Table of Contents
Elliptic Curve Digital Signature Algorithm, or ECDSA, is one of the more complex public key cryptography encryption algorithms. Keys are generated via elliptic curve cryptography that are smaller than the average keys generated by digital signing algorithms. Elliptic curve cryptography is a form of public key cryptography which is based on the algebraic structure of elliptic curves over finite fields. Elliptic curve cryptography is mainly used for the creation of pseudo-random numbers, digital signatures, and more. A digital signature is an authentication method used where a public key pair and a digital certificate are used as a signature to verify the identity of a recipient or sender of information.
What is ECDSA?
ECDSA does the same thing as any other digital signing signature, but more efficiently. This is due to ECDSA’s use of smaller keys to create the same level of security as any other digital signature algorithm. ECDSA is used to create ECDSA certificates, which is a type of electronic document used for authentication of the owner of the certificate. Certificates contain information about the key used to create the certificate, information about the owner of the certificate, and the signature of the issuer of the certificate, who is a verified trusted entity. This trusted issuer is normally a certificate authority which also has a signed certificate, which can be traced back through the chain of trust to the original issuing certificate authority.
The way ECDSA works is an elliptic curve is that an elliptic curve is analyzed, and a point on the curve is selected. That point is multiplied by another number, thus creating a new point on the curve. The new point on the curve is very difficult to find, even with the original point at your disposal. The complexity of ECDSA means that ECDSA is more secure against current methods of encryption cracking encryptions. Along with being more secure against current attack methods, ECDSA also offers a variety of other benefits as well.
The Benefits and Drawbacks to using ECDSA
A benefit to using ECDSA over other public key cryptography is how new ECDSA is. ECDSA was standardized in 2005, compared to most common public key cryptography algorithm used, RSA, which was standardized in 1995. Since ECDSA has been around for such a shorter period of time, hackers have had less time to learn how to crack ECDSA. This, along with ECDSA’s complexity make switching to ECDSA look like a more desirable option each year. These benefits are why newer protocols choose to use ECDSA over RSA for public key cryptography functions.
Yet, RSA is still the most widely used public key cryptography method. This is due to the length of time RSA has been around, among other reasons. Though attackers have had more time to crack RSA, it is still the tried and true method used all across the Internet for digital signing, SSL/TLS transport, and more. A drawback of ECDSA is that it is complex to implement, whereas RSA is more easily set-up in comparison. The simplicity of RSA is often a draw to organizations, as it offer less roadblocks in its set-up. The downfall of many different organizations using ECDSA that have been hacked is the improper implementation of ECDSA itself, as it is complex to implement in the first place.
Where can ECDSA be implemented?
ECDSA does not just need to be used in the signing of certificates, it can be used anywhere RSA has been with the same effect in the end. Public key cryptography methods are found in everything from TLS/SSL to code signing. The government uses ECDSA to protect internal communications, while Tor uses it to maintain anonymity for their users. These are just a few of the uses ECDSA can be used for, but all cryptosystems face an issue with the emergence of quantum computing. Quantum computing threatens to make all classic cryptosystems, from AES to RSA to ECDSA, obsolete. The methods used in quantum computing mean previously strong methods like ECDSA will need to update to use quantum cryptography, or become obsolete.