Elliptical Curve CryptographyElliptical Curve Cryptography

Manish KumarManish Kumar

Roll No - 43Roll No - 43

CS-A, S-7CS-A, S-7

SOE, CUSATSOE, CUSAT

OutlineOutline

IntroductionIntroduction

CryptographyCryptography

Mathematical BackgroundMathematical Background

Elliptic CurvesElliptic Curves

Elliptic Curves ArithmeticElliptic Curves Arithmetic

Elliptical Curve Cryptography(ECC)Elliptical Curve Cryptography(ECC)

ApplicationsApplications

ConclusionConclusion

ReferencesReferences

IntroductionIntroductionCryptographyCryptography

– – Cryptography is science of using mathematics to Cryptography is science of using mathematics to

encrypt and decrypt data.encrypt and decrypt data.

– – Cryptography provide us mechanism to send, sensitive Cryptography provide us mechanism to send, sensitive

data through insecure network (like internet).data through insecure network (like internet).

IntroductionIntroduction

Secret key cryptographySecret key cryptography

– – The encryption key and decryption key are the The encryption key and decryption key are the

same.same.

– – Key Distribution Problem.Key Distribution Problem.

IntroductionIntroduction

Public key cryptographyPublic key cryptography

– –Different key for encryption and decryptionDifferent key for encryption and decryption

• • Public-key and private-keyPublic-key and private-key

– – Key distribution problem is solved.Key distribution problem is solved.

IntroductionIntroductionA comparison of public –key CryptosystemsA comparison of public –key Cryptosystems

IntroductionIntroduction

Elliptical Curve CryptographyElliptical Curve Cryptography – ECC was introduced by Victor Miller and Neal Koblitz in ECC was introduced by Victor Miller and Neal Koblitz in

1985.1985.

– It’s new approach to Public key cryptography.It’s new approach to Public key cryptography.

– ECC requires significantly smaller key size with same ECC requires significantly smaller key size with same

level of security.level of security.

– Benefits of having smaller key sizes : faster Benefits of having smaller key sizes : faster

computations, need less storage space. computations, need less storage space.

– ECC ideal for : Pagers ; PDAs ; Cellular Phones ; ECC ideal for : Pagers ; PDAs ; Cellular Phones ;

Smart Cards.Smart Cards.

Mathematical BackgroundMathematical Background

A group is an algebric system consisting of a A group is an algebric system consisting of a set G together with a binary operation * defined set G together with a binary operation * defined on G satisfying the following axioms :on G satisfying the following axioms :

– – Closure : for all x, y in G we have x * y Closure : for all x, y in G we have x * y G G

– – Associativity : for all x, y and z in G we have Associativity : for all x, y and z in G we have

(x * y) * z = x * (y * z)(x * y) * z = x * (y * z)

– – Identity element : There is an element e in G such Identity element : There is an element e in G such

that a · e = e · a = a for all a in G.that a · e = e · a = a for all a in G.

– – Inverse element : For each a in G there is an Inverse element : For each a in G there is an

element a' in G such that a · a' = a' · a = e.element a' in G such that a · a' = a' · a = e.

Mathematical BackgroundMathematical Background

In addition if for x, y in G we have x * y = y * x In addition if for x, y in G we have x * y = y * x then we say that group G is then we say that group G is abelianabelian..

A finite field is an algebraic system consisting A finite field is an algebraic system consisting of a set F together with a binary operations + of a set F together with a binary operations + and * defined on F satisfying the following and * defined on F satisfying the following axioms :axioms :

– – F is an abelian group with respect to +.F is an abelian group with respect to +.

– – F \ {0} is an abelian group with respect to *.F \ {0} is an abelian group with respect to *.

Mathematical BackgroundMathematical Background

– – For all x, y and z in F we have For all x, y and z in F we have x * ( y + z) = (x * y) + (x * z) x * ( y + z) = (x * y) + (x * z)

(x + y) * z = (x * z) + (y * z) (x + y) * z = (x * z) + (y * z)

The order of the finite field is the number of The order of the finite field is the number of elements in the field.elements in the field.

Elliptic CurvesElliptic Curves

Elliptic curves are not Elliptic curves are not ellipses (the name comes ellipses (the name comes from elliptic integrals)from elliptic integrals)Standard Form EquationStandard Form Equation

yy22 = x = x33 + a.x + b + a.x + b where x, y, a and b are where x, y, a and b are real numbers. real numbers.

Each choice of the Each choice of the numbers a and b yields a numbers a and b yields a different elliptic curve.different elliptic curve.

Elliptic CurvesElliptic Curves

If 4·aIf 4·a33 + 27·b + 27·b22 is not 0 (i.e. x is not 0 (i.e. x33 + a · x + b contains no + a · x + b contains no repeated factors), then the elliptic curve can be used repeated factors), then the elliptic curve can be used to form a groupto form a group

An elliptic curve group consists of the points on the An elliptic curve group consists of the points on the curve and a special point O, meeting point of curve curve and a special point O, meeting point of curve with a straight line at infinity.with a straight line at infinity.

Elliptic curve ArithmeticElliptic curve Arithmetic – – Point AdditionPoint Addition

Draw a line that intersects Draw a line that intersects distinct points P and Qdistinct points P and Q

The line will intersect a third The line will intersect a third point -Rpoint -R

Draw a vertical line through Draw a vertical line through point -Rpoint -R

The line will intersect a fourth The line will intersect a fourth point Rpoint R

Point R is defined as the Point R is defined as the summation of points P and summation of points P and QQ

R = P + QR = P + Q

Elliptic curve ArithmeticElliptic curve Arithmetic

Draw a line that Draw a line that intersects points P and intersects points P and

-P-P The line will not intersect The line will not intersect

a third pointa third point

For this reason, elliptic For this reason, elliptic curves include O, a curves include O, a point at infinitypoint at infinity P + (-P) = OP + (-P) = O O is the additive identityO is the additive identity

Elliptic curve ArithmeticElliptic curve Arithmetic

– – Point DoublingPoint DoublingDraw a line tangent to point Draw a line tangent to point PP

The line will intersect a second The line will intersect a second point -Rpoint -R

Draw a vertical line through Draw a vertical line through point -Rpoint -R

The line will intersect a third The line will intersect a third point Rpoint R

Point R is defined as the Point R is defined as the summation of point P with summation of point P with itselfitself

R = 2·PR = 2·P

Elliptical Curve CryptographyElliptical Curve CryptographyPoint MultiplicationPoint Multiplication

– – The main cryptographic operation in ECC is point The main cryptographic operation in ECC is point multiplication. multiplication.

– – Point multiplication is performed through a combination Point multiplication is performed through a combination of point additions and point doublings, of point additions and point doublings,

e.g.11P = 2((2(2P)) + P) + P.e.g.11P = 2((2(2P)) + P) + P.

– – Point multiplication is simply calculating Q=k . P, where Point multiplication is simply calculating Q=k . P, where k is an integer and P is a point on the curve called as k is an integer and P is a point on the curve called as base point.base point.

Elliptical Curve CryptographyElliptical Curve CryptographyPoint MultiplicationPoint Multiplication

– – Each curve has a specially designated point P called Each curve has a specially designated point P called

the base point chosen such that a large fraction of the the base point chosen such that a large fraction of the

elliptic curve points are multiples of it. elliptic curve points are multiples of it.

– – To generate a key pair, one selects a random integer k To generate a key pair, one selects a random integer k

which serves as the private key, and computes k P which serves as the private key, and computes k P

which serves as the corresponding public key.which serves as the corresponding public key.

Elliptical Curve CryptographyElliptical Curve CryptographyThe Elliptic curve discrete logarithm The Elliptic curve discrete logarithm problem problem

– – The discrete logarithm problem for ECC is the The discrete logarithm problem for ECC is the

inverse of point multiplication. inverse of point multiplication.

– – Given points P and Q, find a number k such that Given points P and Q, find a number k such that

k · P = Qk · P = Q – – where P and Q are points on the elliptic curvewhere P and Q are points on the elliptic curve

– – Q is the public keyQ is the public key

– – k is the private key (very large prime number)k is the private key (very large prime number)

Elliptic Curve Discrete LogarithmElliptic Curve Discrete Logarithm

– – We can find the value of k by adding P, k-times.We can find the value of k by adding P, k-times.

– – This is called Brute-force Method (not work when This is called Brute-force Method (not work when

k is large)k is large)

– – Pollard’s rho is best method to solve DLP.Pollard’s rho is best method to solve DLP.

– – Running time of Pollard’s rho is exponential.Running time of Pollard’s rho is exponential.

Elliptical Curve CryptographyElliptical Curve Cryptography

What makes ECC hard to crack?What makes ECC hard to crack?

– – The security of ECC relies on the difficulty of The security of ECC relies on the difficulty of

solving the Elliptic Curve Discrete Logarithm solving the Elliptic Curve Discrete Logarithm

Problem (ECDLP) Problem (ECDLP)

i.e. finding k, given P and Q = k P. The problem is i.e. finding k, given P and Q = k P. The problem is

computationally intractable for large values of k.computationally intractable for large values of k.

Performance ComparisonPerformance ComparisonADVANTAGES OF ECC OVER RSAADVANTAGES OF ECC OVER RSA

– – Smaller key size for equivalent security.Smaller key size for equivalent security.

– – Faster and Less computations.Faster and Less computations.

–– Less memory.Less memory.

ApplicationsApplications

Significant performance benefits from using ECC Significant performance benefits from using ECC in secure web transaction.in secure web transaction.

Elliptic Curve Digital Signature AlgorithmElliptic Curve Digital Signature Algorithm(ECDSA) (ECDSA)

ECC can be used in constrained Environments:ECC can be used in constrained Environments: Pagers ; PDAs ; Cellular Phones ; Smart CardsPagers ; PDAs ; Cellular Phones ; Smart Cards where where traditional public-key mechanisms are simply traditional public-key mechanisms are simply impractical.impractical.

ConclusionConclusion

ECC uses groups and a logarithm problem.ECC uses groups and a logarithm problem.

ECC is a stronger option than the RSA and discrete ECC is a stronger option than the RSA and discrete logarithm systems for the future.logarithm systems for the future.

Due to small key size, implementation is easy.Due to small key size, implementation is easy.

ECC is excellent choice for portable, communicati-ECC is excellent choice for portable, communicati-on devices.on devices.

ECC’s main advantage: as key length increases, so ECC’s main advantage: as key length increases, so does the difficulty of the inversion process.does the difficulty of the inversion process.

ReferencesReferencesCryptography and Network Security Principles and Practices, Cryptography and Network Security Principles and Practices, Fourth Edition,PHI, By William Stallings.Fourth Edition,PHI, By William Stallings.

Guide to Elliptic Curve Cryptography By Darrel Hankerson, Guide to Elliptic Curve Cryptography By Darrel Hankerson, Alfred Menezes, Scott Vanstone.Alfred Menezes, Scott Vanstone.

Elliptic Curve Cryptography – How it Works Sheueling Chang, Elliptic Curve Cryptography – How it Works Sheueling Chang, Hans Eberle, Vipul Gupta, Nils Gura, Sun Microsystems Hans Eberle, Vipul Gupta, Nils Gura, Sun Microsystems Laboratories.Laboratories.

The Elliptic Curve Cryptosystem For Smart Cards, A Certicom The Elliptic Curve Cryptosystem For Smart Cards, A Certicom White Paper, Published: May 1998 .White Paper, Published: May 1998 .

Elliptic Curve Cryptography An Implementation Guide By Elliptic Curve Cryptography An Implementation Guide By Anoop MS anoopms@tataelxsi.co.in .Anoop MS anoopms@tataelxsi.co.in .