What is ECDSA and how does it work?

ECDSA (Elliptic Curve Digital Signature Algorithm) is a cryptographic algorithm that uses elliptic curve cryptography to create digital signatures. It provides the same security level as RSA but with smaller key sizes, making it more efficient for resource-constrained environments.

Which curve does Bitcoin use for signatures?

Bitcoin uses the secp256k1 curve for ECDSA signatures. This curve was chosen for its specific properties that make it slightly faster than other curves, and because it was constructed in a predictable way that reduces the risk of backdoors.

What is the difference between secp256k1 and secp256r1 (P-256)?

Both are 256-bit elliptic curves, but secp256k1 uses Koblitz curve parameters while secp256r1 (P-256) uses random parameters. secp256k1 is used by Bitcoin and Ethereum, while P-256 is the NIST standard widely used in TLS and other protocols.

How do I verify an ECDSA signature?

To verify an ECDSA signature, you need: 1) The original message, 2) The signature (Base64 encoded), and 3) The EC public key in PEM format. Select 'Verify Signature' mode, enter these inputs, and the tool will confirm if the signature is valid.

What key format does this tool use?

This tool uses PEM format for both private and public keys. EC private keys are in SEC 1 format (BEGIN EC PRIVATE KEY), and public keys are in X.509 SubjectPublicKeyInfo format (BEGIN PUBLIC KEY).

ECDSA Sign & Verify

By Anish Nath - Security Engineer & Cryptography Expert | @anish2good | Last Updated: January 23, 2025

Privacy-First No Keys Stored 100% Free

Generate EC Key Pair

EC Curve:

Sign / Verify Configuration

Operation Mode

Sign Message Verify Signature

EC Private Key (for signing) PEM format (BEGIN EC PRIVATE KEY)

EC Public Key (for verification) PEM format (BEGIN PUBLIC KEY)

Message

Signature (Base64)

Output

Signature output will appear here

Enter a message and click "Generate Signature" or "Verify Signature"

How to Use:

Generate Keys: Select an EC curve and click Submit to generate a new key pair
Sign: Select "Generate Signature", enter your message, and submit
Verify: Select "Verify Signature", enter message, signature, and public key

Related Cryptography Tools

Support This Free Tool

Every coffee helps keep the servers running. Every book sale funds the next tool I'm dreaming up. You're not just supporting a site — you're helping me build what developers actually need.

500K+ users

200+ tools

100% private

☕ One-time support Buy me a coffee 📚 Learn & support 9-Book Bundle - $9 Stay updated Follow @anish2good

Privacy Guarantee: Private keys you enter or generate are never stored on our servers. All tools are served over HTTPS.

Understanding ECDSA

Elliptic Curve Digital Signature Algorithm (ECDSA) is a cryptographic algorithm used to ensure that data can only be signed by its rightful owners. It's widely used in cryptocurrencies like Bitcoin and Ethereum, as well as TLS/SSL, SSH, and secure messaging protocols.

What is ECDSA?

ECDSA is a variant of the Digital Signature Algorithm (DSA) that uses elliptic curve cryptography. It provides the same level of security as RSA but with significantly smaller key sizes, making it more efficient for:

Mobile devices - Less computational power required
IoT devices - Smaller memory footprint
Blockchain - Faster transaction verification
TLS handshakes - Reduced bandwidth and latency

How ECDSA Works

Signing Process

Hash the message using SHA-256 (or similar)
Generate a random number k (critical for security)
Calculate point R = k × G on the curve
Calculate r = R.x mod n
Calculate s = k⁻¹(hash + r × privateKey) mod n
Signature is the pair (r, s)

Verification Process

Hash the message using the same algorithm
Calculate w = s⁻¹ mod n
Calculate u1 = hash × w mod n
Calculate u2 = r × w mod n
Calculate point P = u1 × G + u2 × PublicKey
Signature valid if P.x mod n == r

Key Concepts

Private Key

A secret 256-bit integer known only to the owner. Used to generate signatures. In Bitcoin, this is derived from a random number. Must be kept absolutely secret.

Public Key

Derived from the private key using elliptic curve point multiplication: PublicKey = privateKey × G. Can be shared publicly and used to verify signatures.

Signature

Proves that the signer has the private key without revealing it. Consists of two values (r, s) typically encoded as DER format or concatenated raw bytes.

ECDSA vs RSA

Feature	ECDSA (256-bit)	RSA (3072-bit)	Winner
Security Level	128-bit	128-bit	Tie
Key Size	256 bits (32 bytes)	3072 bits (384 bytes)	ECDSA
Signature Size	64 bytes	384 bytes	ECDSA
Sign Speed	Fast	Slow	ECDSA
Verify Speed	Moderate	Fast	RSA
Adoption	Growing (TLS 1.3, Bitcoin)	Legacy (widespread)	Depends

Popular EC Curves

Curve	Bits	Security	Usage	Notes
`secp256k1`	256	128-bit	Bitcoin, Ethereum, Litecoin	Koblitz curve, efficient for verification
`P-256 (secp256r1)`	256	128-bit	TLS, WebAuthn, FIDO2, Apple	NIST standard, most widely supported
`P-384 (secp384r1)`	384	192-bit	Government, NSA Suite B	Required for TOP SECRET classification
`P-521 (secp521r1)`	521	256-bit	High-security applications	Maximum NIST curve security
`Ed25519`	256	128-bit	SSH, Signal, Tor	EdDSA variant, deterministic signatures
`brainpoolP256r1`	256	128-bit	European standards, German BSI	Alternative to NIST curves

Real-World Applications

Cryptocurrency

Bitcoin, Ethereum use ECDSA for transaction signing

TLS/SSL

HTTPS certificates and key exchange

SSH

Secure shell authentication keys

Mobile Auth

FIDO2, WebAuthn, passkeys

OpenSSL Commands

# List available curves
openssl ecparam -list_curves

# Generate EC key pair (secp256k1 for Bitcoin compatibility)
openssl ecparam -name secp256k1 -genkey -noout -out ec-private.pem

# Extract public key
openssl ec -in ec-private.pem -pubout -out ec-public.pem

# View key details
openssl ec -in ec-private.pem -text -noout

# Sign a message (creates binary signature)
openssl dgst -sha256 -sign ec-private.pem -out signature.bin message.txt

# Convert signature to Base64
base64 signature.bin > signature.b64

# Verify signature
openssl dgst -sha256 -verify ec-public.pem -signature signature.bin message.txt

# Generate key for P-256 (NIST) curve
openssl ecparam -name prime256v1 -genkey -noout -out p256-key.pem

Security Best Practices

DON'T:

Never reuse the random nonce k - leads to private key recovery
Never share your private key
Don't use weak random number generators
Don't ignore signature malleability in blockchain apps
Don't use deprecated curves (e.g., secp112r1)

DO:

Use deterministic signatures (RFC 6979) when possible
Use well-tested cryptographic libraries
Verify signatures before trusting data
Use curves with at least 256-bit security
Keep private keys in secure hardware (HSM) when possible

Critical Security Note: The security of ECDSA depends entirely on the randomness of the nonce k. In 2010, Sony's PlayStation 3 private key was compromised because they used the same k value for multiple signatures. Always use cryptographically secure random number generators or deterministic signature schemes (RFC 6979).

ECDSA Sign & Verify

Generate EC Key Pair

Sign / Verify Configuration

Output

Related Cryptography Tools

Support This Free Tool

Understanding ECDSA

What is ECDSA?

How ECDSA Works

Key Concepts

Private Key

Public Key

Signature

ECDSA vs RSA

Popular EC Curves

Real-World Applications

Cryptocurrency

TLS/SSL

SSH

Mobile Auth

OpenSSL Commands

Security Best Practices

Quick Access

PGP Tools

Sharing Services

Security Tools

Cryptography

Network Tools

Legal & Compliance

DevOps/Container

Blockchain

Encoders/Converters

Developer Tools

Machine Learning Visualizers

Media Tools

Documents & PDF

Finance

Health

Lifestyle & Productivity

Chemistry

Math & Education

Physics Tools

Internationalization