Using the Elliptic Curve Digital Signature Algorithm effectively

Bernhard Linke, Maxim Integrated
embedded.com (February 02, 2014)

Manufacturers of nearly all equipment types need to protect their products against the counterfeit components that aftermarket companies will attempt to introduce into the OEM supply chain. Secure authentication provides a strong electronic solution to address this threat.

Traditionally, authentication systems have relied on symmetric algorithms such as secure hash algorithms [1] that require secret keys. The management and protection of the secret keys, however, can be challenging. A welcome alternative to this logistics problem is elliptic curve cryptography (ECC), where all participating devices have a pair of keys called “private key” and “public key.”

The private key is used by the originator to sign a message, and the recipient uses the originator’s public key to verify the authenticity of the signature. If a message is modified on its way to the recipient, the signature verification fails because the original signature is not valid for the modified message. The Digital Signature Standard (DSS), issued by the National Institute of Standards and Technology (NIST), specifies suitable elliptic curves, the computation of key pairs, and digital signatures.[2]

This article discusses the Elliptic Curve Digital Signature Algorithm (ECDSA) and shows how the method can be used in practice.

To read the full article, click here