# Elliptic Curve Digital Signature Algorithm (ECDSA) – Public Key Cryptography w/ JAVA (tutorial 10)

this is a pre-built version
of the application so let’s go ahead and run the server and two clients and this will be the server and this is
the first client and this one the second one and I put the test data that we will
be using in this file so this is for decimal test data and this is for
hexadecimal test data we’ll be using two curves for that scep 256k1 which is
used by Bitcoin and this other curve so we’ll start with running in ASCII mode
and in base 10 and will use this generator point and
this secret key and Bob will use this curve with this
generator point and let’s say we have this key so in ASCII mode we will not
be able to enter text so it should give an error if we do that so let’s enter
ascii so we’ll try to send this ascii message to Bob and will choose this
ephemeral key and let’s first try to sign it with an invalid key so Bob
realized that the message was not signed with Alice’s private key
he received the signed message and calculated w1 u1 u2 and the point P took
P of X which is v and checked if v is congruent to r in mode n and
determined that this message was not signed by Alice so now let’s go ahead
and send the same message with the same ephemeral key but this time sign it with
Alice’s private key so here we go the message was signed with Alice’s private
key so same thing he calculated w u1 u2 and the point P and took v and checked if it’s congruent to
r and this is the value of r now let’s say that Bob wants to send this
ascii message and let’s use this ephemeral key and his key that we chose was this
one 9 so here we go Alice determined that the
message was signed with Bob’s private key and Eve
can see all the communications so she has the domain parameters that Alice is
using so the curve and the generator point and she also have the domain parameters
that Bob is using also his curve and generator point and she can see
communication originating from Alice and from Bob but in order to sign those
messages as being Alice she needs to solve the ECDLP the
elliptic curve discrete logarithm problem and compute his or her private
key d or ephemeral key and same thing in the case of Bob to sign
messages as being Bob she need to solve his elliptic curve discrete logarithm
problem for his curve and compute his private key d or ephemeral key now before proceeding with the code
let’s do a quick summary so we have it setup here where Alice wants to send a
signed message to Bob so she selects the domain parameters the elliptic curve
coefficients a and b and prime number p and the generator point a for the
cyclic group with prime order n and then she picks the secret key d between 0 and
n and calculates the public key uppercase B where B is d hops from the generator
point A and she sends a b p n and the generator point uppercase A and the
public key uppercase B to Bob and then when she wants to send a message a sign
message to Bob she starts by picking an ephemeral key such that the ephemeral
key is between 0 and n and then she calculates the point R which is
ephemeral key hops from the generator point A and then she sets lowercase r to
the x-coordinate of this point r and then she calculates s which is congruent
to h of x or the hash of x plus d times r multiplied by the inverse of the
ephemeral key and all of that in mod n and she sends the message x and r
and s to Bob so the signed message and Bob has domain parameters for Alice and
he has her public key upper case B so he starts by calculating
w which is congruent to the inverse of s in mod n and then he calculates
u1 and u2 so u1 is congruent to w multiplied by h of x in mod n and u2 is
congruent to w multiplied by r in mod n and then he calculates the point P which
is u1 multiplied by the point A plus u2 multiplied by the point upper case
B and finally he validates the signature so if the x-coordinate of this point is
congruent to r from here in mod n than and we have a valid signature otherwise
we have an invalid signature I will start by creating a new project and here we will have one package
which will contain the server code and another one for the client code and we
will need to do JSON so we’ll pick up this jar from here and go to properties and Java build path and I put the test data that we
will be using in this file now on the server side we will have two classes a server class with a main method and a
server thread class which will extend from Thread and on the client side we will have four
classes a client class with a main method and a client thread class which will extend from thread and this
class will represent the elliptic curve and this one a point on the curve and we
will start from the server side and here we will have three instance
variables a server and a buffered reader and a print writer and we will
initialize those in the constructor which takes in a socket and a server and
uses the socket to initialize the buffered reader and the print writer and here this would be
the port that the server will be listening on and we will have a set of server
threads for the different clients that this server is interacting with and a
get method for that set and this method does message forwarding and we
will call it from here to forward messages from Alice to Bob or the other
way around and we will start by instantiating a server and a server
socket given the port number and indicate that Eve is eavesdropping on
all communications and while this server is up we will pick up or accept
connections from clients and dedicate a server thread for each connection and
put that server thread in the set of silver threads and call the
start Method on the thread which will end up triggering a call to this
run method when the operating system decides to do so so if the JSON message contains domain
parameters then we indicate that otherwise if it is a signed message
then we indicate that for Eve to sign messages as being that person she needs
to solve the elliptic curve discrete logarithm problem and compute the
private key d of that person that signed the message or the ephemeral key for
that message and this should do it for this class and next will do the client side and those are the x and y
coordinates for a point on the curve and we will initialize those in the
constructor and those are 2 get methods and this indicates if we are running in
ascii mode and this is used for testing purposes so we don’t do any hashing in
this mode for the message and this indicates what base the user enters
their numbers so either decimal or hexadecimal and this is the name for
this user and this is the name for the other user and we keep track of the
domain parameters that are used for this user
so the elliptic curve and the generator point and the domain parameters for the
other user also the elliptic curves that the other user is using to sign messages
with and his generator point and also his public key point and also we keep
track of the private key for this user and if we are ready to send and receive
messages and those are get and set methods and here we have a buffered
reader instance variable and a client instance variable and we initialize
those in the constructor which takes in a socket and a client instance and uses
the socket to initialize the buffered reader instance and for convenience we will
define those and we will keep track of the curve
coefficients a and b and the prime number p and number of points in the
cyclic group n and the cofactor h which is the order of the elliptic curve over n
and we will initialize those in the constructor and we will have those get
methods and this toString method that will print out y squared is congruent
to x cube plus the value of a x plus the value of b in mod the value of p and
here we indicate if we are running in ascii mode and what base the user
enters their numbers in and we instantiate a client and a socket and
for the purpose of this tutorial the server will be running on localhost and
listening on this port number and we instantiate a client thread and call the
start method on it which will end up triggering a call to this run method
when the operating system decides to do so and this method does pickup and
processing of user input given the base they enter their numbers in and we will
call it from here now we want to make sure that the elliptic curve entered by
the user is not singular so it satisfies this expression 4 a cube plus 27 b
squared is different than zero in mod p and this method will do that and it
will be called from here and we display this to the user in case
we have a singular elliptic curve so this method picks up the values of a b
p n and h from the user and this method checks to see if this point is on the
curve and we do that by making sure that y squared is congruent to x cube plus a x
plus b in mod p for the y-coordinate and the x-coordinate of this point
so here we have point G dot get y we multiply it by itself so y squared in
mod p if that equal to x cube plus a x plus b in mod p and this method initializes the domain parameters so we pick
up the elliptic curve by calling this method and we pick up a the generator point
from the user and make sure that that point is on
the curve otherwise we display this to the user
and here let’s define infinity as being this huge number and point at
infinity has infinity as its y-coordinate and we will have those
equals and toString methods so this returns the x and y coordinates in base
10 and this one in all bases including base 10 16 etc. and this
equals method checks to see if the passed in point is equal to this point and
this should do it for this class now going here let’s add this method that
checks to see if those two points are inverses of each other
so if they have the same x-coordinate and opposite y-coordinates with respect to the x-axis and those two
methods do point addition and doubling and those are the equations for point
addition and those are the ones for point doubling so the x and y
coordinates and the slope and we implement the addition equations here
and the doubling equation here and this method does multiplication using the
double and add algorithm so we do d hops from point G and we end up in
point T so we turn d into binary and we go through each bit in that
binary string and if that bit is equal to one then we do an addition after
doing a point doubling and this should do it for this class so now we can go
here and add this method so we first pick up the private key for
this user and we use it to calculate the public key starting from the generator
point and we send the domain parameters and the public key in a JSON object and
we call the init domain parameters and the calculate public key from this
method and we will have this method that picks up hashes signs and sends
messages and we will call it from here and this method does message hashing and we call it from this method
handle message hashing and this is the code that picks up by the message and
hashes it and this method picks up the ephemeral key and we will call it from here and this method picks up the signing key
from the user and those two methods calculate r and s and this
method sends the signed message as a JSON object so x r and s and we will call those methods from here so after picking up the ephemeral key we
use it to calculate r then we calculate s and send the signed
message so this should do it for this class now going here we will have those
two methods this one to display the calculations and this one to validate
the message and this one receives the message so it calculates r and s and w and it displays the calculations and
validates the message and this one obtains the message hash
and we call those from here so here we are picking up the domain
parameters that the other user is using to sign messages and here we are
receiving the signed message so we call obtain message hash and receive the
message and this should do it for this class and finally let’s go head and test
run the application but before doing that let’s change this and we will have a server and two
clients and this will be the server and this is
the first client and this one the second one so we’ll have Alice here and she will
be using secp256k1 curve so let’s copy this with this generator point and let’s say she will use this secret
key and Bob will use this curve secp384 so let’s copy this and this generator point and let’s say he will use this as his
secret key and let’s have Alice try to send this message
so she hashes it this is the hash and let’s say she picks this ephemeral key and let’s have her use a wrong key so we
added 7 so Bob realize that the message was not signed with Alice’s private key
so he calculates the hash and this is the same as the hash for Alice and then
he calculates w u1 u2 and the point P and he checks if v is congruent to r in
mod n so now let’s do the same thing send the same message and same ephemeral key and this time enter the right secret key for Alice so here we go so Bob validates the
message and he determines that it was signed with Alice’s private key and
let’s have Bob send this message to Alice so he hashes it and maybe he chooses this ephemeral key
and his key that he chose was this one so Alice validates the message and
determines that it was signed with Bob’s private key and Eve can see all the
communications so now she has Alice’s domain parameters the curve and the
generator point and Bob’s domain parameter the curve and the generator point and she can see messages signed messages originating from Alice and from Bob and in order to sign any message as
originating from Alice or Bob she needs to solve the elliptic curve
discrete logarithm problem and compute Alice’s private key d or the
ephemeral key of that message and same thing in Bob’s case

## 2 thoughts on “Elliptic Curve Digital Signature Algorithm (ECDSA) – Public Key Cryptography w/ JAVA (tutorial 10)”

1. zaneacademy says:

Elliptic Curve Diffie–Hellman key exchange (ECDH) @ https://youtu.be/JlmA9JG7kwY

Elliptic Curve Cryptography (ECC) @ https://youtu.be/lRY8ZDek8R0
Digital Signature Algorithm (DSA) @ https://youtu.be/hOFv79Fs5As
derive equations For point addition & point doubling @ https://youtu.be/ImEIf-9LQwg

2. Алексей Бояров says:

ECDSA – R, S and Z values from Nested SegWit (P2SH) Transaction – how to find them?