Difference between revisions of "ECDSA"
(Created page with "ECDSA is a version of the digital signature algorithm (DSA), using elliptic curve cryptography (ECC) as its public key algorithm. It was developed in 1985 and standardized in...") |
|||
| Line 1: | Line 1: | ||
| − | ECDSA is a version of the digital signature algorithm (DSA), |
+ | ECDSA (Elliptic Curve Digital Signature Algorithm) is a version of the digital signature algorithm (DSA), |
| + | using elliptic curve cryptography (ECC) as its public key algorithm. |
||
It was developed in 1985 and standardized in 1999 (ANSI) and 2000 (IEEE, NIST). |
It was developed in 1985 and standardized in 1999 (ANSI) and 2000 (IEEE, NIST). |
||
| − | ECDSA |
+ | For ECDSA, an elliptic curve is selected, which defines the key size and security level. |
| + | ECDSA signatures are secure, because of the difficulty to compute discrete logarithms in the group of points on the chosen curve. |
||
| − | The keys are generated on a chosen elliptic curve, where the curve defines the key size and security level. |
||
| + | |||
| − | ECDSA keys and signatures are relatively small compared to RSA signatures at the same security level. |
||
| + | === Key Size === |
||
| − | A comparison is available at [[Digital Signature - RSA vs ECDSA]]. |
||
| + | |||
| + | The key size of ECDSA keys depends on the elliptic curve which shall be used. |
||
| + | There are different defined and commonly used curves with different characteristics. |
||
| + | For example NIST P-192, P-224, P-256, P-384, P521. |
||
| + | |||
| + | === Resource Use === |
||
| + | |||
| + | ECDSA digital signature verification can be implemented in about 10 kB ROM |
||
| + | and requires about 3.2kB of stack memory. |
||
| + | (Implementation of ECDSA in [[emSecure]]) |
||
| + | |||
| + | Storage requirements for the public key are equal to the key size. |
||
| + | The ECDSA signature is twice the size of the key. |
||
| + | |||
| + | === Performance === |
||
| + | |||
| + | The performance of ECDSA signature verification can also be split in two parts: |
||
| + | # Hashing the data. |
||
| + | # Signature verification, which depends on the chosen elliptic curve. |
||
| + | |||
| + | {|class="wikitable" |
||
| + | ! scope="row" colspan="2" | Hashing |
||
| + | |- |
||
| + | |emCrypt SHA-1 Hash computation || 12.51 MB/s |
||
| + | |- |
||
| + | |emCrypt SHA-224 Hash computation || 3.66 MB/s |
||
| + | |- |
||
| + | |emCrypt SHA-256 Hash computation || 3.66 MB/s |
||
| + | |- |
||
| + | |emCrypt SHA-512 Hash computation || 2.82 MB/s |
||
| + | |- |
||
| + | ! scope="row" colspan="2" | Signature verification |
||
| + | |- |
||
| + | |emCrypt ECDSA P-192 signature verification || 43.45 ms |
||
| + | |- |
||
| + | |emCrypt ECDSA P-224 signature verification || 53.87 ms |
||
| + | |- |
||
| + | |emCrypt ECDSA P-256 signature verification || 78.70 ms |
||
| + | |- |
||
| + | |emCrypt ECDSA P-384 signature verification || 129.17 ms |
||
| + | |- |
||
| + | |emCrypt ECDSA P-521 signature verification || 245.68 ms |
||
| + | |} |
||
| + | |||
| + | == Related Products == |
||
| + | |||
| + | [[emCrypt]] - Cryptographic Algorithm Library |
||
| + | |||
| + | [[emSecure]] - Digital Signature Suite |
||
| + | |||
| + | [[emSSL]] - SSL/TLS Library |
||
Revision as of 15:15, 20 August 2020
ECDSA (Elliptic Curve Digital Signature Algorithm) is a version of the digital signature algorithm (DSA), using elliptic curve cryptography (ECC) as its public key algorithm. It was developed in 1985 and standardized in 1999 (ANSI) and 2000 (IEEE, NIST).
For ECDSA, an elliptic curve is selected, which defines the key size and security level. ECDSA signatures are secure, because of the difficulty to compute discrete logarithms in the group of points on the chosen curve.
Key Size
The key size of ECDSA keys depends on the elliptic curve which shall be used. There are different defined and commonly used curves with different characteristics. For example NIST P-192, P-224, P-256, P-384, P521.
Resource Use
ECDSA digital signature verification can be implemented in about 10 kB ROM and requires about 3.2kB of stack memory. (Implementation of ECDSA in emSecure)
Storage requirements for the public key are equal to the key size. The ECDSA signature is twice the size of the key.
Performance
The performance of ECDSA signature verification can also be split in two parts:
- Hashing the data.
- Signature verification, which depends on the chosen elliptic curve.
| Hashing | |
|---|---|
| emCrypt SHA-1 Hash computation | 12.51 MB/s |
| emCrypt SHA-224 Hash computation | 3.66 MB/s |
| emCrypt SHA-256 Hash computation | 3.66 MB/s |
| emCrypt SHA-512 Hash computation | 2.82 MB/s |
| Signature verification | |
| emCrypt ECDSA P-192 signature verification | 43.45 ms |
| emCrypt ECDSA P-224 signature verification | 53.87 ms |
| emCrypt ECDSA P-256 signature verification | 78.70 ms |
| emCrypt ECDSA P-384 signature verification | 129.17 ms |
| emCrypt ECDSA P-521 signature verification | 245.68 ms |
Related Products
emCrypt - Cryptographic Algorithm Library
emSecure - Digital Signature Suite
emSSL - SSL/TLS Library
