• State Verified Answer
  • Replies 21 replies
  • Subscribers 74 subscribers
  • Views 3006 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 295018
Options

nRF9160DK ECDSA non-deterministic

Gioele

Hello!
We are trying to sign our data using ECDSA (https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrf/samples/crypto/ecdsa/README.html), so we can send our information to an Ethereum Blockchain. We discovered that ECDSA non-deterministic algorithm is not so accurate. There is the possibility that the sign of ECDSA is not correct on the first attempt, but we need to execute our application more times.
Thank you all!

Parents
  • 0

    We understood that the Nordic code doesn't fit correctly with Keccak256 and Ethereum but we saw that after some attempts the ECDSA is correct.
    So this is our idea. We could verify each time the correctness of our ECDSA and when the ECDSA is correct we can use that sign.

    cryptobook.nakov.com/.../ecdsa-sign-verify-messages

    ECDSA Verify Signature
    The algorithm to verify a ECDSA signature takes as input the signed message msg + the signature {r, s} produced from the signing algorithm + the public key pubKey, corresponding to the signer's private key. The output is boolean value: valid or invalid signature. The ECDSA signature verify algorithm works as follows (with minor simplifications):
    • 1.
      Calculate the message hash, with the same cryptographic hash function used during the signing: h = hash(msg)
    • 2.
      Calculate the modular inverse of the signature proof: s1 =
      s−1(modn)s^{-1} \pmod ns−1(modn)
    • 3.
      Recover the random point used during the signing: R' = (h * s1) * G + (r * s1) * pubKey
    • 4.
      Take from R' its x-coordinate: r' = R'.x
    • 5.
      Calculate the signature validation result by comparing whether r' == r
    The general idea of the signature verification is to recover the point R' using the public key and check whether it is same point R, generated randomly during the signing process.
    There is the verification of ECDSA implemented by Nordic but we need the Public key. We only have the private key.
    Thank you!
  • 0 in reply to Gioele

    Hi,

    In order to get to common understanding, I would suggest that you read chapter 4.1.4 verifying operation.

    Best regards,
    Dejan

Reply Children
No Data
Related
Terms of service