Secret Sharing of ECDSA

Prof Bill Buchanan OBE FRSE
3 min readFeb 21, 2021

The ECDSA signature method is used to sign a message with a private key. So rather than sharing the signature, could we give a share of the signature to a number of nodes, and who must come together to share the signature. We will only be able to recover it if enough hosts come together to share their shares. In this case, we will use Shamir Secret Shares (SSS) for which we have n shares, and where we can recover the share using t nodes:

For ECDSA, Alice signs the message with the following:

  1. Create a hash of the message e=HASH(m).
  2. Let h be the Ln be the leftmost bits of e, Ln has a bit length of the group order N.
  3. Create a random number k which is between 1 and N−1.
  4. Calculate a point on the curve as (x_1,y_1)=k×G
  5. Calculate r=x_1(modN)
  6. If r=0, go back to Step 3.
  7. Calculate s=k^{−1}(h+rdA)(modN).
  8. If s=0, go back to Step 3.
  9. The signature is the pair (r,s)

Bob will check with:

  1. Create a hash of the message e=HASH(m).
  2. Let h be the Ln

--

--

Prof Bill Buchanan OBE FRSE
Prof Bill Buchanan OBE FRSE

Written by Prof Bill Buchanan OBE FRSE

Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. Based in Edinburgh. Old World Breaker. New World Creator. Building trust.

No responses yet