International Journal of Computer Applications (0975 – 8887)
Volume 2 – No.2, May 2010
21
Implementation of Elliptic Curve Digital Signature
Algorithm
Aqeel Khalique Kuldip Singh Sandeep Sood
Department of Electronics & Computer Engineering,
Indian Institute of Technology Roorkee
Roorkee, India
ABSTRACT
The Elliptic Curve Digital Signature Algorithm (ECDSA) is the
elliptic curve analogue of the Digital Signature Algorithm
(DSA). It was accepted in 1999 as an ANSI standard, and was
accepted in 2000 as IEEE and NIST standards. It was also
accepted in 1998 as an ISO standard, and is under consideration
for inclusion in some other ISO standards. Unlike the ordinary
discrete logarithm problem and the integer factorization problem,
no sub exponential-time algorithm is known for the elliptic curve
discrete logarithm problem. For this reason, the strength-per-key-
bit is substantially greater in an algorithm that uses elliptic
curves. This paper describes the implementation of ANSI X9.62
ECDSA over elliptic curve P-192, and discusses related security
issues.
Categories and Subject Descriptors
D.4.6 [Operating Systems]: Security and Protection –access
controls, authentication cryptographic control; E.3 [Data]: Data
Encryption –Public key cryptosystem, standards.
General Terms
Algorithms, Security.
Keywords
integer factorization, discrete logarithm problem, elliptic curve
cryptography, DSA, ECDSA.
1. INTRODUCTION
Cryptography is the branch of cryptology dealing with the design
of algorithms for encryption and decryption, intended to ensure
the secrecy and/or authenticity of message. The DSA was
proposed in August 1991 by the U.S. National Institute of
Standards and Technology (NIST) and was specified in a U.S.
Government Federal Information Processing Standard (FIPS 186)
called the Digital Signature Standard (DSS). Its security is based
on the computational intractability of the discrete logarithm
problem (DLP) in prime-order subgroups of Z
p
*.
Digital signature
schemes are designed to provide the digital counterpart to
handwritten signatures (and more). Ideally, a digital signature
scheme should be existentially non-forgeable under chosen-
message attack. The ECDSA have a smaller key size, which
leads to faster computation time and reduction in processing
power, storage space and bandwidth. This makes the ECDSA
ideal for constrained devices such as pagers, cellular phones and
smart cards.
The Elliptic Curve Digital Signature Algorithm (ECDSA) is the
elliptic curve analogue of the DSA. ECDSA was first proposed in
1992 by Scott Vanstone [1] in response to NIST’s (National
Institute of Standards and Technology) request for public
comments on their first proposal for DSS. It was accepted in
1998 as an ISO (International Standards Organization) standard
(ISO 14888-3), accepted in 1999 as an ANSI (American National
Standards Institute) standard (ANSI X9.62), and accepted in
2000 as an IEEE (Institute of Electrical and Electronics
Engineers) standard (IEEE 1363-2000) and a FIPS standard
(FIPS 186-2)
Digital signature schemes can be used to provide the following
basic cryptographic services:
data integrity (the assurance that data has not been
altered by unauthorized or unknown means)
data origin authentication (the assurance that the source
of data is as claimed)
non-repudiation (the assurance that an entity cannot deny
previous actions or commitments)
In this paper, first we start with the cryptography schemes based
on integer factorization (IF) and discrete logarithm (DL) in
section 2. In section 3, we discuss ECC in detail. In section 4, we
show the implementation and results. Further in section 5 and 6
we compare and conclude respectively.
2. CRYPTOGRAPHIC SCHEMES
2.1 Integer Factorization
In Integer factorization, given an integer n which is the product of
two large primes p and q such that:
n = p * q (1)
It is easy to calculate n for given p and q but it is computationally
infeasible to determine p and q given n for large values of n.
One of the famous algorithms is RSA. The RSA Algorithm is
shown below:
1. Choose two large prime numbers, p and q (1024 bits)
2. Compute n = p * q and z = (p-1) * (q-1).
3. Choose a number, e, less than n, which has no common
factors (other than 1) with z.