What is ECDSA?
ECDSA is a cryptographic algorithm used for digital signatures based on elliptic curve cryptography (ECC). It’s widely used in secure systems like:
- Bitcoin and Ethereum
- TLS (HTTPS)
- JWTs
- Secure messaging (e.g. Signal)
It’s a more efficient version of DSA (Digital Signature Algorithm) using elliptic curves — providing strong security with smaller keys.
🧠 What is it used for?
ECDSA is used to:
- ✅ Sign data (e.g., a transaction, message, or file)
- ✅ Verify that the data came from a particular private key (authenticity)
- ✅ Detect if the data was changed (integrity)
📦 Key components
- Elliptic Curve
- A mathematical curve over a finite field, e.g., secp256k1 (used in Bitcoin), or P-256.
- Public/private key pairs are points on this curve.
- Private key (
d)- A random scalar (integer)
- Must be kept secret
- Public key (
Q = d * G)- A point on the curve derived from the private key and base point
G
- A point on the curve derived from the private key and base point
- Base point (
G)- A publicly known generator point on the curve
✍️ Signing (ECDSA Sign)
To sign a message:
- Hash the message to get a digest
z(e.g. using SHA-256) - Choose a random nonce
k(must be unique for each signature!) - Compute
R = k * G(a point on the curve) - Let
r = R.x mod n(wherenis the curve order) - Compute
s = k⁻¹ * (z + r * d) mod n
The signature is the pair (r, s).
⚠️ If
kis reused, the private keydcan be recovered! (This happened to Sony in 2010.)
✅ Verifying (ECDSA Verify)
Given a message msg, signature (r, s), and public key Q, you:
- Hash the message:
z = HASH(msg) - Compute
w = s⁻¹ mod n - Compute
u1 = z * w mod nandu2 = r * w mod n - Compute point
R = u1 * G + u2 * Q - Signature is valid if
R.x mod n == r
🔁 Summary
| Step | Math operation | Purpose |
|---|---|---|
| KeyGen | Q = d * G | Create public key |
| Sign | r = (k * G).x, s = k⁻¹(z + r * d) mod n | Sign message |
| Verify | R = u1 * G + u2 * Q, check R.x == r | Verify message |