Bitcoin Forum
May 10, 2024, 08:12:07 AM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Bitcoin > Development & Technical Discussion > ECDSA signature verification requires an unnecessary modular inversion
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: ECDSA signature verification requires an unnecessary modular inversion  (Read 1517 times)
ByteCoin (OP)
Sr. Member
****
expert
Offline Offline

Activity: 416
Merit: 277


View Profile
April 20, 2011, 01:14:56 PM
 #1
Using the notation in the ECDSA wikipedia article http://en.wikipedia.org/wiki/ECDSA
An ECDSA signature is (r,s).
When verifying the signature, one of the first things calculated is the modular inverse of "s" and "s" is not otherwise used.
Since the signature is generated once and verified thousands of times (at least once by each client) , why isn't the signature (r, inverse(s)) instead?

This would save one inversion per verification.
On the signing side, if you look at the way s is calculated, inverse(s) could be calculated just as quickly. Instead of inverting the random k parameter you'd invert z+rd

Is there something I'm missing? Did they really just overlook this?

ByteCoin
Pages: [1]
  Print  
Bitcoin Forum > Bitcoin > Development & Technical Discussion > ECDSA signature verification requires an unnecessary modular inversion
« previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!