6️⃣ How ECDSA Signatures Work (Sign & Verify for AxM, Conceptual) скачать в хорошем качестве

6️⃣ How ECDSA Signatures Work (Sign & Verify for AxM, Conceptual)

📺 Video 6 – How ECDSA Signatures Work (Sign & Verify for AxM) Description (for    • 6️⃣ How ECDSA Signatures Work (Sign & Veri...  ): How is a digital signature actually created—and how does Apple School / Business Manager (AxM) verify it without ever seeing the private key? In this final episode, we tie together everything from the series to build a conceptual picture of the Elliptic Curve Digital Signature Algorithm (ECDSA) for ES256. We stay at high-school algebra level and focus on the structure of sign and verify, not production-grade crypto code. ⸻ In this video On the client side, we: • Start with a shared generator point G and our key pair: • private key d • public key Q = dG • Hash the JWT header + payload with SHA-256 to get a digest h • Choose a fresh random nonce k and compute a point: R = kG • Take the x-coordinate of R and call it r • Feed the private key d, nonce k, digest h, and x-coordinate r into a conceptual “signature forge function” → it outputs a scalar s, This gives us the signature pair: (r, s) which we attach to our JWT client assertion. ⸻ On the AxM side, the server: • Extracts the header + payload from the JWT • Recomputes a digest h′ using SHA-256 • Looks up our public key Q from the kid • Reads the signature components r and s AxM then uses a verification function that combines: • G, Q, h′, r, and s to compute a point: R' = u_1 G + u_2 Q for carefully chosen values u_1 and u_2 that it can derive from h′, r, and s. If the x-coordinate of R' matches the r we sent: • The signature is valid • AxM can be confident we used the correct private key • AxM issues an access token If it doesn’t match, the verification fails and no token is issued. ⸻ Wrapping up the essential questions By the end of this video (and series), we’ve answered: 1. What is an access token? 2. What is an API? (and how AxM exposes resources via an API) 3. How do we go from AxM API account to access token? 4. What are a private and public key in ECDSA? 5. What is a hash function, and why SHA-256? 6. How are ECDSA signatures created and verified in this flow? All together, this gives a conceptual understanding of: How AxM uses ECDSA-signed JWTs to decide whether or not to grant us an access token. Thanks for watching the series 🖤 ⸻ Watch the full series 1. Ep 1 – Series Overview    • 1️⃣ How Do We Get an AxM Access Token? (Se...   2. Ep 2 – What is an API?    • 2️⃣ What Is an API? (Restaurant Metaphor)   3. Ep 3 – From AxM API Account to Access Token    • 3️⃣ From AxM API Account to Access Token (...   4. Ep 4 – Elliptic Curves & Keys (Private Number, Public Point)    • 4️⃣ Elliptic Curves & Keys (ECDSA Conceptu...   5. Ep 5 – What Is a Hash Function? (SHA-256)    • 5️⃣ What Is a Hash Function? SHA-256 as a ...   6. Ep 6 – How ECDSA Signatures Work (Sign & Verify for AxM) (this video)    • 6️⃣ How ECDSA Signatures Work (Sign & Veri...   #ECDSA #JWT #AppleSchoolManager #ES256 #DigitalSignatures