Scribd
Upload
116 views10 pages

Elliptic Curve Cryptography

Elliptic curve cryptography (ECC) provides an alternative to traditional public-key cryptography like RSA that offers the same level of security with smaller key sizes. ECC uses elliptic curves over finite fields to define cryptographic problems analogous to integer factorization in RSA. Keys, signatures, and shared secrets can be generated through repeated addition of points on the curve, similar to exponentiation in RSA. The security of ECC depends on the difficulty of solving the elliptic curve discrete logarithm problem.

Uploaded by

Soumak Poddar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
116 views10 pages

Elliptic Curve Cryptography

Elliptic curve cryptography (ECC) provides an alternative to traditional public-key cryptography like RSA that offers the same level of security with smaller key sizes. ECC uses elliptic curves over finite fields to define cryptographic problems analogous to integer factorization in RSA. Keys, signatures, and shared secrets can be generated through repeated addition of points on the curve, similar to exponentiation in RSA. The security of ECC depends on the difficulty of solving the elliptic curve discrete logarithm problem.

Uploaded by

Soumak Poddar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 10

Elliptic Curve Cryptography

 majority of public-key crypto (RSA, D-H)


use either integer or polynomial arithmetic
with very large numbers/polynomials
 imposes a significant load in storing and
processing keys and messages
 an alternative is to use elliptic curves
 offers same security with smaller bit sizes
Real Elliptic Curves
 an elliptic curve is defined by an
equation in two variables x & y, with
coefficients
 consider a cubic elliptic curve of form
 y2 = x3 + ax + b
 where x,y,a,b are all real numbers
 also define zero point O
 consider set of points E(a,b) that satisfy
 have addition operation for elliptic curve
 geometrically sum of P+Q is reflection of the
intersection R
Real Elliptic Curve Example
Finite Elliptic Curves
 Elliptic curve cryptography uses curves
whose variables & coefficients are finite
 have two families commonly used:
 prime curves Ep(a,b) defined over Zp
• use integers modulo a prime
• best in software
 binary curves E2m(a,b) defined over GF(2n)
• use polynomials with binary coefficients
• best in hardware
Elliptic Curve Cryptography
 ECC addition is analog of modulo multiply
 ECC repeated addition is analog of
modulo exponentiation
 need “hard” problem equiv to discrete log
 Q=kP, where Q,P belong to a prime curve
 is “easy” to compute Q given k,P
 but “hard” to find k given Q,P
 known as the elliptic curve logarithm problem
 Certicom example: E23(9,17)
ECC Diffie-Hellman
 can do key exchange analogous to D-H
 users select a suitable curve Eq(a,b)
 select base point G=(x1,y1)
 with large order n s.t. nG=O
 A & B select private keys nA<n, nB<n
 compute public keys: PA=nAG, PB=nBG
 compute shared key: K=nAPB, K=nBPA
 same since K=nAnBG
 attacker would need to find k, hard
ECC Encryption/Decryption
 several alternatives, will consider simplest
 must first encode any message M as a point on
the elliptic curve Pm
 select suitable curve & point G as in D-H
 each user chooses private key nA<n
 and computes public key PA=nAG
 to encrypt Pm : Cm={kG, Pm+kPb}, k random
 decrypt Cm compute:
Pm+kPb–nB(kG) = Pm+k(nBG)–nB(kG) = Pm
Security of Elliptic Curve
Cryptography
Depends on the difficulty of the elliptic
curve logarithm problem
Fastest known technique is “Pollard rho
method”
Compared to factoring, can use much
smaller key sizes than with RSA
For equivalent key lengths computations
are roughly equivalent
Hence, for similar security ECC offers
significant computational advantages
Comparable Key Sizes for
Equivalent Security
Symmetric ECC-based RSA/DSA
scheme scheme (modulus size in
(key size in bits) (size of n in bits) bits)

56 112 512
80 160 1024
112 224 2048
128 256 3072
192 384 7680
256 512 15360

You might also like