XI INTERNATIONAL CONFERENCE
“INFORMATION TECHNOLOGY AND IMPLEMENTATION” (IT&I-2024)
STUDY OF PROPERTIES, APPLICATIONS AND SOFTWARE IMPLEMENTATION
OF THE DIGITAL SIGNATURE ALGORITHM BASED ON ELLIPTIC CURVES
Serhii Buchyk, Anastasiia Shabanova, Serhii Toliupa, Oleksandr Buchyk, Maksym Delembovskyi
About the report
Content:
List of references:
1. DSTU 4145:2002. Informatsiini tekhnolohii. Kryptohrafichnyi zakhyst informatsii. Tsyfrovyi pidpys, shcho gruntuietsia na eliptychnykh kryvykh. Formuvannia ta pereviriannia. Chynnyi vid 2003-07-01. Vyd. ofits. Kyiv: Male pidpryiemstvo «Dyna», 2002. 36 s.
2. Lawrence Washington Elliptic curves, Number theory and Cryptography. – CRC Press, 2000. – 430 s.
3. Zavhorodnii, V. V., H. A. Zavhorodnia, Yu. S. Berezinskyi, i I. P. Berezinska. «REALIZATSIIA KRYPTOSTIIKOHO ALHORYTMU IZ PROSTOIU PROTSEDUROIU SHYFRUVANNIA TA DESHYFRUVANNIA NA OSNOVI ELIPTYChNYKH KRYVYKH». Tavriiskyi naukovyi visnyk. Seriia: Tekhnichni nauky, vyp. 3, Zhovten 2023, s. 13-20, doi:10.32782/tnv-tech.2023.3.2.
4. Ievseiev, S. P. Laboratornyi praktykum z osnov kryptohrafichnoho zakhystu [Elektronnyi resurs] : navch. posib. / S. P. Yevseiev, O. V. Milov, O. H. Korol ; Kharkivskyi natsionalnyi ekonomichnyi universytet im. S. Kuznetsia. - Elektron. tekstovi dan. (12,3 MB). - Kharkiv : KhNEU im. S. Kuznetsia, 2020. - 221 s. : il. - Zahol. z tytul. ekranu. - Bibliohr.: s. 211-213.
Relevance
The paper provides a detailed analysis of the mathematical foundations of ELLIPTIC CURVES, which are the basis for the development of DIGITAL SIGNATURE algorithms.
The developed software implementation of the digital signature algorithm based on elliptic curves opens up opportunities for use in various fields, such as secure messengers, electronic voting systems, authentication and authorisation, and the creation of cryptocurrency platforms.
Possible directions for the development of this work are related to the expansion of the software model and algorithm in accordance with the requirements of international standards for a more complete analysis and assessment of risks.
The topic of this work, namely «STUDY OF PROPERTIES, APPLICATIONS AND SOFTWARE IMPLEMENTATION OF THE DIGITAL SIGNATURE ALGORITHM BASED ON ELLIPTIC CURVES» is relevant.
Further research may include the development of new methods for optimising algorithms to improve their efficiency and security.
Theoretical aspects of digital signatures based on elliptic curves
Since elliptic curve digital signatures (ECDS) are the most advanced and secure technology in modern cryptography, the development of their standardisation is a key factor in ensuring interoperability, security and efficiency in different environments and technologies. This paper focuses on the analysis of DSTU 4145-2002, but for a more detailed review, several other global standards are presented along with their detailed description to illustrate the results of their use.
1.1 Standardisation of digital signature algorithms based on elliptic curves
ANSI X9.62, adopted in 1999 by the American National Standards Institute (ANSI), is a key standard for ensuring the security of digital signatures in financial institutions, which discloses the use of the ECDSA algorithm.
For a general understanding, it is also worth considering the FIPS 186-4 standard established by the US National Institute of Standards and Technology (in 2013, another equally common name is the Digital Signature Standard (DSS).
RFC 6090, developed by the Internet Engineering Task Force (IETF) in 2011, is part of a series of recommendations for the use of elliptic curves in cryptography for Internet applications.
Theoretical aspects of digital signatures based on elliptic curves
Description of the algorithm for the formation and verification of the CP based on elliptic curves in accordance with DSTU 4145:2002
Once the initial conditions are met, the algorithm for generating a digital signature is created in the following steps:
1. First of all, the correctness of the general parameters of the digital signature is checked in accordance with clauses 8.1-8.3 of the standard, and in case of incorrect parameters, the calculation of the digital signature is terminated.
2. The private key is checked in accordance with clause 10.2, and if the private key has any errors, the digital signature calculation is also terminated.
3. Check whether the LD (data length) is a multiple of 16 and is greater than twice the length of the base point order. If the conditions are not met, the calculation of the digital signature is stopped.
Practical implementation of digital signature algorithms
Selection and justification of software tools for implementing digital signature algorithms
The implementation was carried out in the C# programming language in the Microsoft Visual Studio 2022 integrated development environment. However, any compiler compatible with the C# programming language standards can be used to compile the application. The advantages of using C# are the provision of convenient tools for working with the bit level, which is important for the cryptographic operations under consideration, which involved hashing and manipulating bits when working with the key space.
The task is to analyse a generalised assessment of the possibility of integrating an algorithm for creating and verifying a digital signature that complies with the DSTU 4145:2002 standard into systems with limited resources, with minimal impact on time efficiency.
The logical structuring of the application includes the following files and the main component classes:
Technical description of the software implementation of the digital signature creation and verification algorithm
Practical implementation of digital signature algorithms
The output data provided by the programme after its launch includes the following:
Measurement of the time required to generate a base point on an elliptical curve. This value is important for assessing the performance of the algorithm and its resource consumption.
Private key in hexadecimal format. This key is confidential and is used to create digital signatures.
Public key in the form of two hexadecimal numbers. This data is used to verify digital signatures.
A digital signature in hexadecimal format. This signature is used to confirm the authenticity of the message.
After performing digital signature verification, the program provides a result indicating whether the authenticity of the signed message has been successfully confirmed. This result is a sign of the message's authenticity.
Experimental study of the efficiency of a cpu based on elliptic curves
Technical description of the software implementation of the algorithm stress test
The purpose of this part of the experimental study is to conduct stress testing of the digital signature generation and verification algorithm using a large number of random messages, aimed at identifying the statistical relationship between the expected and actually usable performance level under various conditions: from low to high load and a variety of input data. The structure of the software implementation includes the UnitTest1 class in the Test namespace, which contains the Test1 method. The constructor of the UnitTest1() class creates an array of RandomStrings of size 10. Each element of this array is a random string with a length of 1000 characters, which represents random data.
The first part of the study covers a comparative analysis of the results of parallel and sequential message processing in order to determine the optimal way to perform the digital signature algorithm according to DSTU 4145:2002 in accordance with the increased requirements and amount of processing resources. Parallel message processing uses the capabilities of multi-core processors and distributed systems to calculate digital signatures for multiple messages simultaneously. Sequential message processing performs digital signatures sequentially for each message, without parallel execution.
Analysing the impact of an array of messages on the stability and speed of the algorithm during parallel and sequential iteration
Experimental study of the efficiency of a cpu based on elliptic curves
Estimating the processor load when using the algorithm in parallel and sequential iterations
The second part of the experimental study aims to assess the CPU load during the execution of the algorithm using parallel and sequential data processing methods by measuring the amount of RAM used. The study used not only standard Visual Studio tools but also additional tools such as ReSharper, an extension for the .NET platform.
The main features of dynamic analysis in ReSharper include:
- Detect and automatically fix code performance issues, such as under-optimised or inefficient parts of the application that can slow down the application;
- In-depth research and provision of process tools for analysing and monitoring the memory usage of a software product, which allows to identify potential memory retention issues and detect memory leaks that can lead to unstable operation of the application or its crash.
To run dynamic analysis in ReSharper, we used the built-in tools of this plug-in after installing it as an additional tool in Visual Studio. To display it as an extension, it was enough to open the solution of the project in which the study was carried out and select the option ‘Run Code Analysis’, hereinafter ‘DPA’ from the ReSharper menu or in the context menu of the corresponding stress test.
Experimental study of the efficiency of a cpu based on elliptic curves
Figure 1. Running a stress test using the parallel method
Figure 2. Performing a stress test using the sequential method
Conclusions
The result of the work done is:
- A comprehensive study of the digital signature algorithm based on elliptic curves, followed by software implementation;
- Experimental study of the influence of load and time characteristics on a series of algorithm runs.
In the course of the work, the following results were obtained:
1. Software implementation of a digital signature algorithm based on elliptic curves.
2. The analysis of digital signature generation time for different parameters was carried out, which allowed to determine the most optimal settings to ensure fast and efficient operation of the cryptographic system.
3. The analysed and compiled study of resource usage during cryptographic operations provided valuable recommendations for developers and administrators to optimise and improve system security.
4. A methodology has been developed that includes theoretical tasks for self-control, practical tasks, analytical tasks and critical thinking tasks, with the definition of goals and objectives, development of evaluation criteria and methods of control and feedback.
Thank you for your attention!!!