Digital Signatures using Edwards Curves

A digital signature is a mathematical means of verifying that an e-document is authentic, that it has come from the claimed sender and that it has not been tampered with or corrupted during transit.

Digital signatures are a standard component of cryptographic systems. They use asymetric cryptography that is based on key pairs, consisting of a public key and a private key. The public key is open and may be posted online; the integrity of the system depends on the private key remaining secret, so to prevent forgeries it is vital that the sender does not share the private/secret key with anybody.

Components of Digital Signature

There are three essential components of a digital signature scheme: (1) generating the keys, (2) signing the document and (3) verifying the message. The keys can be generated using one-way mathematical functions called trapdoor functions. The output of such functions is easily obtained from the input, but the process is very difficult to invert: from the output, it is all-but-impossible to derive the input.

There are sophisticated techniques for defining these trapdoor functions, but the idea is easily illustrated: given two large prime numbers, it is a simple matter to multiply then and produce a product. However, given the product of two large primes, it is computationally unfeasible to find the two factors.

A message is sent, as usual, from busy Alice to lucky Bob. In the digital signature system, Alice uses her private key and the desired message to generate a signature. She then appends the signature to the message and sends it to Bob (see Figure 2). Bob receives both the message and the signature, and he can use Alice’s public key to verify the authenticity of the signed message.

Eve, the villain who is trying to defraud Bob, can construct a phoney message but cannot encrypt it correctly without Alice’s private key. If she tries, the decryption by Bob will immediately indicate a conflict between the message and the signature, alerting him to the scam.

Fig. 2. Alice sends a signed message to Bob [image from Robinson, 2023].

Edwards Curve Algorithm

There are many methods of constructing trapdoor functions. One of them has recently been reviewed by Angela Robinson (2023) in an article in the Notices of the American Mathematical Society, where she describes the Edwards Curve Digital Signature Algorithm (EdDSA). A series of Edwards curves are shown in Figure 3.

The security of EdDSA depends on the difficulty of solving the Elliptic Curve Discrete Logarithm Problem (ECDLP). The algorithm uses elliptic curves over finite fields; the equation of a typical Edwards Curve iswhich is second-order in both ${x}$ and ${y}$ . The points on these curves form an Abelian group under an appropriate definition of addition. Details of the algorithm are given in the article by Robinson (2023).

The forerunner of EdDSA was ECDSA, which has been in use since the 1990’s. The new method provides greater efficienty and enhanced security, and has recently been adopted as a US Cryptographic standard.

Sources

${\bullet}$ Robinson, Angela, 2023: The Mathematics of Digital Signatures. Notices Am. Math. Soc., 70 (6), 998–999. PDF

${\bullet}$ Wikipedia article: Edwards Curve: http://www.wikipedia.org/

* * *

NOTICE

Maths Week Ireland runs from Oct 14th to 22nd. A Maths Week poster with lots of maths puzzles with a rugby focus will accompany The Irish Times next Tuesday, October 10th. Details of Maths Week are at www.mathsweek.ie

Related

Published by thatsmaths