Professional Documents
Culture Documents
Line gives
• Elliptic curve cryptography uses curves
NEGATIVE whose variables and coefficients are finite
of sum
• have two families commonly used:
– prime curves Ep(a,b) defined over Zp
NEGATION
• use integers modulo a prime p
• best in software
sum – binary curves E2m(a,b) defined over GF(2m)
• use polynomials with binary coefficients
• best in hardware
E23(1,1) Points on E23(1,1)
ECC Encryption/Decryption
• several alternatives, simplest like ElGamal
• must first encode any message M as a point on
the elliptic curve Pm
• select suitable curve and point G as in D-H
• receiver chooses private key nA < n
• receiver computes public key PA = nAG
• sender chooses private random key k
• sender encrypts Pm : Cm = {kG, Pm + kPb}
• decrypt Cm compute:
Pm + kPb – nB(kG)
kG) = Pm + k(n
k(nBG) – nB(kG) = Pm
Comparable Key Sizes for
ECC Security
Equivalent Security
• relies on elliptic curve logarithm problem Symmetric ECC-based RSA/DSA
scheme scheme (modulus size in
• fastest method is “Pollard rho method”
(key size in bits) (size of n in bits) bits)
• compared to factoring, can use much
smaller key sizes than with RSA etc 56 112 512