[openssl-users] ECDSA with random number

Thulasi Goriparthi thulasi.goriparthi at gmail.com
Thu May 7 10:27:56 UTC 2015

Hi Piotr,

As you have found out, choosing the per message random number in ECDSA
signature is crucial for the security of private key.

Leaving this responsibility on users is dangerous. This is the reason you
won't find any crypto API to feed the random number for ECDSA signature.

If you want to see how ECDSA is implemented, refer crypto/ecdsa/ecs_ossl.c.

Signature is generated in the following two steps.

-- chooses the random number (k) and generates the first part of the ECDSA
signature (r).
-- returns inverse of k(required to generate second part of signature) and r

-- uses k inverse and r (received from ecdsa_sign_setup) to generate the
second part of the signature(s).


On 7 May 2015 at 13:58, Piotr Łobacz <piotr.lobacz at radmor.com.pl> wrote:

> As in the subject is it possible to generate signature with given random
> number? According to the documentation of ECDSA uses RNG so it would be
> difficult to find out private key from signature but i want just to test
> my data to check if signature is being generated properly and i have'nt
> found any possible place where i would be able to pass random value. Any
> ideas?
> --
> ________________________________________________________________________
> Piotr Łobacz
> Biuro Systemów i Oprogramowania
> tel. (58) 6996 929
> e-mail: piotr.lobacz at radmor.com.pl
> www.radmor.com.pl
> RADMOR S.A., ul. Hutnicza 3, 81-212 Gdynia
> NIP: 586-010-21-39
> REGON: 190432077
> KRS: 0000074029 (Sąd Rejonowy Gdańsk-Północ w Gdańsku)
> Kapitał zakładowy wpłacony: 9 282 830 PLN
> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150507/03d473c0/attachment.html>

More information about the openssl-users mailing list