Elliptic Curve Cryptography

Presented By Rajkumar Murugesan 08CO55

Introduction
The Elliptic curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. Security of Public-Key Cryptography depends on the difficulty of solving the Hard Problems defined in Complexity Theory.

Background of Public Key Cryptosystem

The Cryptosystems based on following mathematical problem are considered secure and efficient :

1. Integer Factorization problem (IFP)

Examples are RSA ,Rabin-Williams

2. Discrete Logarithm Problem (DLP)

DSA, Diffie-Hellman and MQV key agreement scheme, the ElGamal encryption and signature scheme. etc

3. Elliptic Curve Discrete Logarithm Problem (ECDLP)

ECDSA , Elliptic Curve Diffie-Hellman & elliptic curve MQV key agreement schemes the ElGamal encryption and signature scheme etc.

Public Key Cryptosystem.

Elliptic Curve
An elliptic curve is the set of solutions of an equation of the form y2 = x3 + ax + b . Where the co-efficeints a and b are elements of the field and 4a3 + 27b2 0. Each value of the 'a' and 'b' gives a different elliptic curve. One interesting property of set of solutions of elliptic curve is that it forms a group which enables us to do Cryptography. The public key is a point in the curve and the private key is a random number. The public key is obtained by multiplying the private key with the generator point G in the curve.
5

Elliptic Curve Continued

Source ::
http://en.wikipedia.org/wiki/File:EllipticCurveCatalog.svg
6

Graphical Representation
Y axis

X axis

Curves of this nature are called ELLIPTIC CURVES

 Point addition is the addition of two points J and K on an elliptic curve to obtain another point L on the same elliptic curve.

Point Addition

Fig. 1 a Definition of Point Addition operation in Elliptic Curve

8

 An extra point at infinity O is added to the curve, which lies infinitely far on the vertical axis. This point O will become the identity of the elliptic curve group. Let J=(x1,y1) and K=(x2,y2) then the sum of J and K (where none of them is O) is , L=J+K where L=(x3,y3) where x3 = 2 - x1 - x2 y3 = (x1 - x3) - y1 and is the slope of the line and is given by following formula = (3x12+a)/2y1 if x1 = x2 = (y2-y1)/(x2-x1) otherwise
9

Point Doubling
Point doubling is the addition of a point J on the elliptic curve to itself to obtain another point L on the same elliptic curve.

10

Point Multiplication
In point multiplication a point P on the elliptic curve is multiplied with a scalar k using elliptic curve equation to obtain another point Q on the same elliptic curve i.e. kP=Q Point multiplication is achieved by two basic elliptic curve operations Point addition Point doubling,

For example If k = 23 then kP = 23.P = 2(2(2(2P) + P) + P) + P.

11

Elliptic Curve Cryptosystem

Majority of public key cryptosystems (RSA,D-H) use either integer or polynomial arithmetic with very large numbers/polynomials.

Imposes a significant load in storing and processing keys and messages. An alternative is to use elliptic curves that offers same security with smaller bit sizes. The security of ECC depends on the difficulty of Elliptic Curve Discrete Logarithm Problem. Let P and Q be two points on an elliptic curve such that kP = Q, where k is a scalar. Given P and Q, it is computationally infeasible to obtain k, if k is sufficiently large. k is the discrete logarithm of Q to the base P.

12

Elliptic Curve Domain parameters

Apart from the curve parameters a and b, there are other parameters that must be agreed by both parties involved in secured and trusted communication using ECC. These are called domain parameters. The domain parameters for Elliptic curve over Fp are p, a, b, g, n and h, where
p is the prime number defined for finite field Fp a and b are the parameters defining the curve y2 mod p= x3 + ax + b mod p. g is the generator point (xg, yg), a point on the elliptic curve chosen for cryptographic operations. n is the order of the elliptic curve. h is the cofactor where h = #E(Fp)/n. #E(Fp) is the number of points on an elliptic curve.
13

ECDH - Elliptic Curve Diffie Hellman

ECDH is a key agreement protocol that allows two parties to establish a shared secret key that can be used as a private key for encryption algorithms. Both parties exchange some public information to each other. Using this public data and their own private data these parties calculates the shared secret. Any third party, who doesn't have access to the private details of each device, will not be able to calculate the shared secret from the available public information.

For generating a shared secret between A and B using ECDH, both have to agree up on Elliptic Curve domain parameters.
14

ECDH.
Both end have a key pair consisting of a private key d (a randomly selected integer less than n) and a public key Q = d * G (G is the generator point, an elliptic curve domain parameter). Let (dA, QA) be the private key - public key pair of A and (dB, QB) be the private key - public key pair of B
The end A computes K = (xK, yK) = dA * QB The end B computes L = (xL, yL) = dB * QA Since dAQB = dAdBG = dBdAG = dBQA. Therefore K = L and hence xK = xL Hence the shared secret is xK.

It is practically impossible to find the private key dA or dB from the public key K or L, its not possible to obtain the shared secret for a third party.

15

The Advantages of Elliptic Curve Cryptography

The biggest advantage of elliptic curve cryptography is the drastic reduction in overhead associated with it. Take this side by side comparison of required key sizes to achieve different levels of security for RSA modulus n and an elliptic curve system with a security parameter n.

Security Level (bits) 80 256

RSA key length (bits) 1,024 15,360

Elliptic curve key length (bits) 160 512

16

Elliptic Curve Security

The security of the Elliptic Curve algorithm is based on the fact that it is very difficult (as difficult as factoring) to solve the Elliptic Curve Discrete Logarithm Problem:

Given two points P and Q where Q = kP, find the value of k .

17

Applications of ECC
Many devices are small and have limited storage and computational power Where can we apply ECC?
o Wireless communication devices o Smart cards o Web servers that need to handle many encryption sessions o Any application where security is needed but lacks the power, storage and computational power that is necessary for our current cryptosystems
18

Benefits of ECC
Same benefits of the other cryptosystems: confidentiality, integrity, authentication and nonrepudiation but Shorter key lengths
o Encryption, Decryption and Signature Verification speed up o Storage and bandwidth savings

19

References
http://www.dkrypt.com/home/ecc http://en.wikipedia.org/wiki/Elliptic_Curve_DSA Elliptic Curves and Their Application to Cryptography-An Introduction By Andreas En.ge ,KLUWER ACADEMIC PUBLISHERS. HANDBOOK OF ELLIPTIC AND HYPERELLIPTIC CURVE CRYPTOGRAPHY by HENRY COHEN & GERHARD FREY , Roberto Avanzi, Christophe Doche, Tanja Lange,Kim Nguyen, and Frederik Vercauteren CHAPMAN & HALL/CRC,TAYLOR & FRANCIS GROUP , Boca Raton London New York Singapore. http://citeseer.ist.psu.edu/old/392717.html http://www.secg.org/download/aid-385/sec1_final.pdf http://www.secg.org/download/aid-386/sec2_final.pdf http://www.certicom.com/index.php?action=ecc_tutorial,home

20

Thanks for Listening!

21