# Cryptography

The following cryptography is used on the Cudos network.

## Digital Signatures​

Digital Signatures are a cryptographic tool to sign messages and verify message signatures in order to provide proof of authenticity for all messages including transactions.

Digital signatures provide:

1. Message integrity - A proof of the integrity of the data. Modification is not possible without access to the original sender's private key.

2. Message authentication - A proof that only a certain known sender created and signed the message. The verifier has assurance of data origin authentication because the only way the digital signature could be decrypted is using the sender's private key. It is computationally infeasible to generate a valid signature for a party without knowing that party's private key.

3. Non-repudiation - The signer cannot deny signing the document after the signature is created. Anyone can verify the digital signature by computing a hash of the data and checking whether the decryption of the digital signature results in the same hash.

Cudos uses the ECDSA Elliptic Curve Digital Signature scheme. This is a cryptographically secure digital signature scheme based on elliptic-curve cryptography.

• The elliptic curve is `sepc2561k`
• The private key for signing messages is a random integer within the curve key length.
• The public key for verifying signatures is calculated from the private key by multiplying it to the curve generator point.

## ECDSA Signing​

The ECDSA signing process works as follows:

1. The ECDSA signing algorithm computes a message hash
2. A random integer k is generated
3. A signature is computed from (a pair of integers {r, s}), where
• r is computed from k and
• s is computed using the message hash + the private key + the random number k.
• Due to the randomness, the signature is non-deterministic.

## ECDSA Verifying​

The ECDSA signature verification algorithm involves computations, based on the message hash + the public key + the signature {r, s}.

The ECDSA key pairs generated via elliptic curve cryptography are smaller than the average keys generated by digital signing algorithms. The sender of a transaction signs it using their own private key. On-chain signature verification is enabled by storing the public key in the 'Account' object. See Accounts

## Hash Functions​

Hash functions transform input data of any size to a results of a fixed size. This output is the hash.

SHA-2 is a family of strong cryptographic hash functions. More bits at the hash output achieve stronger security.

SHA-256 is used to transform input data to a result of a fixed 256 bit output. Transaction hashes are all 256 bits.

## BIP 39​

When you create a new wallet on Cudos using the CLI, you are given a BIP39 mnemonic. BIP39 describes the implementation of a mnemonic code for the generation of deterministic wallets.

It consists of two parts:

### 1. Generating the mnemonic​

A 12 or 24 word mnemonic is randomly generated from the BIP39 wordlist comprising 2048 words. This may seem like a limited pool of words but the actual number of possible combinations makes it extremely secure.

::: Probability and mnemonics

If a mnemonic were only 1 word, the odds of guessing someone's mnemonic would be 1 in 2048.

2048^1.

A 2 word mnemonic phrase would have ~4.2 million different possible combinations. A bit more secure.

2048^2 = 4,194,304.

Skipping ahead to the 12 word mnemonic phrase...

There are 54 quattuordecillion different possibilities.

The number has 15 commas.

2048^12 = 5.4445179e+39

-or-

54,445,179,000,000,000,000,000,000,000,000,000,000,000,000,000

:::

### 2. Converting it into a binary seed​

Your mnemonic and an passphrase of your choice is converted into a binary seed using the [PBKDF2 key derivation function]. PBKDF2 is resistant to dictionary and rainbow table attacks.

This binary seed supports deterministic key generation of wallet keypairs.