# Elliptic Curve Cryptography

Index TermsElliptic Curve Cryptography, Smart Cards, Discrete Logarithm problem

I.INTRODUCTION

Over the past 30 years, public key cryptography has become a mainstay for secure communications over the Internet and throughout many other forms of communications. It provides the foundation for both key management and digital signatures. In key management, public key cryptography is used to distribute the secret keys used in other cryptographic algorithms (e.g. DES). For digital signatures, public key cryptography is used to authenticate the origin of data and protect the integrity of that data. For the past 20 years, Internet communications have been secured by the first generation of public key cryptographic algorithms developed in the mid-1970's. Notably, they form the basis for key management and authentication for IP encryption (IKE/IPSEC), web traffic (SSL/TLS) and secure electronic mail. In their day these public key techniques revolutionized cryptography. Over the last twenty years however, new techniques have been developed which offer both better performance and higher security than these first generation public key techniques. The best assured group of new public key techniques is built on the arithmetic of elliptic curves. Elliptic Curve Cryptography (ECC) is one of best public key techniques because of its small key size and high security. This paper discusses elliptic curve cryptography and discusses why it is better option than RSA in modern day systems and also why ECC is well suited for smart card applications. II.MATHEMATICAL CONCEPTS

The mathematical operations of ECC is defined over the elliptic curve y2 = x3 + ax + b,

Where 4a3 + 27b2 ≠ 0.

Each value of the a' and b' gives a different elliptic curve. All points (x, y) which satisfies the above equation plus a point at infinity lies on the elliptic curve. The public key is a point in the curve and the private key is a random number. The public key is obtained by multiplying the private key with the generator point G in the curve. The generator point G, the curve parameters a' and b', together with few more constants constitutes the domain parameter of ECC. The security of ECC depends on the difficulty of Elliptic Curve Discrete Logarithm Problem. Let P and Q be two points on an elliptic curve such that kP = Q, where k is a scalar. Given P and Q, it is computationally infeasible to obtain k, if k is sufficiently large. k is the discrete logarithm of Q to the base P. Hence the main operation involved in ECC is point multiplication. i.e. multiplication of a scalar k with any point P on the curve to obtain another point Q on the curve. A.Point Multiplication

In point multiplication a point P on the elliptic curve is multiplied with a scalar k using elliptic curve equation to obtain another point Q on the same elliptic curve i.e. kP=Q Point multiplication is achieved by two basic elliptic curve operations Point addition, adding two points J and K to obtain another point L i.e., L = J + K. Point doubling, adding a point J to itself to obtain another point L i.e. L = 2J. Here is a simple example of point multiplication.

Let P be a point on an elliptic curve. Let k be a scalar that is multiplied with the point P to obtain another point Q on the curve. i.e. to find Q =...

References: [1] http://www.wikipedia.org

[2] Certicom Corp. Current Public-Key Cryptographic Systems, April 1997.

http://www.certicom.com/research/wecc2.html.

[3] K. Araki, S. Miura, and T. Satoh. Overview of elliptic curve cryptography. In International Workshop on Practice and Theory in Public Key Cryptography, pages 1-14, 1998.

[4]Elliptic curve cryptosystems on smart cards Elsayed Mohammed, A. E. Emarah and 0. El-Shennawy, Senior Member IEEE

[5] A.J. Menezes. Elliptic Curve Public Key Cryptosystems. Kluwer Academic Publishers, 1993.

[6] Michael Rosing. Implementing Elliptic Curve Cryptography. Manning Publications, first edition, 1999.

[7] Cryptography and Network security, William Stallings, Prentice Hall, Fourth Edition

Please join StudyMode to read the full document