BER (Basic Encoding Rules) encoding in a Bitcoin example

30.09.2024

Using BER-Encoded ECDSA Signatures in Bitcoin

The Elliptic Curve Digital Signature Algorithm (ECDSA) is the primary mechanism for ensuring transaction security in the Bitcoin cryptocurrency. It allows users to confirm their identity and data integrity, providing protection against counterfeiting and fraud. An important aspect of the ECDSA implementation is the use of a data encoding format such as BER (Basic Encoding Rules). This article discusses the principles of ECDSA, the features of BER encoding, and their impact on the security of the Bitcoin cryptocurrency.

ECDSA Basics

ECDSA is an algorithm that uses elliptic curves to create digital signatures. It involves three main steps: key generation, signature creation, and signature verification.

  1. Key generation :
  • The secret key is chosen randomly from a finite field, and the public key is calculated using a point on the elliptic curve.
  1. Creating a signature :
  • To sign a message, a random number (nonce) is generated and used to calculate the values ​​of ”r” and ”s”.
  • The signature is represented as a pair of values ​​”(r, s)”.
  1. Checking signatures :
  • Verification involves using the public key to confirm that the signature matches the message and whether it was signed using the corresponding private key.

BER encoding

The BER (Basic Encoding Rules) format is one of the data encoding methods used to represent structured data in binary form. In the context of ECDSA, the BER format is used to encode signatures and other parameters.

  • Data Structure : An ECDSA signature encoded in BER format includes ”r” and ”s” values, which are integers. These values ​​must be represented in a specific format to be processed correctly.
  • Advantages : Using the BER format allows for compatibility between different systems and programs that may use different ECDSA implementations.

Vulnerabilities and risks

Despite the advantages of using the BER format, there are certain vulnerabilities:

  1. Malleable Signatures:
  • The Malleable Signatures vulnerability allows attackers to change the ”r” and ”s” values ​​in a signature without invalidating it. This can lead to fraudulent transactions and double spending.
  1. Deserialization errors :
  • Incorrect handling of data during deserialization may result in invalid values ​​being accepted by the system as valid signatures.
  1. Timing-based attacks :
  • Attackers can exploit time delays in signature processing to extract information about private keys.

Examples of use in Bitcoin

In Bitcoin, ECDSA is used to ensure transaction security. Every time a user sends funds, a digital signature is created using their private key. The signature is then BER encoded before being sent to the network.

  • Transactions : When a transaction is created, the ” r ” and ” s ” values ​​are included in the transaction data along with the sender’s public key.
  • Verification : Bitcoin network nodes verify the signature before including a transaction in the blockchain, thus ensuring the integrity of the network.

Conclusion

The use of ECDSA signatures encoded in BER format plays an important role in ensuring the security of Bitcoin transactions. Despite existing vulnerabilities such as Malleable Signatures and deserialization errors, the correct implementation of the algorithm and encoding format can significantly increase the level of security of cryptocurrency transactions. Constant attention to security issues and updating protocols are necessary conditions for protecting users and maintaining trust in cryptocurrencies.

Citations:
[1] https://forum.bits.media/index.php
[2] https://ru.wikipedia.org/wiki/ECDSA
[3] https://infostart.ru/1c/tools/1252980/
[4] https://habr.com/ru/articles/675918/
[5] https://habr.com/ru/articles/829172/
[6] https://habr.com/ru/articles/817237/
[7] https://pikabu.ru/story/uyazvimost_deserializesignature_v_seti_bitkoin_kriptoanaliz_posledstviya_i_vozmozhnost_sozdaniya_nedeystvitelnyikh_podpisey_ecdsa_11454555
[8] https://www.protokols.ru/WP/rfc3852/