08co55-elliptic curve crypto
TRANSCRIPT
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 1/21
Elliptic CurveCryptography
1
Presented ByRajkumar Murugesan
08CO55
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 2/21
Introduction
The Elliptic curve cryptography (ECC) is an approach to
public-key cryptography based on the algebraic
structure of elliptic curves over finite fields.
Security of Public-Key Cryptography depends on the
difficulty of solving the Hard Problems defined in
Complexity Theory.
2
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 3/21
Background of Public Key Cryptosystem
The Cryptosystems based on following mathematical
problem are considered secure and efficient :
1. Integer Factorization problem (IFP)Examples are RSA ,Rabin-Williams
2. Discrete Logarithm Problem (DLP)
DSA, Diffie-Hellman and MQV key agreement scheme,the ElGamal encryption and signature scheme. etc
3. Elliptic Curve Discrete Logarithm Problem(ECDLP)
ECDSA , Elliptic Curve Diffie-Hellman & elliptic curveMQV key agreement schemes the ElGamalencryption and signature scheme etc.
3
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 4/21
Public KeyCryptosystem….
4
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 5/21
Elliptic Curve An elliptic curve is the set of solutions of an equation of the
form
y 2 = x3 + ax + b .
Where the co-efficeints a and b are elements of the field
and
4a3 + 27b2 ≠ 0. Each value of the 'a' and 'b' gives adifferent elliptic curve.
One interesting property of set of solutions of elliptic curve is
that it forms a group which enables us to do Cryptography.
The public key is a point in the curve and the private key isa random number. The public key is obtained by
multiplying the private key with the generator point G in the
curve.
5
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 6/21
6
Elliptic Curve Continued…
Source ::http://en.wikipedia.org/wiki/File:EllipticCurveCatalog.svg
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 7/21
GraphicalRepresentation
7
X axis
Y axis
Curves of this natureare called ELLIPTIC
CURVES
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 8/21
Point Addition
8
Fig. 1 a Definition of Point Addition operation in Elliptic Curve
Point addition is the addition of two points J and K on
an elliptic curve to obtain another point L on the sameelliptic curve.
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 9/21
An extra point at infinity O is added to the curve,which lies infinitely far on the vertical axis. This point O
will become the identity of the elliptic curve group.
Let J=(x1,y1) and K=(x2,y2) then the sum of J and K(where none of them is O) is ,
L=J+K where L=(x3,y3)
where x3 = 2 - x1 - x2
y3 = ( x1 - x3) - y1
and is the slope of the line and is given byfollowing formula
= (3 x12+a)/2y1 if x1 = x2
= (y2-y1)/( x 2- x1) otherwise
9
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 10/21
Point Doubling
10
Point doubling is the addition of a point J on theelliptic curve to itself to obtain another point L on thesame elliptic curve.
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 11/21
Point Multiplication In point multiplication a point P on the elliptic curve is
multiplied with a scalar k using elliptic curve equation to
obtain another point Q on the same elliptic curve
i.e. kP=Q
Point multiplication is achieved by two basic ellipticcurve
operations
Point addition
Point doubling,
For example If k = 23 then kP = 23.P = 2(2(2(2P) + P) + P)+ P.
11
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 12/21
Elliptic Curve Cryptosystem Majority of public key cryptosystems (RSA,D-H) use either integer
or polynomial arithmetic with very large numbers/polynomials.
Imposes a significant load in storing and processing keysand messages.
An alternative is to use elliptic curves that offers samesecurity with smaller bit sizes.
The security of ECC depends on the difficulty of EllipticCurve Discrete Logarithm Problem. Let P and Q be two
points on an elliptic curve such that kP = Q, where k is ascalar. Given P and Q, it is computationally infeasible toobtain k, if k is sufficiently large. k is the discrete logarithmof Q to the base P.
12
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 13/21
Elliptic Curve Domain parameters
Apart from the curve parameters a and b, there are
other parameters that must be agreed by both partiesinvolved in secured and trusted communication usingECC. These are called domain parameters.
The domain parameters for Elliptic curve over Fp are p, a,
b, g, n and h, where p is the prime number defined for finite field Fp
a and b are the parameters defining the curve y2 mod p= x3 + ax + b mod p.
g is the generator point (xg, yg), a point on the elliptic curve
chosen for cryptographic operations. n is the order of the elliptic curve.
h is the cofactor where h = #E(Fp)/n. #E(Fp) is the number ofpoints on an elliptic curve.
13
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 14/21
ECDH - Elliptic Curve Diffie Hellman
ECDH is a key agreement protocol that allows two
parties to establish a shared secret key that can be usedas a private key for encryption algorithms.
Both parties exchange some public information to each
other. Using this public data and their own private datathese parties calculates the shared secret. Any third
party, who doesn't have access to the private details of
each device, will not be able to calculate the shared
secret from the available public information.
For generating a shared secret between A and B using
ECDH, both have to agree up on Elliptic Curve domain
parameters.
14
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 15/21
Both end have a key pair consisting of a private key d (a
randomly selected integer less than n) and a public key
Q = d * G (G is the generator point, an elliptic curvedomain parameter).
Let (dA, QA) be the private key - public key pair of A and
(dB, QB) be the private key - public key pair of B The end A computes K = (xK, yK) = dA * QB
The end B computes L = (xL, yL) = dB * QA
Since dAQB = dAdBG = dBdAG = dBQA. Therefore K = L andhence xK = xL
Hence the shared secret is xK.
15
It is practically impossible to find the private key dA or dB
from the public key K or L, its not possible to obtain the
shared secret for a third party.
ECDH….
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 16/21
The Advantages of Elliptic Curve
Cryptography
Security Level(bits)
RSA key length(bits)
Elliptic curve keylength (bits)
80 1,024 160
256 15,360 512
16
The biggest advantage of elliptic curve cryptography is thedrastic reduction in overhead associated with it.
Take this side by side comparison of required key sizes toachieve different levels of security for RSA modulus n and an
elliptic curve system with a security parameter n.
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 17/21
Elliptic Curve Security The security of the Elliptic Curve algorithm is based
on the fact that it is very difficult (as difficult asfactoring) to solve the Elliptic Curve DiscreteLogarithm Problem:
Given two points P and Q where Q = kP, find the
value of k .
17
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 18/21
Applications of ECC• Many devices are small and have limited
storage and computational power
• Where can we apply ECC?o
Wireless communication deviceso Smart cards
o Web servers that need to handle manyencryption sessions
o Any application where security is needed butlacks the power, storage and computationalpower that is necessary for our currentcryptosystems
18
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 19/21
Benefits of ECC Same benefits of the other cryptosystems:
confidentiality, integrity, authentication and non-repudiation but…
Shorter key lengthso Encryption, Decryption and Signature Verification speed up
o Storage and bandwidth savings
19
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 20/21
References http://www.dkrypt.com/home/ecc
http://en.wikipedia.org/wiki/Elliptic_Curve_DSA
Elliptic Curves and Their Application to Cryptography-An
Introduction By Andreas En.ge ,KLUWER ACADEMIC PUBLISHERS.
HANDBOOK OF ELLIPTIC AND HYPERELLIPTIC CURVECRYPTOGRAPHY by HENRY COHEN & GERHARD FREY , Roberto
Avanzi, Christophe Doche, Tanja Lange,Kim Nguyen, and Frederik
Vercauteren CHAPMAN & HALL/CRC,TAYLOR & FRANCIS GROUP ,Boca Raton London New York Singapore.
http://citeseer.ist.psu.edu/old/392717.html
http://www.secg.org/download/aid-385/sec1_final.pdf
http://www.secg.org/download/aid-386/sec2_final.pdf
http://www.certicom.com/index.php?action=ecc_tutorial,home
20
5/16/2018 08co55-Elliptic Curve Crypto - slidepdf.com
http://slidepdf.com/reader/full/08co55-elliptic-curve-crypto 21/21
21
Thanks for Listening!