Basic Elliptic Curve Cryptography

1
Basic Elliptic Curve Cryptography

• 1Lt Peter Hefley
• 90 OSS Instructor
• Fall 06

2
Content Overview

• Elliptic Curve Overview
• Key Development
• Encryption Scheme
• Why Elliptic Curve?

3
What is an elliptic curve?

• A type of cubic curve
• General elliptic curve
• Over a field K
• Field Characteristic ¹ 2,3
• Can be expressed y2 x3 ax b
• Usually denoted E(a,b)

y2 x3 - 4x .67
4
Law of Addition

• P1 P2 P3

5
Law of Addition

• P1 P2 P3
• Establish P1 and P2

6
Law of Addition

• P1 P2 P3
• Establish P1 and P2
• Draw a line between the two

7
Law of Addition

• P1 P2 P3
• Establish P1 and P2
• Draw a line between the two
• Let the intersect point be Q

8
Law of Addition

• P1 P2 P3
• Establish P1 and P2
• Draw a line between the two
• Let the intersect point be Q
• Drop down from Q vertically to find P3

9
Law of Addition Special Cases

• Identity Element
• Adding a point to itself
• Take a TANGENT line to the curve at that point
• Now consider all of this Modulo a prime!

10
Multiplication on Elliptic Curves

• Multiplication is intuitive
• Take a point P
• 3P (P P) P

11
Key Generation

• Alice chooses two large primes
• Such that p º q º 2 (mod 3)
• Alice calculates n p q
• Alice calculates Nn lcm( p1, q1 )
• Alice chooses e such that gcd( e, Nn ) 1

12
More Key Generation

• Alice computes d such that
• ed º 1 (mod Nn)
• Alices Private Key d, p, q, and Nn
• Alices Public Key n, e

13
Encryption Scheme

• Plaintext M ( mx, my ) where mx, my Î Zn
• M must be on the Elliptic Curve En(0,b)
• b is determined by M
• Bob encrypts M to Alice
• C E(M) e M over En(0,b)
• Bob sends the ciphertext C ( cx, cy ) to Alice

14
Decryption Scheme

• Alice decrypts C from Bob
• M D(C) d C over En(0,b)

15
Diffie-Hellman Key Exchange
(E,P)

• Public Elliptic curve E and point P
• Private
• Alice a
• Bob b
• Agreed upon key is KabP

Alice
Bob
a
b
AaP
BbP
Ka(B)abPb(A)
16
Why Elliptic Curve?

• It seems so complex
• Why go to all the trouble

17
Comparison

• Lets look at RSA!
• Widely accepted
• Still used
• Growing size of keys to accommodate increased
  computing power

18
Key Size Equivalent Strength Comparison
Time to Break (MIPS/Yrs) RSA/DSA Key Size ECC Key Size RSAECC Key Size Ratio
104 512 106 51
108 768 132 61
1011 1024 160 71
1020 2048 210 101
1078 21000 600 351
19
Why Elliptic Curve?

• It is strong for its size!
• Easily implemented in embedded systems
• NSA Suite B uses this for half of its algorithms

20
Suite B Algorithms
Encryption AES (FIPS-197)
Digital Signature Elliptic Curve Digital Signature Algorithm (FIPS 186-2)
Key Exchange Elliptic Curve Diffie-Hellman or MQV (Draft NIST SP 800-56)
Hashing Secure Hash Algorithm (FIPS 180-2)
21
Basic Elliptic Curve Cryptography

• 1Lt Peter Hefley
• 90 OSS Instructor
• Fall 06

Peter.Hefley_at_warren.af.mil www.cryptografix.net
Cell (412) 721-7631
22
Resources

• New Public-Key Schemes Based on Elliptic Curves
  over the Ring Zn by Koyama et ali.
• The State of Elliptic Curve Cryptography by
  Koblitz et ali.
• MathWorld Online

23
More Resources

• Introduction to Cryptography with Coding Theory
  by Wade Trappe and Lawrence Washington
• ICSA Guide to Cryptography (Tables)
• IEEE Standard 1364