An Improvement of ECDSA Weak Randomness in Blockchain

Blockchain technology has already changed industry and commercial enterprises remarkably. It is the underlying mechanism of a very well-known cryptocurrencies such as Bitcoin and Ethereum, and many other business applications. Therefore, its security draws the researchers’ attention more and more recently. One of Blockchain vulnerabilities is caused by weak randomness in ECDSA. A random number is not secure, cryptographically, which leads to a leakage in private key and even the user’s fund theft. As well the spam transaction attack may exploit the ECDSA weak randomness. This problem in security has been well known in cryptocurrencies community such as Bitcoin and fixed by applying RFC 6979 update in 2013. However, the problem is not entirely solved. The elliptic curve digital signature algorithm (ECDSA) was the first successful algorithm based on elliptic curve. This algorithm security depends on complexity of elliptic curve discrete logarithm problem (ECDLP). This algorithm applied in blockchain mechanism as a result of its low computational cost and short key. In this paper, we analyze the ECDSA weakness in blockchain and enhance its scheme by generating the signature with two secret keys. Using two secret keys will reduce the risk probability of revealing the secret key by knowing two messages. Therefore, the improved scheme can improve the security of the ECDSA.