High speed, public-key cryptography in JavaScript (part 2): Digital Signatures

“Digital Signatures provide a digital fingerprint that allows a recipient to authenticate the message sender and its integrity.”

The so called “Blockchain based Technologies” security is basically about digital signatures and hashes! — photo courtesy of https://pexels.com

Digital Signatures explained: https://en.wikipedia.org/wiki/Digital_signature

TweetNaCL.js and Digital Signatures in JavaScript

Don’t be surprised, if using TweetNaCL.js for asymmetric encryption/decryptionwas easy, signing and verifying messages suppose to be even simpler.

TweetNaCL uses “ed25519 as signature system, never heard about it?


Ed25519 signatures are elliptic-curve signatures, carefully engineered at several levels of design and implementation to achieve very high speeds without compromising security.

This system has a 2¹²⁸ security target; breaking it has similar difficulty to breaking NIST P-256, RSA with ~3000-bit keys, strong 128-bit block ciphers, etc. The best attacks known actually cost more than 2¹⁴⁰ bit operations on average, and degrade quadratically in success probability as the number of bit operations drops.


My two cents on usability

As in JavaScript client applications we usually tend to deal with base64 encoded keys and raw String messages, I decided contribute with an NPM package that abstracts the Uint8Array arrays manipulations: nacl-signature



That’s it! 
Digital signatures in JavaScript made simple through TweetNaCL.js and nacl-signature.

Happy Hacking!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.