nRF9160DK ECDSA non-deterministic

Hello!
We are trying to sign our data using ECDSA (https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrf/samples/crypto/ecdsa/README.html ), so we can send our information to an Ethereum Blockchain. We discovered that ECDSA non-deterministic algorithm is not so accurate. There is the possibility that the sign of ECDSA is not correct on the first attempt, but we need to execute our application more times.
Thank you all!

Top Replies

dejans over 2 years ago in reply to Gioele +1 verified

Hi, Unfortunately, our binary library provides a specific set of features that does not include Ethereum block chain support. Best regards, Dejan

Parents

0 Gioele over 2 years ago

Perfect, I hope for a quick reply. For now, thank you very much!
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 dejans over 2 years ago in reply to Gioele

Hi,

Please note that the reply might not be quick, but I'll inform you when I get it.

Best regards,
Dejan
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 dejans over 2 years ago in reply to dejans

Hi,

I have got a prompt reply.

We currently do not support Ethereum blockchain neither in MbedTLS nor in crypto runtimes. In addition, we do not support keccak256. We only support Deterministic ECDSA using HMAC_DRBG which uses SHA-256. In this case, SHA-256 (not keccak256) is the only valid hash for the input. We check deterministic ECDSA with SHA-256 and verify it with NIST test materials. It seems that the root issue in your case is keccak256 which is not supported and therefore leads to a wrong result.

Best regards,
Dejan
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 dejans over 2 years ago in reply to dejans

Hi,

I have got a prompt reply.

We currently do not support Ethereum blockchain neither in MbedTLS nor in crypto runtimes. In addition, we do not support keccak256. We only support Deterministic ECDSA using HMAC_DRBG which uses SHA-256. In this case, SHA-256 (not keccak256) is the only valid hash for the input. We check deterministic ECDSA with SHA-256 and verify it with NIST test materials. It seems that the root issue in your case is keccak256 which is not supported and therefore leads to a wrong result.

Best regards,
Dejan
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

0 Gioele over 2 years ago in reply to dejans

We are sure that our keccak256 is correct. Are you saying that the problem is the input? Both Keccak256 and SHA256 have the same length. In each case, we noticed that sometimes our output is correct. What should we do now? We need that our code works!
The code of the example supports the ECDSA non-deterministic.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 dejans over 2 years ago in reply to Gioele

Hi,

The issue is not whether your keccak256 is correct or not. There is a notion on the algorithm being used. Even though keccak256 and sha-256 have the same length, they cannot be used interchangeably. You use PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256) in the code, but even with hashed input, the result might be wrong. It is important that you use same hash algorithm as the input.

Best regards,
Dejan
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Gioele over 2 years ago in reply to dejans

So There is nothing that can I do..?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel