Subversion Attack and Improvement of ECDSA Signature Scheme
Publication Name
Ruan Jian Xue Bao/Journal of Software
Abstract
The Snowden incident revealed the fact that certain cryptosystems were indeed subverted. Elliptic curve digital signature algorithm (ECDSA) has been widely used due to its short signature length advantage under the same security level, for example, signing bitcoin transactions. However, whether the ECDSA can be subverted and how to resist this attack remain a challenge. This study answers this question positively. Firstly, it is shown that how to use a pseudorandom function (PRF) to calculate a random value to replace the randomness used in the ECDSA. The subverted ECDSA enables an adversary to extract signing private key by obtaining at most three consecutive signatures. Secondly, the hash value of private key, message, and the random signature component are used as the second random number to improve the ECDSA scheme, and as a result, the signature scheme against subversion-resistant attack is proposed. Even an adversary replaces the component of the new signature algorithm, it cannot extract any information of the signing key. Finally, the proposed algorithm and existing algorithm are implemented, and the implementation demonstrates that the proposed scheme has advantages in terms of computational complexity and efficiency.
Open Access Status
This publication is not available as open access
Volume
34
Issue
6
First Page
2892
Last Page
2905