Chapter 5: Elliptic Curve Cryptography

Introduction

Chapter 4 introduced exchanging keys using Diffie-Hellman and RSA. Both algorithms use Discrete Logarithms. Another algorithm that has become very important in cryptography is the elliptic curve. The elliptic curve is used for finding points on an ellipse and is used for Elliptic Curve Cryptography (ECC). The benefit of the ECC is that performance is faster, and it gives the same strength as RSA with a smaller key size . According to RSA Laboratory's findings (take a look at their site at www.rsasecurity.com/ ), the ECC key length of 192 bits has the same strength of the RSA key length of 1020 bits. Cracking a key that size with a brute force attack would take 114 computers with a total of 170 GB of memory and 3 million years . The principal attraction of ECC is the smaller bit size for the same strength as a larger RSA key bit size.

Just like the Diffie-Hellman and RSA algorithms, the ECC uses keys in the discrete range, meaning that only positive integers are used. All numbers must be finite and have a range of 0 to an agreed-upon number. As reviewed in Chapter 4, the exponential curve is somewhat straight after it reaches a certain point on the graph. The benefit of the elliptic curve is that various curves follow a curve formula with a discrete set of points, and finding a specific point on a curved line is more difficult.

The range of the elliptic curve could be from 0 to 23, a very low number, but the complexity of the curve, or the curviness, could generate many points on the curve. The complexity of the formula of the curve makes it difficult to guess at its sequence. The straighter the curve, the easier it is to guess at its sequence. Figures 5-1 and 5-2 illustrate the difference between some curves.

Figure 5-1: Curvier

Figure 5-2: Less curvy

The elliptic curve uses points on the x,y coordinate system. For example, a point labeled P3 is described as (-1, -2). The x-coordinate is -1 units and the y-coordinate is -2 units. The coordinate is based on where the two lines intersect to form a point.

The special thing about elliptic curves is the unique characteristics that make up the points on the coordinate system. Unlike some other shapes , adding a point on an elliptic curve to another point on the curve results in a point on the curve that does not have any obvious pattern.

Another special property of elliptic curves is the scalar multiplication. For instance, multiplying a point times a number is called scalar multiplication and can only be performed one way, meaning that the original point cannot be derived from the result. For example, if the original point is P0 , then P1=2*P0 is the same as P1=P0+P0 and P2=3*P0 equals P2=P0+P0+P0; each of these points is different, and P0 cannot be derived from either P1 or P2 .