lattice attack on SM2-DSA is harder than on ECDSA.

This paper presents Elliptic Curve Digital Signature Algorithm (ECDSA) hardware implementation over Koblitz subfield curves with 163-bit key length. We designed ECDSA with the purpose to improve performance and security respectively by using elliptic curve point multiplication on Koblitz curves to compute the public key and a key stream generator “W7” to generate private key. Different blocs of ECDSA are implemented on a reconfigurable hardware platform (Xilinx xc6vlx760-2ff1760). We used the hardware description language VHDL (VHSIC Hardware Description Language) for compartmental validation. The design requires 0.2 ms, 0.8 ms and 0.4 ms with 7 %, 13 % and 5 % of the device resources on Slice LUT for respectively key generation, signature generation and signature verification. The proposed ECDSA implementation is suitable to the applications that need: low-bandwidth communication, low-storage and low-computation environments. In particular our implementation is suitable to smart cards and wireless devices.

Traditionally, information security needed encryption, authentication, key management, non-repudiation and authorization which were being met using several techniques. Standardization of algorithms by National Institute of Standards and Technology (NIST) has facilitated international communication for banking and information transfer using these standards. Encryption can be carried out using Advanced Encryption Standard (AES) using variable block lengths (128, 192 or 256 bits) and variable key lengths (128, 192 or 256 bits). Solutions for light weight applications such as those for Internet of Things (IoT) are also being standardized. Message integrity is possible using host of hash algorithms such as SHA-1, SHA-2 etc., and more recently using SHA-3 algorithm. Authentication is possible using well known Rivest-Shamir-Adleman (RSA) algorithm needing 2048/4096 bit operations. Elliptic Curve Cryptography (ECC) is also quite popular and used in several practical systems such as WhatsApp, Blackberry etc. Key exchange is possible using Diffie-Hellman algorithm and its variations. Digital Signatures can be carried out using RSA algorithm or Elliptic Curve Digital Signature Algorithm (ECDSA) or DSA (Digital Signature Algorithm). All these algorithms derive security from difficulty in solving some mathematical problems such as factorization problem or discrete logarithm problem. Though published literature gives evidence of solving factorization problem upto 768 bits only, it is believed that using Quantum computers, these problems could be solved by the end of this decade. This is due to availability of the pioneering work of Shor and Grover [1]. For factoring an integer of N bits, Shor’s algorithm takes quantum gates. As such, there is ever growing interest in being ready for the next decade with algorithms that may resist attacks in the quantum computer era. NIST has foreseen this need and has invited proposals from researchers all over the world. In the first round, about 66 submissions were received which have been scrutinized for completeness of submissions , novelty of the approach and security and 25 of these were promote to second round to improve based on the comments received on the first round submission. These will be analyzed for security and some will be selected for final recommendation for use by industry. These are for encryption/decryption, key agreement, hashing and Digital Signatures for both hardware and software implementations. In this paper, we present a brief survey of the state of the art in post-Quantum Cryptography (PQC) followed by study of one of technique referred to as Learning With Errors (LWE) in some detail.

The Elliptic Curve Digital Signature Algorithm (ECDSA) is an elliptic curve variant of the Digital Signature Algorithm (DSA).It gives cryptographically strong digital signatures making use of Elliptic curve discrete logarithmic problem.It uses arithmetic with much smaller numbers 160/256 bits instead of 1024/2048 bits in RSA and DSA and provides the same level of security.The ECDSA was accepted in 1999 as an ANSI standard, and was accepted in 2000 as IEEE and NIST standards.It was also accepted in 1998 as an ISO standard.Many cryptologist have studied security aspects of ECDSA and proposed different variants.In this paper, we discuss a detailed analysis of the original ECDSA and all its available variants in terms of the security level and execution time of all the phases.To the best of our knowledge, this is a unique attempt to juxtapose and compare the ECDSA with all of its variants.

Named data Networking (NDN) had been considered as a most recognizable Information Centric Networking (ICN) infrastructure. The deployment of NDN in the internet architecture requires the confidentiality and integrity of the contents. In this context, Elliptic Curve Digital Signature Algorithm (ECDSA) is a more promising algorithm. This research applied Montgomery Reduction on the existing asymmetrical security algorithm to shorter the processing period, lower the memory consumption and reduce the complexity over large computational requests. An experiment had been implemented in NDNv2 over ndnSIM environment. The results showed that modified ECDSA has reduced the processing period of 1% - 3% in private key generation and 50% in public key signing based on exponential analysis on modified ECDSA over existing ECDSA in key generation. The total time required to establish the connection among the nodes in NDN also has reduced of 12% by using modified ECDSA over ndnSIM.

Elliptic Curve Digital Signature Algorithm (ECDSA) is an asymmetric algorithm used for expanded security with data integrity and authentication in the On-Board Units (OBU's) of Intelligent Transport Systems (ITS). Field programmable gate array is an attractive platform for hardware implementation of cryptographic algorithms, providing better security and performance in response to need. Hence, the various performance parameters of ECDSA such as key size, Look up Table (LUTs) slices and key pair points on the elliptic curve are analyzed in FPGA. In this work, we have designed a 16-bit Elliptic curve cryptography digital signature algorithm. The Elliptic curve cryptography covers all relevant asymmetric cryptographic natives like digital signature and key exchange. ECC key generation, signature generation, and verification generation algorithms were executed for the 16-bit ECDSA in Verilog HDL and then simulated and synthesized using Xilinx-virtex7 and Vivado 2018.3-zed board. It was seen that the number of slices involved by the ECDSA 16-bit algorithm in Xilinx (virtex7) is lesser than the available number of slices.

Elliptic curve digital signature algorithm (ECDSA) is elliptic curve analogue of digital signature algorithm. This paper presents implementation of ECDSA on NIST recommended Elliptic curves in binary fields of size 163 bits. The work involved implementation of different modules of ECDSA on reconfigurable hardware platform (Xilinx xc6vlx240T-1ff1156). The private key generation and binary weight calculation (used in scalar multiplication) is done in software using Microblaze (soft core of Xilinx). The private key along with the other global parameters for ECDSA are passed from Microblaze to the programmable logic of FPGA where final signature generation and verification is performed. Two implementations have been done based on different word sizes in Montgomery multiplication over binary fields. The first implementation requires 0.367 ms with 11040 slices for signature generation and 0.393 ms with 12846 slices for signature verification at a clocking frequency of 100 MHz. The second implementation requires 0.615 ms with 8773 slices for signature generation and 0.672 ms with 9967 slices for signature verification at the same clocking frequency. These implementations are faster compared to other implementations reported in literature for binary curves.

In the current study, we performed a quantitative evaluation of digital signature algorithms between the asymmetric cryptographic scheme RSA (Rivest, Shamir, and Adleman) and ECDSA (Elliptic Curve Digital Signature Algorithm) with the purpose to limit or block illegal digital interferences. Mathematical foundations of asymmetric digital signature algorithms have been analyzed, giving a special focus to the mentioned algorithms. RSA and ECDSA have been coded in Java Development Environment, with their respective libraries. In addition, a Java software application has been designed and implemented with the respective algorithms of key generation and verification. We have used Scrum by articulating each of its phases with the architecture and extensible security elements of the Java platform. Thus, all of these processes have been applied, in order to establish the RSA or ECDSA with the most suitable characteristics for the performance and confidentiality of transmitted information. The own standards of asymmetric digital signature algorithms and elliptic curves have been taken into account, so that the comparison appears adequate and produces data that, besides of being measurable, are also sustainable. The results obtained have been visualized through a statistical process as products of the determination of the response times obtained during this process. To verify these results, we have used a mathematical validation, based on the Least Squares method.

Emerging standards specify a communication rate between a contactless smartcard and a terminal that is of the same order of magnitude as the internal clock rate in the card. This gives a natural ground for the known card-terminal communication-computation trade-off, where non-secure operations should rather be performed by the terminal and not in the card. In this paper we treat an implementation of Elliptic Curve Digital Signature Algorithm (ECDSA), the most cost effective digital signature algorithm, which has a potential of being executed under the heavy constraints imposed by a contactless smartcard environment. This algorithm heavily relies on numerous calculations of modular multiplicative inverses. It is shown in this paper that, based on communicating with the terminal, each modular inverse operation needed to be executed in the card during ECDSA signature generation requires only two modular multiplications in the card. Each modular inverse operation performed during signature verification requires only one modular multiplication in the card. A complete ECDSA implementation over integers or over GF(2n) is then treated in detail

Elliptic curve digital signature algorithm (ECDSA) is the simulation of digital signature algorithm (DSA) algorithm on elliptic curve. Compared with DSA, ECDSA has higher security and is the only widely accepted ECDSA, which has been adopted by many standardisation organisations. Based on the study of the original ECDSA scheme, this paper attempts to propose a new improved scheme. The proposed scheme has one main improvement. That is, considering that the original scheme has a finite field inversion process in the signature equation, the time-consuming inversion operation is completely avoided in the design. The proposed scheme has faster computation speed and reduces the ratio of verifying signature to signature generation time. The algorithm has certain significance for improving the efficiency of elliptic curve cryptography. Our simulation results show that the scheme runs faster and has higher signature and verification efficiency than that of the original scheme without compromising security. What's more, we also explore its application in bitcoin and Internet of Things (IoT).

Elliptic Curve Digital Signature Algorithm (ECDSA) provides several security services for resource-constrained embedded devices. It can be the target of attacks as Side-channel attacks. The ECDSA level security can be enhanced by tuning several parameters as key size and the security level of each ECDSA elementary modules such as point multiplication, hash function and pseudo random number generators (PRNG). This paper presents conception and hardware implementation of ECDSA taking in consideration requirements related to correlation between key size and security level according to academic and private organizations. In this work, we have considered a key size equal to 233 bit, Montgomery point multiplication technique and hashing functions SHA-224. The ECDSA design is implemented on a reconfigurable hardware platform (Xilinx xc6vlx760-2ff1760). We used the hardware description language VHDL for compartmental validation. The implementation results illustrate security evaluation and hardware performances in terms of time computation and area occupation.