SRNCDSA: A Novel Enhancement of ECDSA Using a Single Random Number and Counter for Improved Security

INTRODUCTION: The Elliptic Curve Digital Signature Algorithm (ECDSA) is widely used to secure communications in resource-constrained systems, including IoT devices, UAVs, and blockchain platforms. Despite its efficiency, ECDSA relies heavily on the generation of secure random keys, which makes it vulnerable to key leakage if random values are reused or derived from weak entropy sources. OBJECTIVES: This study introduces the Single Random Number Counter-based Digital Signature Algorithm (SRNCDSA), an enhanced variant of ECDSA designed to address vulnerabilities arising from random key reuse while preserving high performance in resource-constrained environments. METHODS: SRNCDSA generates nonces by combining a static random number with an incrementing counter, ensuring deterministic uniqueness and maintaining high entropy without requiring fresh randomness for each signature. The proposed scheme was implemented and evaluated on a constrained hardware platform representative of UAV and IoT environments. RESULTS: SRNCDSA achieved an average computational cost of 0.002946 seconds per signature and supported 20,366.62 signatures per minute, with moderate CPU utilization (7.45%) and relatively high memory consumption (73.02%). The nonce entropy reached 7.6438566 bits, approaching the theoretical maximum of 8 bits at the byte level. CONCLUSION: SRNCDSA provides a practical and efficient countermeasure to nonce reuse in ECDSA, combining robust security guarantees with performance characteristics suitable for real-time embedded systems.