Unlocking the Power of Digital Signature Legitimateness for R&D in Australia

How to eSign a document: digital signature legitimateness for R&D in Australia

So let's look at what a digital  signature actually looks like.   For a digital signature we want Bob to prove that  he has digitally signed a message to Alice, and for   Alice to prove that that message has been signed  only by him, and also that it hasn't been changed.   So one of the most common formats that we get  for our signatures is to generate the values of   r and s. We'll try to outline how these  values are generated and then the format   of them and give a few examples of how we can  create some code to be able to to read them okay so what we have with our digital signatures  is that we have bob and we have alice uh here   So, Bob will have his private key   here and we'll also have his public key. So here is his public key. Alice   can also have her own keys but in this case  all we really want to do is to prove that   Bob has signed a message with his private key  so if we take the message here here we are   and what we normally do is take a hash  of the message and then we apply our   private key on to produce a signature so in  this case we will create our signature here   and the signature we create is an r and an s value  so we have the private key we have the message and   then often we have a random value of k - also called  the nonce value - which goes into produce (r,s)  so then Bob sends the message over to Alice also  sends the r and the s value and then she will use   Bob's public key to do a check on the message or  the signature should take a hash of the message   she'll then take Bob's public key and then  check the r and s values she doesn't need   the k value (the nonce value) that was used  to randomize the (r,s) values all she needs is the r   and the s value, the public key from Bob and the  message and if things check out then everything is   fine. So later on we'll have a look at  how we can actually support the (r,s) value as a   signature so that Alice can can read it the  two main methods that are used for this are ECDSA - elliptic curve digital signature algorithm  - or we can use DSS this one uses RSA to be able   to sign the message where we sign with an RSA  private key and we will proven with the public key   more common these days is to use elliptic curve  methods rather than to use RSA leads to very   big long keys typically 2Kbit and even up to 4Kbit  where here we often just have 256-bit the keys   the way the elliptic curve works is  that we have our elliptic curve method   and one of the most basic is in this form here  (mod p). So we specify our elliptic curve with   an a value, a b value, and a p value [y^2 = x^3 + ax +b (mod p)] we also define n the order and n is the total number of points on   the curve so in a continuous form it looks  like this graph here but obviously if we're   using discrete points such as with the (mod p) we  end up with scattered points but basically what   we have is that on archive we have a G value  and G is the base point it is the point that   we can start our operations and then we work  out our private key which is a random value if   we're using a 256-bit curve such as secp256k1  then we have a 256-bit value we then multiply   our base point with the scalar value which  is pk 256 bits this operation is basically   we add g lots of times we add a pk time so it's  G plus G plus G so on until we get the point   pk and it's quite an efficient operation an  elliptic curve so our public key sorry this is   our secret key that should be sk there our secret  key is our private key and our public key pk   is sk times g and this is a point so if this  is 256 bits and a 256-bit curve this is 512   bits because it's an (x,y) point on the curve there  are some curves that would we ignore the y value   such as Curve 25519 and Curve 448 and we only  deal with the x value but in most other curves   are standard cards we use the x and the y point so  our public key becomes an (x,y) point when we create   our signature we create integer values as the  same size as our base curve so typical curves that   we have here as the one that's used in bitcoin  except 256k1 we might also have one of the nist   defined curves 256 or P192 the 192 identifies  the number of bits that we're going to be using   and that will define the size of the r and the  s value that we have the public key as i said   will be double that size because it has an x and  y coordinate okay so that's the two main methods   we'll look mainly at ECDSA in this presentation okay so here's the basic method that we're  going to use bob generates a random value   let's say it's 256 but the random value that is  his private key he then generates the public key   from this by taking the base point and multiplying  it by his privilege key his private key   to give his public key so that's pk and  that's sk there he takes the message   he hashes the message here then takes a random  value k and produces a point r which is k times g   we only typically need the x coordinate of the  r value so although that's a coordinate point   for the r value that we'll create we would  just take the x coordinate from it and then   bob calculates k to the minus one let's see  that's mod n n is the order the inverse of k   mod n which is our standard operation and then  that's multiplied by the hash of the message   plus r times the secret key gives us the  value of s we then create that as a signature   value as two integers r and s so how does  Alice then check that okay so basically Bob will send over his private  key we'll send the message over   and then from these from the r and the s value  we want Alice to be able to validate that so   initially Alice takes a hash of the message  then takes the s value and works at the inverse   mod of n the inverse of s mod n to give the c  value then take the hash value that we calculated   here multiply by the c value mod n and then  for the second value we will take the r   value and the c value mod m we then work at  a new point on the elliptic curve which is   u1 times G and u2 times the public key of bob  and then if that point is equal to the x-value   then the signature is correct. So in this  way we can actually validate that Bob   signed it using the public key using the  message and using the r and the s value so we can use lots of different curves if  we want the NIST P-256, P-192.   P-512. if we want even more security  and secp256k1 is used with bitcoin   so here's an example of some signatures that  we have. Here's the private key remember that's   a scalar value in this case we're using  256 bits so that's a 256 bit key here   and so the public key is an x y point is the  base point the base point is here multiplied   by the private key to give us the public key. So this is Bob's private key and bob's public key   it will then take the message and in  this case the message is just "hello"   it would then use the uh the method that we showed  to be able to generate an r and less value here   here's the values here as numbers but we can see  we also define it in terms of signature you can   identify this because it's starting with a 30 as we'll see later. So here are these   are some examples so we just run a few more and  we can select different types of curves so we'll   select this one here and we can see here there's  the base point on this curve there is the private   key there's the public key and we eventually  validate that this is true there's a signature   and they are in the s value and we'll do a quick  check there so the code if you're interested is   is here and this allows us to be able to generate  this uh signature but you can see there are many   different ways that we could actually perform this  including the brain pool methods and this one here okay so the way that we translate so we can  have a problem in that when that we want to   make sure that uh every machine can read  this no matter what type of computer it is   so we encapsulate the two integer values into  what's called the der format and this is an   encoding format which you can encapsulate  virtually any type of of value within it   in this in its base form it's a  binary format and we have hexadecimal   sequences for the the byte values so hexadecimal  30 identifies a sequence or something is coming   later 0 3 identifies a better ray and 0 to  identify as an integer in this case the r and   the s value will be represented in as 02 or as  integers. So here's a signature that we saw earlier   and there so what we want to be able to do  is to interpret that hexadecimal stream and   to be able to work out the values of r and s and  then so the first thing we come across is the 30   and then the next number is the  number of bytes that will follow   okay so there should be 35 bytes  after this to to be able to identify the values coming next. The next value after the  length is the identify the tag identifier for   the type so in this case, it's 02 which is an  integer and then we identify there are 19 bytes   that follow there remember it's 19 hexadecimal  so 19 hexadecimal comes out as a 25 in decimal   which means there are 25 bytes after that   then we get after the 25 bytes we get 02 and then  18 hexadecimal is 24. so the value here is the s   value and the value here is the r  value the r value and the s value   we can see here there's zero zero so we can  ignore them so both are off length 24 bytes   24 bytes if we multiply up by 8 gives us 192 bits  and that fits our curve because this is curve 192   which is 192-bit curve if we take another example  and this time we've got 256 bit curve using the   bitcoin curve and here's the signature that we  might have maybe someone's making a transaction   for us signing it with the private key and then  we'll be able to prove it with this rs signature   and the public key so we'll parse again there are  46 x 46 bytes after this we then hit a zero two   there it's there and then 21 hex defines the  number of bytes that come after it and that is 21   is actually 33 bytes but we can see we've  got one off there so we end up with 32 bytes   of the r value then we get a 0 2 the 02 is here  and then this is the s value that comes along here   21 bytes 21 hex bytes which is 32 bytes gives us  the s value here so that's 32 bytes long or 256   bits that gives us our r and our s value here  okay so here's an example here with a pm format   and we can easily interpret that we can see the  first thing we come across is the 30 followed   by the zero two and then our value here is an  integer then a value here is another uh integer   if we want we can compartmentalize that  into Base64 signatures we have here so let's have   a look at the code which does that so we can  take an example here so we'll try this one here   there's a pm and there's the r value and the s  value and in there so the code itself is    an ASN.1 reader and it will go through  until it finds the the right tags for that one   so of course we're dealing with a zero two so  we'll interpret the zero two to be able to   give us our our values and these are some of the  definitions that we have for for that uh format   in them but we'll have a look at this code here  and we'll just run an example here so there's the   code and we'll see if we can define another curve  just to test and this is the we'll go for this 160 value so we can basically just copy-and-paste that   put it in there and then run it through and  hopefully that will work for us. So there's the   r value and there's the s value in this digital   signature okay so that's been an outline of using   the r and the s value and how we can create our  signature and then in a DER format. Thank you