# Elliptic Curve Digital Signature Algorithm (ECDSA) – Public Key Cryptography w/ JAVA (tutorial 10)

this is a pre-built version

of the application so let’s go ahead and run the server and two clients and this will be the server and this is

the first client and this one the second one and I put the test data that we will

be using in this file so this is for decimal test data and this is for

hexadecimal test data we’ll be using two curves for that scep 256k1 which is

used by Bitcoin and this other curve so we’ll start with running in ASCII mode

and in base 10 and will use this generator point and

this secret key and Bob will use this curve with this

generator point and let’s say we have this key so in ASCII mode we will not

be able to enter text so it should give an error if we do that so let’s enter

ascii so we’ll try to send this ascii message to Bob and will choose this

ephemeral key and let’s first try to sign it with an invalid key so Bob

realized that the message was not signed with Alice’s private key

he received the signed message and calculated w1 u1 u2 and the point P took

P of X which is v and checked if v is congruent to r in mode n and

determined that this message was not signed by Alice so now let’s go ahead

and send the same message with the same ephemeral key but this time sign it with

Alice’s private key so here we go the message was signed with Alice’s private

key so same thing he calculated w u1 u2 and the point P and took v and checked if it’s congruent to

r and this is the value of r now let’s say that Bob wants to send this

ascii message and let’s use this ephemeral key and his key that we chose was this

one 9 so here we go Alice determined that the

message was signed with Bob’s private key and Eve

can see all the communications so she has the domain parameters that Alice is

using so the curve and the generator point and she also have the domain parameters

that Bob is using also his curve and generator point and she can see

communication originating from Alice and from Bob but in order to sign those

messages as being Alice she needs to solve the ECDLP the

elliptic curve discrete logarithm problem and compute his or her private

key d or ephemeral key and same thing in the case of Bob to sign

messages as being Bob she need to solve his elliptic curve discrete logarithm

problem for his curve and compute his private key d or ephemeral key now before proceeding with the code

let’s do a quick summary so we have it setup here where Alice wants to send a

signed message to Bob so she selects the domain parameters the elliptic curve

coefficients a and b and prime number p and the generator point a for the

cyclic group with prime order n and then she picks the secret key d between 0 and

n and calculates the public key uppercase B where B is d hops from the generator

point A and she sends a b p n and the generator point uppercase A and the

public key uppercase B to Bob and then when she wants to send a message a sign

message to Bob she starts by picking an ephemeral key such that the ephemeral

key is between 0 and n and then she calculates the point R which is

ephemeral key hops from the generator point A and then she sets lowercase r to

the x-coordinate of this point r and then she calculates s which is congruent

to h of x or the hash of x plus d times r multiplied by the inverse of the

ephemeral key and all of that in mod n and she sends the message x and r

and s to Bob so the signed message and Bob has domain parameters for Alice and

he has her public key upper case B so he starts by calculating

w which is congruent to the inverse of s in mod n and then he calculates

u1 and u2 so u1 is congruent to w multiplied by h of x in mod n and u2 is

congruent to w multiplied by r in mod n and then he calculates the point P which

is u1 multiplied by the point A plus u2 multiplied by the point upper case

B and finally he validates the signature so if the x-coordinate of this point is

congruent to r from here in mod n than and we have a valid signature otherwise

we have an invalid signature I will start by creating a new project and here we will have one package

which will contain the server code and another one for the client code and we

will need to do JSON so we’ll pick up this jar from here and go to properties and Java build path and I put the test data that we

will be using in this file now on the server side we will have two classes a server class with a main method and a

server thread class which will extend from Thread and on the client side we will have four

classes a client class with a main method and a client thread class which will extend from thread and this

class will represent the elliptic curve and this one a point on the curve and we

will start from the server side and here we will have three instance

variables a server and a buffered reader and a print writer and we will

initialize those in the constructor which takes in a socket and a server and

uses the socket to initialize the buffered reader and the print writer and here this would be

the port that the server will be listening on and we will have a set of server

threads for the different clients that this server is interacting with and a

get method for that set and this method does message forwarding and we

will call it from here to forward messages from Alice to Bob or the other

way around and we will start by instantiating a server and a server

socket given the port number and indicate that Eve is eavesdropping on

all communications and while this server is up we will pick up or accept

connections from clients and dedicate a server thread for each connection and

put that server thread in the set of silver threads and call the

start Method on the thread which will end up triggering a call to this

run method when the operating system decides to do so so if the JSON message contains domain

parameters then we indicate that otherwise if it is a signed message

then we indicate that for Eve to sign messages as being that person she needs

to solve the elliptic curve discrete logarithm problem and compute the

private key d of that person that signed the message or the ephemeral key for

that message and this should do it for this class and next will do the client side and those are the x and y

coordinates for a point on the curve and we will initialize those in the

constructor and those are 2 get methods and this indicates if we are running in

ascii mode and this is used for testing purposes so we don’t do any hashing in

this mode for the message and this indicates what base the user enters

their numbers so either decimal or hexadecimal and this is the name for

this user and this is the name for the other user and we keep track of the

domain parameters that are used for this user

so the elliptic curve and the generator point and the domain parameters for the

other user also the elliptic curves that the other user is using to sign messages

with and his generator point and also his public key point and also we keep

track of the private key for this user and if we are ready to send and receive

messages and those are get and set methods and here we have a buffered

reader instance variable and a client instance variable and we initialize

those in the constructor which takes in a socket and a client instance and uses

the socket to initialize the buffered reader instance and for convenience we will

define those and we will keep track of the curve

coefficients a and b and the prime number p and number of points in the

cyclic group n and the cofactor h which is the order of the elliptic curve over n

and we will initialize those in the constructor and we will have those get

methods and this toString method that will print out y squared is congruent

to x cube plus the value of a x plus the value of b in mod the value of p and

here we indicate if we are running in ascii mode and what base the user

enters their numbers in and we instantiate a client and a socket and

for the purpose of this tutorial the server will be running on localhost and

listening on this port number and we instantiate a client thread and call the

start method on it which will end up triggering a call to this run method

when the operating system decides to do so and this method does pickup and

processing of user input given the base they enter their numbers in and we will

call it from here now we want to make sure that the elliptic curve entered by

the user is not singular so it satisfies this expression 4 a cube plus 27 b

squared is different than zero in mod p and this method will do that and it

will be called from here and we display this to the user in case

we have a singular elliptic curve so this method picks up the values of a b

p n and h from the user and this method checks to see if this point is on the

curve and we do that by making sure that y squared is congruent to x cube plus a x

plus b in mod p for the y-coordinate and the x-coordinate of this point

so here we have point G dot get y we multiply it by itself so y squared in

mod p if that equal to x cube plus a x plus b in mod p and this method initializes the domain parameters so we pick

up the elliptic curve by calling this method and we pick up a the generator point

from the user and make sure that that point is on

the curve otherwise we display this to the user

and here let’s define infinity as being this huge number and point at

infinity has infinity as its y-coordinate and we will have those

equals and toString methods so this returns the x and y coordinates in base

10 and this one in all bases including base 10 16 etc. and this

equals method checks to see if the passed in point is equal to this point and

this should do it for this class now going here let’s add this method that

checks to see if those two points are inverses of each other

so if they have the same x-coordinate and opposite y-coordinates with respect to the x-axis and those two

methods do point addition and doubling and those are the equations for point

addition and those are the ones for point doubling so the x and y

coordinates and the slope and we implement the addition equations here

and the doubling equation here and this method does multiplication using the

double and add algorithm so we do d hops from point G and we end up in

point T so we turn d into binary and we go through each bit in that

binary string and if that bit is equal to one then we do an addition after

doing a point doubling and this should do it for this class so now we can go

here and add this method so we first pick up the private key for

this user and we use it to calculate the public key starting from the generator

point and we send the domain parameters and the public key in a JSON object and

we call the init domain parameters and the calculate public key from this

method and we will have this method that picks up hashes signs and sends

messages and we will call it from here and this method does message hashing and we call it from this method

handle message hashing and this is the code that picks up by the message and

hashes it and this method picks up the ephemeral key and we will call it from here and this method picks up the signing key

from the user and those two methods calculate r and s and this

method sends the signed message as a JSON object so x r and s and we will call those methods from here so after picking up the ephemeral key we

use it to calculate r then we calculate s and send the signed

message so this should do it for this class now going here we will have those

two methods this one to display the calculations and this one to validate

the message and this one receives the message so it calculates r and s and w and it displays the calculations and

validates the message and this one obtains the message hash

and we call those from here so here we are picking up the domain

parameters that the other user is using to sign messages and here we are

receiving the signed message so we call obtain message hash and receive the

message and this should do it for this class and finally let’s go head and test

run the application but before doing that let’s change this and we will have a server and two

clients and this will be the server and this is

the first client and this one the second one so we’ll have Alice here and she will

be using secp256k1 curve so let’s copy this with this generator point and let’s say she will use this secret

key and Bob will use this curve secp384 so let’s copy this and this generator point and let’s say he will use this as his

secret key and let’s have Alice try to send this message

so she hashes it this is the hash and let’s say she picks this ephemeral key and let’s have her use a wrong key so we

added 7 so Bob realize that the message was not signed with Alice’s private key

so he calculates the hash and this is the same as the hash for Alice and then

he calculates w u1 u2 and the point P and he checks if v is congruent to r in

mod n so now let’s do the same thing send the same message and same ephemeral key and this time enter the right secret key for Alice so here we go so Bob validates the

message and he determines that it was signed with Alice’s private key and

let’s have Bob send this message to Alice so he hashes it and maybe he chooses this ephemeral key

and his key that he chose was this one so Alice validates the message and

determines that it was signed with Bob’s private key and Eve can see all the

communications so now she has Alice’s domain parameters the curve and the

generator point and Bob’s domain parameter the curve and the generator point and she can see messages signed messages originating from Alice and from Bob and in order to sign any message as

originating from Alice or Bob she needs to solve the elliptic curve

discrete logarithm problem and compute Alice’s private key d or the

ephemeral key of that message and same thing in Bob’s case

Elliptic Curve Diffie–Hellman key exchange (ECDH) @ https://youtu.be/JlmA9JG7kwY

Elliptic Curve Cryptography (ECC) @ https://youtu.be/lRY8ZDek8R0

Digital Signature Algorithm (DSA) @ https://youtu.be/hOFv79Fs5As

derive equations For point addition & point doubling @ https://youtu.be/ImEIf-9LQwg

ECDSA – R, S and Z values from Nested SegWit (P2SH) Transaction – how to find them?