Ethereum: k selection for Schnorr signatures
Ethereum: Why Schnorr Signatures use Nonce generation using SHA-256
The SCHNORR signature scheme is one of the most widely used and effective digital signatures for Ethereum. However, when it comes to this generation of signatures, it seems that there is a debate between developers and researchers why the simple option of the RFC6979 was not chosen over another popular option.
At first glance, it may seem controversial that Schnorh’s signatures use a generation of nonce through the SHA-256 rather than a more commonly used method, such as Hmac or NPP. But let’s go into the grounds of this decision.
NONCE PROBLEM
One of the main challenges of digital signature schemes is the unique value of each signing operation. In other words, we need to make sure that two signatures are not identical and can be easily verified using the same key. One of the ways to solve this problem is using NECE parameters with signature parameters.
However, when it comes to Schnorr’s signatures, there are some problems with the use of nonclabs created through the SHA-256:
1
SHA-256 is not suitable for cryptographic purposes : While the SHA-256 is widely used in many applications, its main size and security requirements make it inappropriate for cryptography, such as digital signatures.
- Cannot not consistently generate : Ethereum network blockchain is constantly updated with new blocks, which means that Nonce Generation is a dynamic process. It introduces unpredictability in the signature scheme, making it vulnerable to attacks.
Why was the RFC6979 option
Despite these challenges, Schnorr’s signature scheme was selected as default for a number of reasons:
1
Effective and fast : The simple RFC6979 uses an optimized algorithm that creates a non -value for the complexity of O (Log N), making it much faster than other methods.
- Small key sizes : Using SHA-256 to generate non-CE, we can reduce the size of the key to digital signatures, making them more efficient and cost effective.
Conclusion
In conclusion, the choice of NECE generation method for Ethereum signatures is based on a combination of efficiency, security and practical reasons. While at first glance, it may seem anti-intensive, the use of SHA-256 to generate is a unique set of benefits that exceed the disadvantages. The simple version of the RFC6979 is still an effective solution for digital signature schemes for Ethereum.