Related Tags

cryptography
encryption
cyber security
python

# How to verify Digital Signature in Python using ecdsa SigningKey

Abdul Monum

Python’s ecdsa library provides an easy to use implementation of ECDSA (Elliptic Curve Digital Signature Algorithm). With ecdsa, we can easily generate public and private key pairs, sign digital messages, and verify the integrity of digital messages. The library can be installed using the following pip command:

pip install ecdsa


## Digital signatures

Digital Signature is an asymmetric cryptographic technique that is used to validate the authenticity of digital messages or documents. It uses the concept of public/private key pairs where the two keys are mathematically linked which provides security properties superior to handwritten signatures. The person who signs a digital document or message uses their private key, and the only way to decrypt the signature is to use the same person’s public key. If we successfully decrypt the digital message using the person’s public key, it is mathematically proven that the same person signed the message. Digital Signatures play an important role in cryptocurrency.

## Verifying a digital signature

from ecdsa import SigningKey
private_key = SigningKey.generate() # uses NIST192p
signature = private_key.sign(b"Educative authorizes this shot")
print(signature)
public_key = private_key.verifying_key
print("Verified:", public_key.verify(signature, b"Educative authorizes this shot"))

In the above example, we first import the SigningKey object from the ecdsa library. The generate() method of SigningKey creates a private key for us. By default, the generate() method uses NIST192p curve. If you want to use a longer curve that provides more security, you can add the parameter curve=<curvename> in the generate() method. We then use the sign() accessible to private_key to sign any digital data as a byte string and get back a digital signature (also a byte string).

Now, we can use the verifying_key method of private_key that returns its mathematically linked key which we store in public_key. Finally, the verify method accessible to public_key is used to verify the digital signature by passing the signature and the byte string of original digital data.

RELATED TAGS

cryptography
encryption
cyber security
python

CONTRIBUTOR

Abdul Monum