ALBANESE Research Lab 🔍
Software Engineering & Systems Integration Solutions
EC-KCDSA 🇧🇷 🇰🇷
Korean Certificate-based Digital Signature Algorithm
EC-KCDSA Signature Scheme
Albanese, Pedro F (2024).Adopted as the standard in South Korea (TTAK.KO-12.0015/R3)
EC-KCDSA (Elliptic Curve Korean Certificate-based Digital Signature Algorithm) is a digital signature scheme based on the standard ElGamal algorithm, adopted by South Korea for its national digital certification infrastructure. Utilizing the Elliptic Curve Discrete Logarithm Problem (ECDLP), a computationally difficult problem, EC-KCDSA ensures the security of elliptic curve cryptography. The algorithm employs Weierstrass curves to enhance security and computational efficiency.
Generate Key Pair
1. The private key \( d \) is randomly selected.
2. The public key \( Q \) is computed as \( Q = d \cdot G \), where \( G \) is the generator of the curve.
Sign
1. The value \( k \) is chosen randomly, with \( k \in \mathbb{Z}_n \).
2. Compute \( r \) as the hash of \( x_1 \) (the x-coordinate of \( kG \)): \( r = \text{Hash}(x_1) \mod 2^w \).
3. The value \( cQ \) is the concatenation of the coordinates \( x_Q \) and \( y_Q \) of the public key point \( Q \), truncated to a length \( L \): \( cQ = \text{MSB}(x_Q \| y_Q, L) \).
4. Compute \( v \) as the hash of \( cQ \) concatenated with the message \( M \): \( v = \text{Hash}(cQ \| M) \mod 2^w \).
5. Compute \( e = (r \oplus v) \mod n \), where \( \oplus \) is the XOR operation between \( r \) and \( v \).
6. Compute \( t = d \cdot (k - e) \mod n \).
7. If \( t = 0 \), the signing process must be repeated.
Verification
1. The value \( r \) must be greater than 0 and less than \( n \), and \( t \) must be greater than 0.
2. The value \( cQ \) is recalculated with the coordinates of \( Q \) concatenated.
3. Compute \( v' \) as the hash of \( cQ \) concatenated with the message \( M \), and reduce modulo \( 2^w \): \( v' = \text{Hash}(cQ \| M) \mod 2^w \).
4. Compute \( e' = (r \oplus v') \mod n \), where \( \oplus \) is the XOR operation between \( r \) and \( v' \).
5. The point \( (x_2, y_2) \) is computed as: \( (x_2, y_2) = t'Q + e'G \).
6. It is verified if the hash of \( x_2 \) equals \( r \): \( \text{Hash}(x_2) = r \).
If the verification is successful, the signature is valid.
Usage
package main import ( "fmt" "log" "github.com/RyuaNerin/go-krypto/lsh256" "github.com/RyuaNerin/go-krypto/eckcdsa" "crypto/elliptic" "crypto/rand" ) func main() { // Using the P256 curve as an example curve := elliptic.P256() // Generate private and public keys using the eckcdsa library privateKey, err := eckcdsa.GenerateKey(curve, rand.Reader) if err != nil { log.Fatal("Error generating keys:", err) } publicKey := &privateKey.PublicKey // Hardcoded message for signing msg := []byte("Example message") // Create an instance of the LSH256 hash function hashFunc := lsh256.New() // Sign the message with the private key using ECKCDSA (ASN.1 signature format) signature, err := eckcdsa.SignASN1(rand.Reader, privateKey, hashFunc, msg) if err != nil { log.Fatal("Error signing the message:", err) } // Verify the signature with the public key using ECKCDSA valid := eckcdsa.VerifyASN1(publicKey, hashFunc, msg, signature) if !valid { fmt.Println("The signature is invalid.") } else { fmt.Println("The signature is valid.") } // Print the ASN.1 encoded signature in hexadecimal format fmt.Printf("ASN.1 encoded signature: %x\n", signature) }
Reference
Korean Standard TTAK.KO-12.0015/R3 EC-KCDSA.Examples
Generate Key Pair:
Parse Keys:./edgetk -pkey keygen -algorithm eckcdsa [-bits 283] -prv "Private.pem" [-pass "passphrase"] -pub "Public.pem"
Generate Signature:./edgetk -pkey text -key "Private.pem" [-pass "passphrase"]
./edgetk -pkey text -key "Public.pem"
Transmit the Signature:./edgetk -pkey sign -algorithm eckcdsa -md lsh256 -key "Private.pem" FILE > sign.txt
Verify Signature:sign=$(cat sign.txt|awk '{print $2}')
./edgetk -pkey verify -algorithm eckcdsa -md lsh256 -key "Public.pem" -signature $sign FILE
echo $?
This example uses the standard TTAK.KO-12.0276 LSH Message Digest Algorithm (KS X 3262) for pre-hashing.
LICENSE
Copyright (c) 2024 Pedro F. Albanese <pedroalbanese@hotmail.com>
Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
