ECDSA (Elliptic Curve Digital Signature Algorithm)

ECDSA (Elliptic Curve Digital Signature Algorithm) is a variant of DSA using elliptic curve cryptography. It provides the same security level as RSA with much smaller keys, making it popular for resource-constrained environments and modern protocols.

Key Size Comparison

Security Level    ECDSA     RSA
80-bit           160-bit    1024-bit
112-bit          224-bit    2048-bit
128-bit          256-bit    3072-bit
192-bit          384-bit    7680-bit
256-bit          512-bit    15360-bit

Common Curves

• P-256 (secp256r1): NIST standard, widely used
• P-384 (secp384r1): Higher security
• P-521 (secp521r1): Maximum security
• secp256k1: Bitcoin/Ethereum

JWT Usage

// JWT algorithms using ECDSA
ES256: ECDSA with P-256 and SHA-256
ES384: ECDSA with P-384 and SHA-384
ES512: ECDSA with P-521 and SHA-512

Critical Vulnerability: Nonce Reuse

// ECDSA requires unique random nonce (k) for each signature
// If same k used twice:
// Private key can be computed!

// This broke PlayStation 3 security
// Also: Sony used same k for ALL signatures

Security Considerations

• Nonce MUST be unique and secret for each signature
• Use RFC 6979 for deterministic nonce generation
• Validate curve parameters (twist attacks)
• Be aware of side-channel attacks

See Also

• EdDSA
• RSA Cryptography
• JSON Web Signature (JWS)