Skip to content

Digital Signature Guide

The DigitalSignature module provides a secure method for generating and verifying digital signatures using Elliptic Curve Digital Signature Algorithm (ECDSA). Below is a detailed guide on how to utilize the DigitalSignature class and its available methods.

Digital Signature Class

The DigitalSignature class is designed to handle ECDSA signing and verification using your private and public keys. Upon initialization, it leverages an elliptic curve to maintain essential parameters and operations for the digital signature process.

Initializing the Class

To begin, you'll need to initialize the DigitalSignature class with a valid ECDSA private key, which is a large random integer that you have to keep secret:

from ecutils.algorithms import DigitalSignature

# Here's an example with a hypothetical private key.
private_key = YOUR_PRIVATE_KEY
alice_ds = DigitalSignature(private_key)

Generate a Signature

When you want to sign a message, start by hashing it using a robust cryptographic hash function. After hashing your message, you're ready to generate a digital signature:

message_hash = hash('Your message here')

# The signature consists of two parts, r and s.
r, s = alice_ds.generate_signature(message_hash)

The generate_signature method will give you an ECDSA signature in the form of a tuple (r, s). Be sure to handle these components with care, as they verify the message's integrity.

Verify a Signature

To confirm the authenticity of a message, you can validate the received signature using the verify_signature method. You will need the sender's public key, the message hash, and the (r, s) tuple of the signature:

private_key = OTHER_PRIVATE_KEY
bob_ds = DigitalSignature(private_key)
is_valid = bob_ds.verify_signature(alice_ds.public_key, message_hash, r, s)

The verify_signature method returns True if the signature is indeed valid and False if it is not.

Public and Private Keys

In ECDSA, your private key should be a closely guarded secret, while your public key can be shared publicly without compromising the security of the signature.

  • Private Key: A secret integer used to generate digital signatures.
  • Public Key: A point on the elliptic curve derived from the private key and the curve's base point. The public key's purpose is for signature verification.

Security Considerations

Please follow these best practices:

  • Key Generation: Always create private keys using a cryptographically secure random number generator.
  • Key Storage: Protect private keys with the utmost security (consider using hardware security modules or secure key stores).
  • Message Hashing: Hash messages with a secure and collision-resistant cryptographic hash function.
  • Signature Transmission: Safeguard the (r, s) signature components during transmission or storage.

Error Handling and Validation

Use caution and validate all signature components before proceeding. The DigitalSignature class will throw exceptions like ValueError if you provide an invalid signature for verification. Always use the verify_signature method to validate signatures.

By adhering to these guidelines and understanding the significance of generating and verifying digital signatures, you will bolster the integrity and trustworthiness of messages in your application.