Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS 627 Elliptic Curves and Cryptography Paper by: Aleksandar Jurisic, Alfred J. Menezes Published: January 1998 Presented by: Sagar Chivate.

Published byHubert Alexander Modified over 8 years ago

Similar presentations

Presentation on theme: "CS 627 Elliptic Curves and Cryptography Paper by: Aleksandar Jurisic, Alfred J. Menezes Published: January 1998 Presented by: Sagar Chivate."— Presentation transcript:

1 CS 627 Elliptic Curves and Cryptography Paper by: Aleksandar Jurisic, Alfred J. Menezes Published: January 1998 Presented by: Sagar Chivate

2 Background in elliptic curves If p is a prime greater than 3 and Z p is group of non-zero elements under the operation of multiplication modulo p. Z p = {1, 2, …, p-1} Then an elliptic curve E over Z P is defined by the equation: y 2 = x 3 + ax + b where, a, b ∊ Z p and 4a 3 + 27b 2  0 (mod p), together with special point O, called as point at infinity.

3 Example of elliptic curve Let p = 23, a = 1, b = 1 Note: 4a 3 + 27b 2 = 8 (mod 23)  0 E : y 2 = x 3 + x + 1 The points on E(Z 23 ) are O and following: (0,1) (6,4) (12,19) (0,22) (6,19) (13,7) (1,7) (7,11) (13,16) (1,16) (7,12) (17,3) (3,10) (9,7) (17,20) (3,13) (9,16) (18,3) (4,0) (11,3) (18,20) (5,4) (11,20) (19,5) (5,19) (12,4) (19,18)

4

5 Elliptic curve addition If P, Q ∊ E(Z p ) then, 1.P + O = O + P = P 2.If P = (x,y) then –P = (x,-y) and P + (-P) = O 3.If P = (x 1, y 1 ) and Q = (x 2, y 2 ) and P  -Q then, P + Q = (x 3, y 3 ) where, x 3 = 2 – x 1 – x 2 andy 3 = (x 1 – x 3 ) – y 1 = y 2 – y 1 if P  Q, = 3x 1 2 + aif P = Q x 2 – x 1 2y 1

6 Elliptic curve discrete logarithm problem Select elliptic curve E(Z p ) such that the number of points in E are divisible by a large prime n. Then, The “hard” mathematical problem is: Given an elliptic curve E defined over Z p, a point P ∊ E(Z p ) of order n, and a point Q ∊ E(Z p ), determine the integer d, 0 <= d <= n-1, such that Q = dP, provided that d exists.

7 Digital Signature Algorithm (DSA)

8 Elliptic Curve Digital Signature Algorithm (ECDSA) ECDSA key pair generation: 1.Entity A selects an elliptic curve E defined over Z p. The number of points in E(Z p ) should be divisible by a large prime n. 2.Select a point P = E(Z p ) of order n. 3.Select a statistically unique and unpredictable integer d in the interval [1, n-1]. 4.Compute Q = dP. 5.A’s public key is (E, P, n, Q). A’s private key is d.

9 ECDSA…contd. ECDSA signature generation: 1.Entity A selects a statistically unique and unpredictable integer k in the interval [1, n-1]. 2.Compute kP = (x 1, y 1 ) and r = x 1 mod n. To avoid a security condition, r should not equal 0. If r = 0 go to step 1. 3.Compute k -1 mod n. 4.Compute s = k -1 {h(m) + dr} mod n. h is the Secure Hash Algorithm (SHA-1). 5.If s = 0, then go to Step 1. If s = 0, then s -1 mod n does not exist and s -1 is required in the signature verification process. 6.The signature for the message m is the pair of integers (r, s).

10 ECDSA…contd. ECDSA signature verification: 1.Entity B obtains an authentic copy of Entity A’s public key (E, P, n, Q). 2.Verify that r and s are integers in the interval [1, n-1]. 3.Compute w = s -1 mod n and h(m). 4.Compute u 1 = h(m)w mod n and u 2 = rw mod n. 5.Compute u 1 P + u 2 Q = (x 0, y 0 ) and v = x 0 mod n. 6.Entity B accepts the signature if and only if v =r.

11 Security Issues The best algorithm known to date is Pollard rho-method which takes about   n / 2 steps, where a step is an elliptic curve addition. Software attacks Hardware attacks Build a hardware for a parallel search using Pollard rho-method. Size of n (in bits)   n / 2 MIPS years 1602 80 9.6*10 11 2342 117 1.6*10 23 4262 213 1.0*10 52

12

13 Advantages of ECC Equivalent ECC key size is 160 bits as compared to 1024 bit size of RSA ECC does not require prime numbers and exponential processing for encryption. ECC offers considerable bandwidth savings when being used to transform short messages. Disadvantages of ECC Hyper-elliptic cryptosystems offer even smaller key sizes ECC is mathematically more difficult to explain to client Confidence level in ECC is not as high as RSA

14 Applications Elliptic curves are used in: Factoring integers Primality proving Public key cryptography Implementations of ECC are particularly beneficial in applications where bandwidth, processing capacity, power availability, or storage is constrained. Such applications include: Wireless transactions Handheld computing Broadcast and Smart card applications.

15 Conclusion Elliptic Curves should receive rigorous testing before it is actually implemented in large networks, but it should provide a solution to many of the problems facing public-key encryption in general.

16 Thank you!

Download ppt "CS 627 Elliptic Curves and Cryptography Paper by: Aleksandar Jurisic, Alfred J. Menezes Published: January 1998 Presented by: Sagar Chivate."

Similar presentations

Key Management Nick Feamster CS 6262 Spring 2009.

Key Management Nick Feamster CS 6262 Spring 2009.
Public Key Cryptography INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh.

Public Key Cryptography INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh.
Cryptography and Network Security

Cryptography and Network Security
YSLInformation Security -- Public-Key Cryptography1 Elliptic Curve Cryptography (ECC) For the same length of keys, faster than RSA For the same degree.

YSLInformation Security -- Public-Key Cryptography1 Elliptic Curve Cryptography (ECC) For the same length of keys, faster than RSA For the same degree.
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Electronic Payment Systems 20-763 Lecture 6 Epayment Security II.

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 6 Epayment Security II.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Digital Signature Algorithm (DSA) Kenan Gençol presented in the course BIL617 Cryptology instructed by Asst.Prof.Dr. Nuray AT Department of Computer Engineering,

Digital Signature Algorithm (DSA) Kenan Gençol presented in the course BIL617 Cryptology instructed by Asst.Prof.Dr. Nuray AT Department of Computer Engineering,
CS470, A.SelcukElGamal Cryptosystem1 ElGamal Cryptosystem and variants CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukElGamal Cryptosystem1 ElGamal Cryptosystem and variants CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.

Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Cryptography1 CPSC 3730 Cryptography Chapter 13 Digital Signature Standard (DSS)

Cryptography1 CPSC 3730 Cryptography Chapter 13 Digital Signature Standard (DSS)
The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Topic 5 Essential Public Key Crypto Methods.

The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Topic 5 Essential Public Key Crypto Methods.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems 20-763 Lecture 6 Epayment Security II.

ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 6 Epayment Security II.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.5 Public Key Algorithms.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.5 Public Key Algorithms.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
ASYMMETRIC CIPHERS.

ASYMMETRIC CIPHERS.
Cryptography and Network Security Chapter 13

Cryptography and Network Security Chapter 13
Public Key Model 8. Cryptography part 2.

Public Key Model 8. Cryptography part 2.

Similar presentations

Ads by Google