Elliptic Curve Cryptography (ECC) is a public key cryptography Method Based on Elliptic Curve mathematics. The use of elliptic curves in cryptography was independently proposed by Neal koblitz and Victor Miller in 1985.
Elliptic SignatureAlgorithmMicrosoft should be the first to use software protection. The 25-bit serial number we usually use is based on the elliptical signature algorithm. In theory, the elliptic signature algorithm is hard to crack, because... (Omitted. If you are interested, please refer to the introduction to ECC encryption algorithms .)Article). However, due to the length of the serial number, Microsoft can only calculate the private key using brute force because the length of the signature is only 62bit. The number calculator we used is like this.
Definition:
Elliptic Curve Ep = (P, A, B, G, N, H)
P, A, and B are used to determine the curve. G is the base point, and N is the order of point G. H is the number of all points on the elliptic curve. M is an integer part of the Division of N.
Signature process
1. Select an elliptic curve EP (a, B), and base point G.
2. Select the private key K (k <n, n is the order of G), and use the base point G to calculate the public key K = kg
3. Take a random integer r (r <n) and calculate the vertex R = RG.
4. Calculate the feature information and the hash value of R, that is, hash = Sha (data, x, y)
5. Calculate sig ≡ R-Hash * K (mod N)
6. Generate serial numbers using sig and hash (for example, base24 encoding)
Verification process
1. Extract sig and hash from the serial number
2. calculate R ≡ sig * g + hash * K (mod P)
3. Calculate the feature information and the hash value of R, that is, H = Sha (data, x, y)
4. Compare H and hash
In fact, the above process is elliptic curve DSA (ECDSA ).
Well, let's get down to the point. How do we use the elliptic signature algorithm in C?
In. net3.5, Microsoft providesEcdsacngClass, but the limitation is that it can only be used on the Vista system. In addition, Microsoft's implementation determines the elliptic curve parameters (ecdsap256, ecdsap384, ecdsap521) for us in advance ), we cannot use our own parameters. AboutEcdsacngThe usage of the class has been introduced, and it is also described in msdn. Here I want to talk about how to use a third-party class library.
The third-party Encryption Class Library introduced here is bcccrypto (http://www.bouncycastle.org/csharp/), the current version is 1.4, tested relatively stable.
Signature
Code
1 // Generate r = r * g
2 Tbcryptobiginteger R = Null ;
3 Random random = New Securerandom ();
4 Do // Generate R
5 {
6 R = New Tbcryptobiginteger ( This . Ecdomainpnkkey. N. bitlength, random );
7 }
8 While (R. signvalue = 0 );
9 Ecpoint R = This . Ecdomainpdxkey. G. Multiply (R );
10 // Hash = sha1 (data, RX, ry)
11 String Hashstr = Sha1 ( 31 , Rawkeybytes, R. X. tobiginteger (). tobytearray (), R. Y. tobiginteger (). tobytearray ());
12 Tbcryptobiginteger hashint = New Tbcryptobiginteger (hashstr, 2 );
13 // Sig = r-Hash * D (mod N)
14 Tbcryptobiginteger SIG = R. Subtract (hashint. Multiply ( This . Ecdcdkey). Mod ( This . Ecdomainpnkkey. N );
Verify
Code
1 // Verify signature
2 X9ecparameters ECPS = X962namedcurves. getbyoid (x9objectidentifiers. prime256v1 );
3 Ecpublickeyparameters PK = New Ecpublickeyparameters ( " ECDSA " ,
4 ECPS. curve. decodepoint (Hex. Decode (keyattribute. getkey (type. Assembly ))),
5 New Ecdomainparameters (ECPS. curve, ECPS. G, ECPS. N, ECPS. h ));
6 Isigner s = Signerutilities. getsigner ( " ECDSA " );
7 S. INIT ( False , PK );
8 S. blockupdate (bytes, 0 , Datalen );
9 If (S. verifysignature (SIG ))
10 {
11 This . Data = New Byte [Datalen];
12 Array. Copy (bytes, 0 , This . Data, 0 , Data. Length );
13 }
In addition, for base24 and big integers, you can refer to the articles in the garden.