08co55-elliptic curve crypto

5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com

http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 1/21

Elliptic CurveCryptography

1

Presented ByRajkumar Murugesan

08CO55



Introduction

The Elliptic curve cryptography (ECC) is an approach to

public-key cryptography based on the algebraic

structure of elliptic curves over finite fields.

Security of Public-Key Cryptography depends on the

difficulty of solving the Hard Problems defined in

Complexity Theory.

2



Background of Public Key Cryptosystem

The Cryptosystems based on following mathematical

problem are considered secure and efficient :

1. Integer Factorization problem (IFP)Examples are RSA ,Rabin-Williams

2. Discrete Logarithm Problem (DLP)

DSA, Diffie-Hellman and MQV key agreement scheme,the ElGamal encryption and signature scheme. etc

3. Elliptic Curve Discrete Logarithm Problem(ECDLP)

ECDSA , Elliptic Curve Diffie-Hellman & elliptic curveMQV key agreement schemes the ElGamalencryption and signature scheme etc.

3



Public KeyCryptosystem….

4



Elliptic Curve An elliptic curve is the set of solutions of an equation of the

form

y 2 = x3 + ax + b .

Where the co-efficeints a and b are elements of the field

and

4a3 + 27b2 ≠ 0. Each value of the 'a' and 'b' gives adifferent elliptic curve.

One interesting property of set of solutions of elliptic curve is

that it forms a group which enables us to do Cryptography.

The public key is a point in the curve and the private key isa random number. The public key is obtained by

multiplying the private key with the generator point G in the

curve.

5



6

Elliptic Curve Continued…

Source ::http://en.wikipedia.org/wiki/File:EllipticCurveCatalog.svg



GraphicalRepresentation

7

X axis

Y axis

Curves of this natureare called ELLIPTIC

CURVES



Point Addition

8

Fig. 1 a Definition of Point Addition operation in Elliptic Curve

Point addition is the addition of two points J and K on

an elliptic curve to obtain another point L on the sameelliptic curve.



An extra point at infinity O is added to the curve,which lies infinitely far on the vertical axis. This point O

will become the identity of the elliptic curve group.

Let J=(x1,y1) and K=(x2,y2) then the sum of J and K(where none of them is O) is ,

L=J+K where L=(x3,y3)

where x3 = 2 - x1 - x2

y3 = ( x1 - x3) - y1

and is the slope of the line and is given byfollowing formula

= (3 x12+a)/2y1 if x1 = x2

= (y2-y1)/( x 2- x1) otherwise

9



Point Doubling

10

Point doubling is the addition of a point J on theelliptic curve to itself to obtain another point L on thesame elliptic curve.



Point Multiplication In point multiplication a point P on the elliptic curve is

multiplied with a scalar k using elliptic curve equation to

obtain another point Q on the same elliptic curve

i.e. kP=Q

Point multiplication is achieved by two basic ellipticcurve

operations

Point addition

Point doubling,

For example If k = 23 then kP = 23.P = 2(2(2(2P) + P) + P)+ P.

11



Elliptic Curve Cryptosystem Majority of public key cryptosystems (RSA,D-H) use either integer

or polynomial arithmetic with very large numbers/polynomials.

Imposes a significant load in storing and processing keysand messages.

An alternative is to use elliptic curves that offers samesecurity with smaller bit sizes.

The security of ECC depends on the difficulty of EllipticCurve Discrete Logarithm Problem. Let P and Q be two

points on an elliptic curve such that kP = Q, where k is ascalar. Given P and Q, it is computationally infeasible toobtain k, if k is sufficiently large. k is the discrete logarithmof Q to the base P.

12



Elliptic Curve Domain parameters

Apart from the curve parameters a and b, there are

other parameters that must be agreed by both partiesinvolved in secured and trusted communication usingECC. These are called domain parameters.

The domain parameters for Elliptic curve over Fp are p, a,

b, g, n and h, where p is the prime number defined for finite field Fp

a and b are the parameters defining the curve y2 mod p= x3 + ax + b mod p.

g is the generator point (xg, yg), a point on the elliptic curve

chosen for cryptographic operations. n is the order of the elliptic curve.

h is the cofactor where h = #E(Fp)/n. #E(Fp) is the number ofpoints on an elliptic curve.

13



ECDH - Elliptic Curve Diffie Hellman

ECDH is a key agreement protocol that allows two

parties to establish a shared secret key that can be usedas a private key for encryption algorithms.

Both parties exchange some public information to each

other. Using this public data and their own private datathese parties calculates the shared secret. Any third

party, who doesn't have access to the private details of

each device, will not be able to calculate the shared

secret from the available public information.

For generating a shared secret between A and B using

ECDH, both have to agree up on Elliptic Curve domain

parameters.

14



Both end have a key pair consisting of a private key d (a

randomly selected integer less than n) and a public key

Q = d * G (G is the generator point, an elliptic curvedomain parameter).

Let (dA, QA) be the private key - public key pair of A and

(dB, QB) be the private key - public key pair of B The end A computes K = (xK, yK) = dA * QB

The end B computes L = (xL, yL) = dB * QA

Since dAQB = dAdBG = dBdAG = dBQA. Therefore K = L andhence xK = xL

Hence the shared secret is xK.

15

It is practically impossible to find the private key dA or dB

from the public key K or L, its not possible to obtain the

shared secret for a third party.

ECDH….



The Advantages of Elliptic Curve

Cryptography

Security Level(bits)

RSA key length(bits)

Elliptic curve keylength (bits)

80 1,024 160

256 15,360 512

16

The biggest advantage of elliptic curve cryptography is thedrastic reduction in overhead associated with it.

Take this side by side comparison of required key sizes toachieve different levels of security for RSA modulus n and an

elliptic curve system with a security parameter n.



Elliptic Curve Security The security of the Elliptic Curve algorithm is based

on the fact that it is very difficult (as difficult asfactoring) to solve the Elliptic Curve DiscreteLogarithm Problem:

Given two points P and Q where Q = kP, find the

value of k .

17



Applications of ECC• Many devices are small and have limited

storage and computational power

• Where can we apply ECC?o

Wireless communication deviceso Smart cards

o Web servers that need to handle manyencryption sessions

o Any application where security is needed butlacks the power, storage and computationalpower that is necessary for our currentcryptosystems

18



Benefits of ECC Same benefits of the other cryptosystems:

confidentiality, integrity, authentication and non-repudiation but…

Shorter key lengthso Encryption, Decryption and Signature Verification speed up

o Storage and bandwidth savings

19



References http://www.dkrypt.com/home/ecc

http://en.wikipedia.org/wiki/Elliptic_Curve_DSA

Elliptic Curves and Their Application to Cryptography-An

Introduction By Andreas En.ge ,KLUWER ACADEMIC PUBLISHERS.

HANDBOOK OF ELLIPTIC AND HYPERELLIPTIC CURVECRYPTOGRAPHY by HENRY COHEN & GERHARD FREY , Roberto

Avanzi, Christophe Doche, Tanja Lange,Kim Nguyen, and Frederik

Vercauteren CHAPMAN & HALL/CRC,TAYLOR & FRANCIS GROUP ,Boca Raton London New York Singapore.

http://citeseer.ist.psu.edu/old/392717.html

http://www.secg.org/download/aid-385/sec1_final.pdf

http://www.secg.org/download/aid-386/sec2_final.pdf

http://www.certicom.com/index.php?action=ecc_tutorial,home

20



21

Thanks for Listening!

08co55-elliptic curve crypto

Documents