NAME

Crypt::ECDSA -- Elliptical Cryptography Digital Signature Algorithm

DESCRIPTION

Implements the pending FIPS 186-3 ECDSA standard for digital signatures using
elliptical key crytography.  Like FIPS 186-3, this is preliminary-- not yet 
ready for full use.  It does contain a working implementation of the elliptical 
key crypto found in the current 186-2 standard.

SYNOPSIS

my $ecdsa = Crypt::ECDSA->new( standard => 'ECP-256' );

my $msg = "This is a test message fpr perl ecdsa."

my ( $r, $s ) = ecdsa->signature( message => message );

my $verify_ok = $ecdsa->verify( r => $r, 's' => $s, message => $msg );

METHODS

new

Create an ECDSA object.

Arguments include:

standard => curve type, one of 'ECP-192', 'ECP-224', 'ECP-256', 'ECP-384',
  'ECP-521', 'EC2N-163', 'EC2N-233', 'EC2N-283', 'EC2N-409', 'EC2N-571',
  
algorithm => $algo,  where $algo is a Digest::SHA interface compatible object,
  which defaults to Digest::SHA(1) which does SHA-1 digests for ECDSA.
  
.. and other arguments, used as per Crypt::ECDSA::Key.

);

key

get the key object for this curve

errstr

get the last internal error message

keygen

make a new private/ public key pair

make_text_digest

make a text digest

signature

sign a message as message => message or a digest as hash => $hash

sign

sign is a synonym for signature

verify_public_key

verify a public key point asa in tthe Crypt::ECDSA::Key method 

verify

verify as message given  r, s, and either message or its hash

NOTES

See FIPS 186-3, draft standard Note the use of SHA-1 hashing is becoming deprecated, but is still the default. SHA-256 hashing may be used instead of SHA-1 when practicable.

See also http://en.wikipedia.org/wiki/Elliptic_Curve_DSA, quoted below:

Signature generation algorithm

Suppose Alice wants to send a signed message to Bob. 
Initially, the curve parameters (q,FR,a,b,G,n,h) must be agreed upon. 
Also, Alice must have a key pair suitable for elliptic curve cryptography, 
consisting of a private key dA (a randomly selected integer in the 
interval [1,n ? 1]) and a public key QA (where QA = dAG).

For Alice to sign a message m, she follows these steps:

 1. Calculate e = HASH(m), where HASH is a cryptographic hash function, such as SHA-1.
 2. Select a random integer k from [1,n ? 1].
 3. Calculate r = x1(mod n), where (x1,y1) = kG. If r = 0, go back to step 2.
 4. Calculate s = k ? 1(e + dAr)(mod n). If s = 0, go back to step 2.
 5. The signature is the pair (r,s).

Signature verification algorithm

For Bob to authenticate Alice's signature, he must have a copy of her 
public key QA. He follows these steps:

 1. Verify that r and s are integers in [1,n ? 1]. If not, the signature is invalid.
 2. Calculate e = HASH(m), where HASH is the same function used in the signature generation.
 3. Calculate w = s ? 1(mod n).
 4. Calculate u1 = ew(mod n) and u2 = rw(mod n).
 5. Calculate (x1,y1) = u1G + u2QA.
 6. The signature is valid if x1 = r(mod n), invalid otherwise.

TODO

With the GMP library installed for Math::BigInt::GMP, this module is fast enough for 
many purposes.  For others (high volume servers) some of its routines would benefit from 
the speed boost of a rewrite in XS, if there is demand for this.

AUTHOR

William Herrera (wherrera@skylightview.com)

COPYRIGHT

 Copyright (C) 2007 William Hererra.  All Rights Reserved.

 This module is free software; you can redistribute it and/or modify it
 under the same terms as Perl itself.