Contributors - CyberSecurity Malaysia

More documents

Recommendations

Info

20.Elliptic Curve CryptographyIntroductionECC - Elliptic CurveThis article is to introduce readers to the subject of EllipticCurve Cryptography. Topics that will be discussed herecover the basics of Elliptic Curve Cryptography and someof the basic mathematical calculations used over theelliptic curve.Elliptic Curve Cryptography (ECC) was introduced by NealKoblitz and Victor S. Miller in 1985. It is an approach topublic-key cryptography based on the algebraic structureof the elliptic curve over finite fields. Two advantages ofECC compared to RSA are: ECC is faster than RSA, and ECCuses a smaller key size compared to RSA. This comparisonis made at a point where both ECC and RSA provide thesame level of security. ECC is better than RSA because itis based on the elliptic curve discrete logarithm problem,a much harder problem than factoring integers. Table 1shows the comparison of security level in terms of keysizes in ECC and RSA.a) GF(p)The field GF(p) uses numbers from 0 to p-1, and thevalue of its computations end by taking the remainderon division by p. For example, in GF(11), the fieldcreates the integers from 0 to 10, and every operationwithin this field will result in an integer between 0 to 10.An elliptic curve with the essential field of GF(p) can beformed by choosing the variable of a and b within thefield of GF(p). The elliptic curve includes all points (x,y)which satisfy the elliptic curve equation modulo p wherethe value of x and y are numbers in GF(p).Example 1:y2 mod p = x3 + ax + b mod p has an underlying field ofGF(p) if the value of a and b are in GF(p).An elliptic curve group over GF(p) consists of the pointson the corresponding elliptic curve, together with aspecial point O called the point at infinity. There aremany points on an elliptic curve.For example, lets say we have an elliptic curve over thefield GF(p) with the value of a = 3 and b = 7. Then theelliptic curve equation is y2 = x3 +3x + 7.Table 1: Comparison of Security Levels in terms of Key Sizebetween ECC and RSA.Each cryptosystem, is based on a hard mathematicalproblem, which means it is computationally infeasibleto solve. The Elliptic Curve Cryptography relies on thedifficulty of solving the discrete logarithm problem for agroup of elliptic curves over finite fields such as GaloisFields (GF) and integers modulo a prime number.An elliptic curve is a plane curve defined by an equationof the form y2 = x3 + ax + b, where a, b, x and y are realnumbers. The elliptic curve can be changed with variousvalues of a and b. An elliptic curve over real numbersconsists of the points on the corresponding elliptic curve.ECC makes use of the additional operation of ellipticcurves.The nine points which satisfy this equation are:(1, 0) (5, 2) (5, 9) (8, 2) (8, 9) (9, 2) (9, 9) (10, 5) (10,6)All the points above can be achieved using the ellipticcurve equation as mentioned before. For example,below is the method on how to get all the points.The point (9, 2) satisfies this equation since:y2 mod p = x3 + 3x + 7 mod p22 mod 11 = 93 + 3(9) + 7 mod 114 mod 11 = 763 mod 114 = 4.There are two types of finite fields used in Elliptic CurveCryptography: fields of the form GF(p) with p as a primenumber, and fields of the form GF(2n) with n as a positiveinteger.
Graph 1 shows all the satisfied points.(g3)2 + g5g3 = (g5)3 + g4(g5)2 + 1g6 + g8 = g15 + g14 + 121.(1100) + (0101) = (0001) + (1001) + (0001)(1001) = (1001)The 15 points which satisfy this equation are:(1, g13) (g3, g13) (g5, g11) (g6, g14)(g9, g13) (g10, g8) (g12, g12) (1, g6)(g3, g8) (g5, g3) (g6, g8) (g9, g10)(g10, g) (g12, 0) (0, 1)Graph 1: Graph showing all nine points using the elliptic curveequation: y2 = x3 + 3x + 7 over GF(11) using a = 3;b = 7.b) GF(2n)The field GF(2n) consists of n-bit strings. The regulationsfor arithmetic on this field can be defined by using apolynomial representation.These points are shown in graph 2:An elliptic curve with the essential field of GF(2n) canbe formed by choosing the elements of a and b withinGF(2n), where b is not equal to 0. Since the outcomeof the field GF(2n) has two characteristics which are 0and 1, the elliptic curve equation is slightly adjusted forbinary representation:y2 + xy = x3 + ax2 + b.The elliptic curve includes all points (x, y) which satisfythe elliptic curve equation GF(2n) where the value of xand y are elements of GF(2n). An elliptic curve groupover GF(2n) consists of the points on the correspondingelliptic curve, together with a point O called the pointat infinity. There are finitely many points on an ellipticcurve. For this field, the additional operation with bitstringuses an XOR function.Example 2:GF(24) defined by using polynomial representation withirreducible polynomialf(x) = x4 + x + 1The element g = (0010) is a generator for the field.The powers of g are:g0 = (0001) g1 = (0010) g2 = (0100) g3 = (1000)g4 = (0011) g5 = (0110) g6 = (1100) g7 = (1011)g8 = (0101) g9 = (1010) g10 = (0111) g11 = (1110)g12 = (1111) g13 = (1101) g14 = (1001) g15 = (0001)Consider the elliptic curve y2 + xy = x3 + g4x2 + 1. Herea = g4 and b = g0 = 1. The point (g5, g3) satisfies thisequation over GF(2n):y2 + xy = x3 + g4x2 + 1Graph 2: Graph showing all 15 points using the elliptic curveequation: y2 + xy = x3 + g4x2 + 1 over GF(24) using a =g4; b = g0.ECC – Encryption & DecryptionFor this part, we will only consider the Elliptic Curve usingGF(P). Therefore, the example will employ data fromExample 1.a) AddingAdding points are obtained by adding all nine points ona curve using the following method.(x1, y1) + (x2, y2) = (x3, y3)if x1 ≠ x2 d = (y1 – y2)/(x1 - x2)if x1 = x2 and y1 = y2 d = (3x12 + a)/2y1 x3 = d2 – (x1 + x2) y3 = d(x1 – x3) – y1For this example, each point on the curve will providenine Adding points.Therefore, there will be 81 Adding points for thisGF(11).e-Security | <strong>CyberSecurity</strong> <strong>Malaysia</strong> | Volume 21 - (Q4/2009)
Page 1: Volume 21 - (Q4/2009)“Companies s
Page 4 and 5: 4.MyCERT 4th Quarter 2009 SummaryRe
Page 6 and 7: 6.USB PortA culprit to ICT Security
Page 8 and 9: 8.Specific device setup classes can
Page 10 and 11: 10.ConclusionReferencesUSB removabl
Page 12 and 13: 12.Figure 9: Interpreting “Active
Page 14 and 15: 14.7. A list of time zone propertie
Page 16 and 17: 16.allowing you to specify which da
Page 18: 18.Guide to Motion Compensation (Ph
Page 23 and 24: CyberdatingHow to Have Funbut Stay
Page 25 and 26: find them. If anything goes wrong,
Page 27 and 28: 27.What could be the threats to ena
Page 29 and 30: 29.InternetRadio Frequency Identifi
Page 31 and 32: Common Criteria andNational Cyber S
Page 33 and 34: 33.Case Study: US Government Direct
Page 35 and 36: has caused a US$2.25 million fine t
Page 37 and 38: 37.lewat sampai pada penerima ataup
Page 39 and 40: For instance TM, Malaysia’s large

Contributors - CyberSecurity Malaysia

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?