Enhancing Elliptic Curve Digital Signature Algorithm (ECDSA) For the Implementation of Digitally Signed Emails

Abstract

This study focuses on enhancing the Elliptic Curve Digital Signature Algorithm (ECDSA) for the implementation of digitally signed emails. ECDSA faces vulnerabilities due to weak elliptic parameters, random number generation flaws, and reliance on insecure hash functions. To address these issues, the study proposes a three-pronged approach: first, strengthening elliptic curve parameters to guard against brute force and invalid curve attacks; second, replacing random number generation with a deterministic nonce mechanism using SHA-256 to prevent private key leakage; and third, implementing SHA-256 as a secure hash function to resist collision attacks and improve signature integrity. These enhancements aim to create a more robust and reliable framework for securing email communications. The study is conducted in a simulated environment using Python, with a focus on ensuring practical improvements in ECDSA’s security for academic settings.