ECDSA Basic Principles
The mathematical and algorithmic functioning of ECDSA is quite complex. To get started, ECDSA bases its operation on the basis of a mathematical equation that draws a curve. The process, broadly speaking, would be as follows:
El ECDSA algorithm works through a mechanism of cryptography called, cryptography asymmetric. This signing system generates two keys that are called a private key and public key. Both keys are related by a complex mathematical operation performed on an elliptic curve function.
Under this operating scheme, ECDSA guarantees in the first instance the following:
- Unique and unrepeatable signatures for each generation set private keys and public.
- The practical impossibility of falsifying digital signatures. This is so because the computational power necessary for this is outside the current limits.
Thanks to these two characteristics, ECDSA is considered a safe standard for deploying digital signature systems. Their use today is so varied that they are applied in almost all computer fields. For example, the security certificate infrastructure SSL y TLS Internet makes heavy use of ECDSA. Bitcoin, the forerunner of blockchain technology, also makes use of ECDSA to achieve the high level of security that characterizes it.
In this way, when a user wants to sign a file, they will use their private key (the random number) with a hash of the file (a unique number to represent the file) in a magic equation and that will give you your signature. If someone wants to verify the veracity of the information, they only need the public key and with it they will be able to verify the authenticity.
So the public keys They can be known by everyone, without jeopardizing the authenticity of our signature, since the public key only serves to verify, not to sign.
Why do we use ECDSA?
The need to create a signature system like ECDSA stems from being able to share data securely. In a world connected by networks, a scheme is necessary in which we can share information and validate it. All without having to reveal secrets. Let's see it with the following example:
A company has made an economic report on its activities. This report is delivered to certain investors with limited level of access to information. These investors want to verify the authenticity of the report and the data offered.
At this point we ask ourselves: Will the administrator give him the total access key to the company's data? Or on the contrary, will it not give investors access to the information so that they can verify it?
Both situations are not good and the use of ECDSA can solve it thanks to a third approach:
The administrator makes use of an ECDSA asymmetric signature system. With this, the administrator signs the report with his private key, and gives the public key to investors. Immediately after, investors can verify, using the public key, the authenticity of the information offered. This without the need for unrestricted access to data.
Private, public key and signatures
ECDSA's operating scheme is based on the following three pillars:
- The private key, which is actually a secret number known only to the person who generated it. A private key is essentially a randomly generated number. In Bitcoin, someone with the private key corresponding to the funds on the blockchain is the only one who can spend those funds.
- The public key, which is a number generated from a mathematical relationship using the private key. It can only be obtained by knowing the private key in advance, and not the other way around. This key is generated for the purpose of being shared publicly so that others can determine if a signature is genuine.
The signature is a number that proves that a signature operation was performed. A signature is generated mathematically from a hash of something to be signed, plus a private key. The signature itself is two numbers known as "r"And"s". With the public key, a mathematical algorithm can be used in the signature. The purpose of this is to determine what originally occurred from the hash and the private key. A system that works perfectly, without needing to know the private key.
ECDSA and blockchain technology
One of the main problems he faced Satoshi Nakamoto with Bitcoin, it was the distribution of public keys. Nakamoto's vision was to allow sharing small public keys, secure, with low computational cost and easy to use.
These features would be achievable thanks to elliptic curve cryptography. So this is why Nakamoto decided to use ECDSA for his system. And with this, he ensured that:
- It was a very secure system. Satoshi decided to use the elliptic curve standard secp256k1 for Bitcoin. This elliptical curve has a very well proven safety, so it was perfect to apply it.
- The computational cost of generating keys and validating signatures is very low.
- It allows the generation of infinite public keys.
However, 256-bit ECDSA keys are very extensive. Considering that, Nakamoto decided refactor public keys to make them shorter. It was so using Base58 encoding y hash functions as SHA-256 y RIPEMD-160, reduced the size of the public keys and created the Bitcoin addresses.
For example this address: 1PfS6w6MonCT976xe2jD9tqwo8QkDnonRW.
All this turned out, it is a computer system that allowed its users to send and receive bitcoin safely.