Presentation is loading. Please wait.

Presentation is loading. Please wait.

Elliptic Curve Cryptography Celia Li Computer Science and Engineering November 10, 2005.

Published byGeraldine Bathsheba Alexander Modified over 8 years ago

Similar presentations

Presentation on theme: "Elliptic Curve Cryptography Celia Li Computer Science and Engineering November 10, 2005."— Presentation transcript:

1 Elliptic Curve Cryptography Celia Li Computer Science and Engineering November 10, 2005

2 2 Content Introduction of Elliptic Curve Theory Elliptic Curve Diffie-Helman Protocol Elliptic Curve Digital Signature Authentication ECC Security Analysis

3 3 What is Elliptic Curve Cryptography (ECC) ? A public key encryption technique based on elliptic curve theory that can be used to create faster, smaller, and more efficient cryptographic keys

4 4 Elliptic Curve Over Real Numbers Set of Points (x, y): y 2 = x 3 + ax + b where x, y, a and b are real numbers. Includes all points (x, y) + a special point O, called the point at infinity Point O does not satisfy elliptic curve equation, but is needed for addition operation

5 5 Elliptic Curve Addition Adding distinct points P and Q  P=(x P, y P ), Q=(x Q, y Q ) are not negative of each other  P + Q = R where s= (y P -y Q )/ (x P -x Q ) x R = s 2 -x P -x Q y R = -y P +s (x P -x R )  s is the slope of the line through P and Q  Example: P(-2.35, -1.86), Q(-0.1, 0.836) –R(3.89, 5.62), R(3.89, -5.62) P+Q=R=(3.89, -5.62) P+Q=R

6 6 Elliptic Curve Addition Adding Points P and -P  Elliptic curve group includes the point at infinity O. P+(-P)=O  P+O=P  All elliptic curves have the point at infinity O P+(-P)=O

7 7 Elliptic Curve Addition Doubling the Point P if y P  0  P=(x P, y P ), y P  0  P+P=2P=R s= (3x P 2 +a)/ (2y P ) x R = s 2 -2x P y R = -y P +s (x P -x R )  Example: P(2, 2.65), –R(-1.11, -2.64), R(-1.11, 2.64) 2P=R=(-1.11, -2.64) P+P=2P=R

8 8 Elliptic Curve Addition Doubling the Point P if y P =0  P+P=2P=O  3P= 2P+P=O+P=P  4P= 3P+P=P+P=O  5P=P, 6P=O, 7P=P, etc 2P=O (1.1, 0)

9 9 Elliptic Curve Over Finite Field F z Major Difference between Elliptic Curve Over F z and Over Real Numbers  Elliptic curve over F z has a finite number of points  Unlike elliptic curve over real numbers, computations over F z involve no round off error  Computations are performed by modulo z

10 10 Set of points (x, y) satisfy y 2 = x 3 + ax + b mod z, where z is a prime number>3, a, b, x, y  F z Adding Distinct Points P and Q  P=(x p, y p ), -P=(x p, -y p mod z).  P+Q=R where s= (y P -y Q )/ (x P -x Q ) mod z x R = s 2 -x P -x Q mod z y R = -y P +s (x P -x R ) mod z Doubling the Point P if y p  0  2P=R where s= (3x P 2 +a)/ (2y P ) mod z x R = s 2 -2x P mod z y R = -y P +s (x P -x R ) mod z Elliptic Curve Over Finite Field F z

11 11 Conclude Elliptic Curve Theory Crucial Property of an Elliptic Curve  Define a rule for “ adding ” two points which are on the elliptic curve, to obtain a 3 rd point which is also on the elliptic curve  Include a special point O, which does not satisfy the elliptic curve equation Order of a Point  Order of a point P on the elliptic curve is the smallest integer r such that r*P=O

12 12 Elliptic Curve Discrete Logarithm Problem (ECDLP) Public-key cryptography systems use hard-to- solve problems as the basis of the algorithm  Prime factorization is a hard problem used by RSA ECDLP is a “hard” problem used by ECC  Given two points Q & G on elliptic curve, such that Q = d*G  Can we easily find integer d? Q is public key, d is private key Relatively easy to perform, but extremely difficult to reverse

13 13 Elliptic Curve Diffie-Helman Protocol Generates d Alice Computes Q Alice =d Alice *G Generates d Bob Computes Q Bob =d Bob *G Publish Curve Point Q Alice Publish Q Bob Computes P 1 =d Alice *Q Bob Computes P 2 =d Bob * Q Alice Use this computed point P 1 or P 2 as the shared secret key Message P 1 =P 2 =d Alice * d Bob * G Given a curve point G and the result of d*G, it is difficult to compute d. Q: public key d: private key G: a fixed point on elliptic curve =d Bob * (d Alice *G) =d Alice *(d Bob *G) = = shared secret key

14 14 Elliptic Curve Digital Signature Authentication Sends message m and her signature (r,s) r=0? Select a random number k  [1,n-1] Compute point P=k *G=(x,y) Compute r=x mod n e=SHA-1(m) Compute s=k -1 (e+d Alice *r) mod n s=0? No Yes Verify r and s are integers in the range [1, n-1] e=SHA-1(m) Compute w=s -1 mod n Compute u 1 =e*w and u 2 =r*w Point X=(x 1, y 1 )=u 1 *G+u 2 *Q Alice Signature of m is the pair (r,s) Yes No Reject Accept Alice’s signature if v=r Compute v=x 1 mod n X=O? Q Alice : public key d Alice : private key G: a point on elliptic curve n: order of point G, n*G=O (k*x)mod n=1  x=k -1 (29*35)mod78= 1

15 15 Security Analysis RSA Key Size Time to Break Key (MIPS Years) ECC Key Size for Equivalent Security RSA:ECC Key Size Ratio 51210 4 1065:1 76810 8 1326:1 1,02410 11 1607:1 2,04810 20 21010:1 21,00010 78 60035:1 ECC can offer same levels of security with small size keys comparable to RSA and other public key cryptography methods Designed for devices with limited memory, bandwidth, computational power, e.g. smartcards and PDAs

16 16 Reference Neal Koblitz, "Elliptic curve cryptosystems", Mathematics of Computation 48, 1987, pp203 – 209. V. Miller, "Use of elliptic curves in cryptography", CRYPTO 85, 1985. Blake, Seroussi, Smart, "Elliptic Curves in Cryptography", Cambridge University Press, 1999. Hankerson, Menezes, Vanstone, "Guide to Elliptic Curve Cryptography", Springer- Verlag, 2004. L. Washington, "Elliptic Curves: Number Theory and Cryptography", Chapman & Hall/CRC, 2003. B.Schneier. Applied Cryptography. John Wiley and Sons, second edition, 1996 Julio Lopez and Ricardo Dahab, “ An overview of elliptic curve cryptography ”, May 2000. V. Miller, “ Uses of elliptic curves in cryptography ”, Advances in Cryptology - CRYPTO'85, LNCS 218, pp.417-426, 1986. Robert Milson, “ Introduction to Public Key Cryptography and Modular Arithmetic ” William Stallings, Cryptography and Network Security-Principles and Practice second edition, Prentice Hall publications. R. Schroppel, H. Orman, S. O ’ Malley and O. Spatscheck, “ Fast key exchange with elliptic key systems ”, Advances in Cryptography, Proc. Crypto ’ 95, LNCS 963, pp. 43- 56, Springer-Verlag, 1995.

17 17 Thank You !

Download ppt "Elliptic Curve Cryptography Celia Li Computer Science and Engineering November 10, 2005."

Similar presentations

Public Key Cryptosystem

Public Key Cryptosystem
Public Key Cryptography INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh.

Public Key Cryptography INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh.
What is Elliptic Curve Cryptography?

What is Elliptic Curve Cryptography?
Elliptic curve arithmetic and applications to cryptography By Uros Abaz Supervised by Dr. Shaun Cooper and Dr. Andre Barczak.

Elliptic curve arithmetic and applications to cryptography By Uros Abaz Supervised by Dr. Shaun Cooper and Dr. Andre Barczak.
YSLInformation Security -- Public-Key Cryptography1 Elliptic Curve Cryptography (ECC) For the same length of keys, faster than RSA For the same degree.

YSLInformation Security -- Public-Key Cryptography1 Elliptic Curve Cryptography (ECC) For the same length of keys, faster than RSA For the same degree.
Elliptic Curve Cryptography (ECC) Mustafa Demirhan Bhaskar Anepu Ajit Kunjal.

Elliptic Curve Cryptography (ECC) Mustafa Demirhan Bhaskar Anepu Ajit Kunjal.
Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.

Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.
Keeping the Smart Grid Secure.  A smart grid delivers electricity from suppliers to consumers using digital technology to monitor (and optionally control)

Keeping the Smart Grid Secure.  A smart grid delivers electricity from suppliers to consumers using digital technology to monitor (and optionally control)
CS470, A.SelcukElGamal Cryptosystem1 ElGamal Cryptosystem and variants CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukElGamal Cryptosystem1 ElGamal Cryptosystem and variants CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.

Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.
Electronic Payment Systems Lecture 5: ePayment Security II

Electronic Payment Systems Lecture 5: ePayment Security II
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems 20-763 Lecture 6 Epayment Security II.

ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 6 Epayment Security II.
CPE5021 Advanced Network Security --- Advanced Cryptography: Elliptic Curve Cryptography --- Lecture 3 CPE5021 Advanced Network Security --- Advanced Cryptography:

CPE5021 Advanced Network Security --- Advanced Cryptography: Elliptic Curve Cryptography --- Lecture 3 CPE5021 Advanced Network Security --- Advanced Cryptography:
ASYMMETRIC CIPHERS.

ASYMMETRIC CIPHERS.
Cryptography and Network Security Chapter 13

Cryptography and Network Security Chapter 13
Lecture 6: Public Key Cryptography

Lecture 6: Public Key Cryptography

Similar presentations

Ads by Google