Elliptic Curve Crypto & ECC Diffie-Hellman
description
Transcript of Elliptic Curve Crypto & ECC Diffie-Hellman
![Page 1: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/1.jpg)
Elliptic Curve Crypto &
ECC Diffie-Hellman
Presenter: Le Thanh Binh
![Page 2: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/2.jpg)
Outline
1. What is Elliptic Curve ?
2. Addition on an elliptic curve
3. Elliptic Curve Crypto (ECC)
4. ECC Diffie–Hellman
![Page 3: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/3.jpg)
Lets start with a puzzle…• What is the number of balls that may be
piled as a square pyramid and also rearranged into a square array?
![Page 4: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/4.jpg)
Lets start with a puzzle…• What is the number of balls that may be
piled as a square pyramid and also rearranged into a square array?
• Sol: Let x be the height of the pyramid… Thus,
We also want this to be a square: Hence,
(4900 balls) y=70
![Page 5: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/5.jpg)
Graphical Representation
Curves of this nature are called ELLIPTIC
CURVES
![Page 6: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/6.jpg)
What is an Elliptic Curve ?
• An elliptic curve E is the graph of an equation of the form
y2 = x3 + ax + b
“Elliptic curve” is not a cryptosystem
![Page 7: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/7.jpg)
Addition on an elliptic curve mod p
The Elliptic Curve E
![Page 8: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/8.jpg)
Addition on an elliptic curve mod p
Start with two points P and Q on E
![Page 9: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/9.jpg)
Addition on an elliptic curve mod p
Draw the line L through P and Q.
![Page 10: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/10.jpg)
Addition on an elliptic curve mod pThe line L intersects the cubic curve E in a third
point. Call that third point R.
![Page 11: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/11.jpg)
Addition on an elliptic curve mod pDraw the vertical line through R.
It hits E in another point.
![Page 12: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/12.jpg)
Addition on an elliptic curve mod pWe define the sum of P and Q on E to be the
reflected point. We denote it by P ⊕ Q or just P + Q
![Page 13: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/13.jpg)
Addition on an elliptic curve mod p
If P1 and P2 are on E, we can define P3 = P1 + P2
P1
P2
P3
x
y
![Page 14: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/14.jpg)
Addition on an elliptic curve mod pSuppose that we want to add the points
on the elliptic curve
Let the line connecting P1 to P2 be
L : y = mx + vExplicitly, the slope and y-intercept of L are given by
![Page 15: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/15.jpg)
Addition on an elliptic curve mod pWe find the intersection of
by solving
We already know that x1 and x2 are solutions, so we can find the third solution x3 by comparing the two sides of
Equating the coefficients
and hence
Then we compute y3
And finally
![Page 16: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/16.jpg)
![Page 17: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/17.jpg)
Addition on an elliptic curve mod p
ExampleConsider y2 = x3 + 2x + 3 (mod 5)
x = 0 y2 = 3 no solution (mod 5)x = 1 y2 = 6 = 1 y = 1,4 (mod 5)
x = 2 y2 = 15 = 0 y = 0 (mod 5)
x = 3 y2 = 36 = 1 y = 1,4 (mod 5)x = 4 y2 = 75 = 0 y = 0 (mod 5)
Then points on the elliptic curve are(1,1) (1,4) (2,0) (3,1) (3,4) (4,0) and the
point at infinity:
What is (1,4) + (3,1) = P3 = (x3,y3)?
![Page 18: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/18.jpg)
Consider y2 = x3 + 2x + 3 (mod 5)What is (1,4) + (3,1) = P3 = (x3,y3)?
P1
P2
P3
x
y
y=mx+v
y2=x3+Ax+B
Addition on an elliptic curve mod p
m = (1-4)(3-1)-1 = -32-1
((a mod n)(b mod n)) mod n = ab mod n
= (2)(3) mod 5
= 6 mod 5
= 1
= ((-3 mod 5)(2-1 mod 5))mod5
![Page 19: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/19.jpg)
Consider y2 = x3 + 2x + 3 (mod 5)What is (1,4) + (3,1) = P3 = (x3,y3)?
Addition on an elliptic curve mod p
m = 1 x3 = 1 - 1 - 3 = 2 (mod 5)
y3 = 1(1-2) - 4 = 0 (mod 5)
On this curve, (1,4) + (3,1) = (2,0)
P1
P2
P3
x
y
y=mx+v
y2=x3+Ax+B
![Page 20: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/20.jpg)
Elliptic Curve Crypto (ECC)
Elliptic curve cryptography [ECC] is a
public-key cryptosystem (just like RSA)
![Page 21: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/21.jpg)
Public Public
Private Private
Public-key cryptosystem
![Page 22: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/22.jpg)
Public PublicPublic-key cryptosystem
![Page 23: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/23.jpg)
???
Secret SecretPublic-key cryptosystem
![Page 24: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/24.jpg)
Addition on an elliptic curve
![Page 25: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/25.jpg)
ECC Diffie-Hellman• Public: Elliptic curve and point (x,y) on curve• Private: Alice’s A and Bob’s B
Alice, A Bob, B
A(x,y)
B(x,y)
Alice computes A(B(x,y)) Bob computes B(A(x,y)) These are the same since AB = BA
![Page 26: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/26.jpg)
• Public: Curve y2 = x3 + 7x + b (mod 37) and point (2,5) b = 3
• Alice’s private: A = 4• Bob’s private: B = 7• Alice sends Bob: 4(2,5) = (7,32)• Bob sends Alice: 7(2,5) = (18,35)• Alice computes: 4(18,35) = (22,1)• Bob computes: 7(7,32) = (22,1)
ECC Diffie–Hellman - Example
Addition 4 times
![Page 27: Elliptic Curve Crypto & ECC Diffie-Hellman](https://reader035.fdocument.pub/reader035/viewer/2022081505/56816387550346895dd472b3/html5/thumbnails/27.jpg)
THANK YOU FOR LISTENING----------- THE END ------------
http://www-cs-students.stanford.edu/~tjw/jsbn/ecdh.html
Demonstration