每个椭圆曲线签名生成都有不同的签名 [英] Different signature for each elliptic curve signature generation

问题描述

我正在使用椭圆曲线生成签名.问题是它每次使用相同的密钥对都会生成不同的签名.我尝试了Bouncy Castle库以及

I am using elliptic curve for generating signature. The issue is it generates a different signature every time with the same key pair. I tried the Bouncy Castle libraries as well as ECDsa. The signature get verified with both, but I want the same signature every time I use the same key pair.

每次都可以生成相同的签名怎么办?还是使用椭圆曲线不可能?

What could possibly do to generate the same signature every time? Or is this not possible using elliptic curve?

推荐答案

否，标准DSA是不确定性的，对于ECDSA而言，这意味着它依赖于加密安全的随机数生成器(

No, standard DSA is non-deterministic, which for ECDSA means that it relies on a cryptographically secure random number generator (in step 3 in the description on Wikipedia, to be precise).

如果常量用于其他输入，则ECDSA将泄漏私钥.这就是用于签名游戏的索尼私钥所发生的事情，被德国混沌计算机俱乐部()破解(但仅限于第122页！).当然，ECDSA无法确定是否使用了相同的数据.

If a constant is used with different input then ECDSA will leak the private key. This is what happened to the Sony private key used to sign games, which was cracked by the German Chaos Computer Club (but only at page 122!). Of course, ECDSA cannot tell if the same data is used or not.

在 RFC 6979，数字签名的确定性使用"中指定了一种生成ECDSA签名的确定性方法算法(DSA)和椭圆曲线数字签名算法(ECDSA)" .

您可以在C#中使用以下Bouncy Castle代码执行此操作:

You can do this using the following Bouncy Castle code in C#:

ECDsaSigner signer = new ECDsaSigner(new HMacDsaKCalculator(new Sha256Digest()));

显然用于比特币等区块链技术.

which apparently is used for blockchain technology such as bitcoin.

这篇关于每个椭圆曲线签名生成都有不同的签名的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！