An Improvement of ECDSA Weak Randomness in Blockchain

Hussein, Nisreen T.; Kashmar, Ali H.

doi:10.1088/1757-899x/928/3/032022

Cited by 5 publications

(6 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A finite group is one that contains a limited numbers of items depending on the order of group (G). From a set of group G with the binary operation we can form the Abelian group * : G × G → G .An elliptic curve equation for real number called Weierstrass equations [12] . As shown in figure 1:…”

Section: Arithmetic Background Of Elliptic Curvementioning

confidence: 99%

Elliptic Curve Cryptosystem for Digital multimedia, General Review

Abbas,

Ayad Abd-al-Kahhar AbdulSalam

2023

AJEST

View full text Add to dashboard Cite

Various Cryptography algorithms are used to keep the transmission of data safe from intruder and to secure the connection between sender and receiver. This article provides an overview of ECC, including the algorithm process, fundamental protocols, and different ECC systems and applications. EC over fields also represents by numerous graphical representations of cryptographic processes. Comparison tables are included that list the ratio of key size between ECC and RSA (the nearest method to ECC), in factors of overhead, power availability and required storage, which indicates fast running with less bandwidth in case of elliptic curve method. In the other hand some previous works related to the topic were compared according to the functions of properties, measurement methods, and type of the data used, results were collected in traceable manner for the purpose of making it available to researchers and those interested in ECC.

show abstract

Section: Arithmetic Background Of Elliptic Curvementioning

confidence: 99%

Elliptic Curve Cryptosystem for Digital multimedia, General Review

Abbas,

Ayad Abd-al-Kahhar AbdulSalam

2023

AJEST

View full text Add to dashboard Cite

show abstract

“…The theoretical analysis proves that the random integer decomposition into two integers couldn't throw out the random integer reusing weakness, since this Scheme leads to retrieving the private key when used twice. Nisreen T. Hussein [16] proposed using a double elliptic curve's (EC) private key, that yields to generate double public keys for each user. In another word, by modifying the standard ECC's encryption parameters by selecting double private keys, and calculating double public keys, this method resolved the reused of random selection integers in ECDSA, but doubly public keys by performing additional point multiplication operations could be made the execution time worse.…”

Section: Related Workmentioning

confidence: 99%

“…As mentioned in sec.2, there are three research works [11,15,16], that proposed a modification to the standard ECSDA, these modifications are made to improve the run time efficiency, or to reduce the probability of the private key steal. The theoretical analysis for these modifications has been proven weakness points also.…”

Section: Performance and Security Comparisonsmentioning

confidence: 99%

“…Following a comparison between the proposed algorithm and the related works in [15,16], the comparison takes into it account the number of cryptography computations as a benchmark, some operations don't take into account, because of the trivial cost (such as XOR operation). So, two operations that are considered in Table3, inverse multiplication of modular arithmetic (IM), and scalar (point) multiplication (SM), those taken place in three different stages, parameters generation stage (PG), sign generation stage (SG), and sign verification stage (SV).…”

Section: Performance and Security Comparisonsmentioning

confidence: 99%

See 1 more Smart Citation

Lightweight Authentication Model for IoT Environments Based on Enhanced Elliptic Curve Digital Signature and Shamir Secret Share

2022

IJIES

View full text Add to dashboard Cite

With the rapid use of the Internet, and the increase in the numbers of smart and mobile devices, the internet of things (IoT) fields had become more crucial fields in the interest of developers. Many aspects related to authentication and privacy communication during an interaction between remote users and IoT devices should be enabled and achieved in a lightweight and secure manner. Due to the elliptic curve digital signature (ECDSA)'s features that are secure and lightweight compared with other public key algorithms; this paper presents a new IoT authentication model that incorporates a modified ECDSA. But unfortunately, the familiar use of ECDSA in Blockchain showed some problems related to the capability of revealing the random private integer, which leads to private key disclosure, and hence funds theft, this paper highlights this problem and proposes modifications to the ECDSA to make it more reliable. In addition, the proposed model combines a modified ECDSA and Shamir's secret sharing (SSS). The combination can give better results in establishing a more securely authentication agreement and robustness to resolve the standard algorithm attenuation, this modification involved a variant of ECDSA's calculations in signature processing, and employing Shamir's Secret Sharing to further protect the random private integer. Also, the proposed model achieves lower overhead communications by splitting and redistributing authentication calculations roles between the system's entities. After security analysis, the proposed algorithm exhibits ability to resist potential threats, also, a comparison with other related works demonstrates that the proposed algorithm performs fewer arithmetic operations, relatively, by decreasing the number of modular inverse operations, so this feature lowers resources-efforts and high performance, moreover, the theoretical analysis indicates that the proposed algorithm efficiently manages the scalability of the system.

show abstract

“…Therefore, it is needed to modify the ECDSA algorithm. In 2020, Hussein and Kashmar modified ECDSA by using two private keys 𝑑 1 and 𝑑 2 [6]. Later on, in 2021, Liu, Chen, and Liu modified ECDSA by using two random number 𝑘 and 𝑘 1 [7].…”

Section: Introductionmentioning

confidence: 99%

A Modification of ECDSA to Avoid the Rho Method Attack

Zahra¹,

Sugeng²

2022

Advances in Computer Science Research

View full text Add to dashboard Cite

Elliptic Curve Digital Signature Algorithm (ECDSA) is a digital signature algorithm that utilizes an elliptic curve. ECDSA consists of three steps, which are key generation, signature generation, and verification algorithm. ECDSA is used on Bitcoin transactions to generate the user's public key, private key, and signature, and also to verify a Bitcoin user's signature. There are some researches on ECDSA weak randomness which can be exploited by attackers to reveal the user's private key, and causes thefts of the user's money. ECDSA weak randomness is generating a random number that is not cryptographically secure. Some modifications of ECDSA to overcome this problem have been done, such as generating the digital signature by using two private keys. Although those modified algorithms overcome ECDSA weak randomness exploitations, it is not resistant to the Rho method attack which can solve elliptic curve discrete logarithm problem (ECDLP). In case ECDLP can be solved, the user's private key can be revealed. Therefore, in this paper, we modify an ECDSA algorithm that overcomes the exploitation of ECDSA weak randomness and is also resistant to the Rho method attack by using three private keys.

show abstract

An Improvement of ECDSA Weak Randomness in Blockchain

Cited by 5 publications

References 7 publications

Elliptic Curve Cryptosystem for Digital multimedia, General Review

Elliptic Curve Cryptosystem for Digital multimedia, General Review

Lightweight Authentication Model for IoT Environments Based on Enhanced Elliptic Curve Digital Signature and Shamir Secret Share

A Modification of ECDSA to Avoid the Rho Method Attack

Contact Info

Product

Resources

About