Elliptic Curve Cryptography Applications of Elliptic Curve - - PowerPoint PPT Presentation

elliptic curve cryptography
SMART_READER_LITE
LIVE PREVIEW

Elliptic Curve Cryptography Applications of Elliptic Curve - - PowerPoint PPT Presentation

Apr 25, 2023 672 likes •858 views

Cryptography Elliptic Curve Cryptography Overview of Elliptic Curve Cryptography Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography Cryptography in OpenSSL School of Engineering and

slide-1
SLIDE 1

Cryptography Elliptic Curve Cryptography Overview of Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography in OpenSSL

1/17

Elliptic Curve Cryptography

Cryptography

School of Engineering and Technology CQUniversity Australia

Prepared by Steven Gordon on 15 Apr 2020, elliptic.tex, r1850

slide-2
SLIDE 2

Cryptography Elliptic Curve Cryptography Overview of Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography in OpenSSL

2/17

Contents

Overview of Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography in OpenSSL

slide-3
SLIDE 3

Cryptography Elliptic Curve Cryptography Overview of Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography in OpenSSL

3/17

Elliptic Curve (definition)

An elliptic curve is defined by: y2 = x3 + ax + b (with some constraints of constants a and b)

slide-4
SLIDE 4

Cryptography Elliptic Curve Cryptography Overview of Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography in OpenSSL

4/17

Elliptic Curve for y 2 = x3 − 3x + 5

Credit: Generated based on MIT Licensed code by Fang-Pen Lin

slide-5
SLIDE 5

Cryptography Elliptic Curve Cryptography Overview of Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography in OpenSSL

5/17

Addition Operation with an Elliptic Curve (definition)

Select two points on the curve, A and B, and draw a straight line through them. The line will intersect with the curve at a third point, R (and no other points). The horizontal inverse

  • f point R, is defined as the addition of A and B.

A + B = −R

slide-6
SLIDE 6

Cryptography Elliptic Curve Cryptography Overview of Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography in OpenSSL

6/17

Addition Operation on Elliptic Curve

Credit: Generated based on MIT Licensed code by Fang-Pen Lin

slide-7
SLIDE 7

Cryptography Elliptic Curve Cryptography Overview of Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography in OpenSSL

7/17

Self Addition on Elliptic Curve

Credit: Generated based on MIT Licensed code by Fang-Pen Lin

slide-8
SLIDE 8

Cryptography Elliptic Curve Cryptography Overview of Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography in OpenSSL

8/17

P + 2P on Elliptic Curve

Credit: Generated based on MIT Licensed code by Fang-Pen Lin

slide-9
SLIDE 9

Cryptography Elliptic Curve Cryptography Overview of Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography in OpenSSL

9/17

NP on Elliptic Curve

Credit: Generated based on MIT Licensed code by Fang-Pen Lin

slide-10
SLIDE 10

Cryptography Elliptic Curve Cryptography Overview of Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography in OpenSSL

10/17

How is Point Addition used in Elliptic Curve Cryptography?

◮ User chooses a point P (global public parameter) ◮ User chooses a large, random N (private key) ◮ User calculates NP (public key)

◮ Easy, since there is a shortcut (described shortly)

◮ Challenge for attacker: given NP, find N

◮ Computationally hard for large N

slide-11
SLIDE 11

Cryptography Elliptic Curve Cryptography Overview of Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography in OpenSSL

11/17

Shortcut for Calculating NP

◮ Assume N is large, e.g. 256-bit random number ◮ Naive point addition: P + P + P + P + . . . + P + P (2256 − 1 additions) ◮ Shortcut algorithm for point addition:

◮ Calculate P, P + P = 2P = 21P, 2P + 2P = 4P = 22P, 4P + 4P = 8P = 23P, . . . , 2255P (255 additions) ◮ Write N as binary expansion, e.g.:

◮ N = 233 = 27 + 26 + 25 + 23 + 20 ◮ NP = 27P + 26P + 25P + 23P + 20P ◮ In this example, there are 4 point additions ◮ Maximum number of point additions for 256-bit N is 255

◮ Calculate NP using the binary expansion ◮ Maximum number of point additions for 256-bit N: 255 + 255 = 510

slide-12
SLIDE 12

Cryptography Elliptic Curve Cryptography Overview of Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography in OpenSSL

12/17

Elliptic Curve with Modular Arithmetic

◮ The above discussed a normal elliptic curve ◮ But to ensure all values contained within finite coordinate space, modular arithmetic is used ◮ y2 mod p = (x3 + ax + b) mod p ◮ p is a prime number

slide-13
SLIDE 13

Cryptography Elliptic Curve Cryptography Overview of Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography in OpenSSL

13/17

Contents

Overview of Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography in OpenSSL

slide-14
SLIDE 14

Cryptography Elliptic Curve Cryptography Overview of Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography in OpenSSL

14/17

Applications of ECC

◮ Secret key exchange, e.g. ECDH, ECMQV ◮ Digital signatures, e.g. ECDSA, EC-KCDSA ◮ Public key encryption, e.g. ECIES, PSEC

slide-15
SLIDE 15

Cryptography Elliptic Curve Cryptography Overview of Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography in OpenSSL

15/17

Elliptic Curve Diffie-Hellman Key Exchange (algorithm)

Assume users A and B have EC key pairs: PUA = NP, PRA = N, PUB = MP, PRB = M.

  • 1. User A calculates secret SA = N · PUB = NMP using

shortcut point addition.

  • 2. User B calculates secret SB = M · PUA = MNP using

shortcut point addition.

slide-16
SLIDE 16

Cryptography Elliptic Curve Cryptography Overview of Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography in OpenSSL

16/17

Choosing Parameters for ECC

◮ Parameters for ECC are usually standardised

◮ Base point, P (also referred to as generator, G) ◮ Curve parameters, a and b ◮ Prime, p ◮ Other parameters also included

◮ Common curves (see also https://safecurves.cr.yp.to/):

◮ NIST FIPS 186: P-256, P-384 and 13 others ◮ SECG: secp160k1, secp160r1, . . . (NIST curves are a subset) ◮ ANSI X9.62: prime192, prime256, . . . ◮ Other curves: Curve25519, Brainpool

slide-17
SLIDE 17

Cryptography Elliptic Curve Cryptography Overview of Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography in OpenSSL

17/17

Contents

Overview of Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography in OpenSSL