# Cryptography

The following cryptography is used on the CUDOS network.

## Digital Signatures

Digital Signatures are a cryptographic tool to sign messages and verify message signatures in order to provide proof of authenticity for all messages including transactions.

Digital signatures provide:

**Message integrity**- A proof of the*integrity*of the data. Modification is not possible without access to the original sender's private key.**Message authentication**- A proof that only a certain known sender created and signed the message. The verifier has*assurance*of data origin authentication because the only way the digital signature could be decrypted is using the sender's private key. It is computationally infeasible to generate a valid signature for a party without knowing that party's private key.**Non-repudiation**- The signer cannot deny signing the document after the signature is created. Anyone can verify the digital signature by computing a hash of the data and checking whether the decryption of the digital signature results in the same hash.

CUDOS uses the **ECDSA Elliptic Curve Digital Signature scheme**. This is a cryptographically secure digital signature scheme based on elliptic-curve cryptography.

- The elliptic curve is
`sepc2561k`

- The
**private key**for signing messages is a random integer within the curve key length. - The
**public key**for verifying signatures is calculated from the private key by multiplying it to the curve generator point.

## ECDSA Signing

The ECDSA signing process works as follows:

- The ECDSA signing algorithm computes a message
**hash** - A random integer
**k**is generated - A
**signature**is computed from (a pair of integers {r, s}), where**r**is computed from**k**and**s**is computed using the message**hash**+ the**private key**+ the random number**k**.- Due to the randomness, the signature is
**non-deterministic**.

## ECDSA Verifying

The ECDSA signature verification algorithm involves computations, based on the message **hash** + the **public key** + the **signature {r, s}**.

The ECDSA key pairs generated via elliptic curve cryptography are smaller than the average keys generated by digital signing algorithms. The sender of a transaction signs it using their own private key. On-chain signature verification is enabled by storing the public key in the 'Account' object. See Accounts

## Hash Functions

Hash functions transform input data of any size to a results of a fixed size. This output is the **hash**.

**SHA-2** is a family of strong cryptographic hash functions. More bits at the **hash output** achieve stronger security.

**SHA-256** is used to transform input data to a result of a fixed 256 bit output. Transaction hashes are all 256 bits.

## BIP 39

When you create a new wallet on CUDOS using the CLI, you are given a BIP39 mnemonic. BIP39 describes the implementation of a mnemonic code for the generation of deterministic wallets.

It consists of two parts:

### 1. Generating the mnemonic

A 12 or 24 word mnemonic is randomly generated from the **BIP39 wordlist comprising 2048 words**. This may seem like a limited pool of words but the actual number of possible combinations makes it extremely secure.

::: Probability and mnemonics

If a mnemonic were only 1 word, the odds of guessing someone's mnemonic would be 1 in 2048.

2048^1.

A 2 word mnemonic phrase would have ~4.2 million different possible combinations. A bit more secure.

2048^2 = 4,194,304.

Skipping ahead to the 12 word mnemonic phrase...

There are 54 quattuordecillion different possibilities.

The number has 15 commas.

2048^12 = 5.4445179e+39

-or-

54,445,179,000,000,000,000,000,000,000,000,000,000,000,000,000

:::

### 2. Converting it into a binary seed

Your mnemonic and an passphrase of your choice is converted into a binary seed using the [**PBKDF2 key derivation function**]. **PBKDF2** is resistant to **dictionary and rainbow table attacks**.

This binary seed supports deterministic key generation of wallet keypairs.