Abhijith Chandrashekar and Dushyant Maheshwary

Similar documents
Understanding Cryptography by Christof Paar and Jan Pelzl. Chapter 9 Elliptic Curve Cryptography

Key Management and Distribution

Elliptic Curve Public Key Cryptography

Implementation and Benchmarking of Elliptic Curve Cryptography Algorithms

This chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest

Cryptography and Network Security Chapter 10. Fourth Edition by William Stallings

ECC Elliptic Curve Cryptography. Foundations of Cryptography - ECC pp. 1 / 31

Cryptography and Network Security

Chapter 9 Public Key Cryptography. WANG YANG

Key Management and Elliptic Curves

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Chapter 7 Public Key Cryptography and Digital Signatures

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

Public Key Algorithms

Elliptic Curve Cryptosystem

The most important development from the work on public-key cryptography is the digital signature. Message authentication protects two parties who

CSC 474/574 Information Systems Security

Cryptographic Systems

The Application of Elliptic Curves Cryptography in Embedded Systems

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

Computer Security 3/23/18

Introduction to Cryptography and Security Mechanisms: Unit 5. Public-Key Encryption

UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering. Introduction to Cryptography ECE 597XX/697XX

PUBLIC KEY CRYPTO. Anwitaman DATTA SCSE, NTU Singapore CX4024. CRYPTOGRAPHY & NETWORK SECURITY 2018, Anwitaman DATTA

Prime Field over Elliptic Curve Cryptography for Secured Message Transaction

Number Theory and RSA Public-Key Encryption

Public Key Cryptography

Public Key Cryptography and RSA

CHAPTER 4 VERIFIABLE ENCRYPTION OF AN ELLIPTIC CURVE DIGITAL SIGNATURE

CS 161 Computer Security

Chapter 3 Public Key Cryptography

TECHNISCHE UNIVERSITEIT EINDHOVEN Faculty of Mathematics and Computer Science Exam Cryptology, Tuesday 31 October 2017

Topics. Number Theory Review. Public Key Cryptography

L13. Reviews. Rocky K. C. Chang, April 10, 2015

Introduction to Public-Key Cryptography

Introduction to Elliptic Curve Cryptography

Key Exchange. Secure Software Systems

Elliptic Curve Cryptography

An IBE Scheme to Exchange Authenticated Secret Keys

Cryptographic Concepts

Diffie-Hellman. Part 1 Cryptography 136

Chapter 9. Public Key Cryptography, RSA And Key Management

Overview. Public Key Algorithms I

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl. Chapter 6 Introduction to Public-Key Cryptography

Innovation and Cryptoventures. Digital Signatures. Campbell R. Harvey. Duke University, NBER and Investment Strategy Advisor, Man Group, plc

Innovation and Cryptoventures. Digital Signatures. Campbell R. Harvey. Duke University, NBER and Investment Strategy Advisor, Man Group, plc

n-bit Output Feedback

Channel Coding and Cryptography Part II: Introduction to Cryptography

A SIGNATURE ALGORITHM BASED ON DLP AND COMPUTING SQUARE ROOTS

1. Diffie-Hellman Key Exchange

Journal of Computer Engineering & Technology (JCET) ISSN (Print), ISSN (Online), Volume 1, Issue 1, July-December (2013)

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl. Chapter 6 Introduction to Public-Key Cryptography

Digital Signature. Raj Jain

Other Topics in Cryptography. Truong Tuan Anh

Elliptic Curve Cryptography

CS 6324: Information Security More Info on Key Establishment: RSA, DH & QKD

Basic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline

Network Security. Chapter 4 Public Key Cryptography. Public Key Cryptography (4) Public Key Cryptography

Cryptography Symmetric Cryptography Asymmetric Cryptography Internet Communication. Telling Secrets. Secret Writing Through the Ages.

CSE 127: Computer Security Cryptography. Kirill Levchenko

Public Key Algorithms

Lecture 14: Elliptic Curve Cryptography. Lecture Notes on Computer and Network Security. by Avi Kak

Public Key Algorithms

RSA. Public Key CryptoSystem

CSC/ECE 774 Advanced Network Security

CS669 Network Security

Elliptic Curve Cryptography (ECC) Elliptic Curve Cryptography. Elliptic Curves. Elliptic Curve Cryptography (ECC) Elliptic curve

Intro to Public Key Cryptography Diffie & Hellman Key Exchange

UNIT III 3.1DISCRETE LOGARITHMS

Lecture 6 - Cryptography

Key Exchange. References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings

Spring 2010: CS419 Computer Security

Public Key (asymmetric) Cryptography

Public-key encipherment concept

Java Implementation And Arithmetic Performance Evaluation of Elliptic Curve Cryptography Using MATLAB

Lecture 2 Applied Cryptography (Part 2)

1. Digital Signatures 2. ElGamal Digital Signature Scheme 3. Schnorr Digital Signature Scheme 4. Digital Signature Standard (DSS)

A Portable and Improved Implementation of the Diffie-Hellman Protocol for Wireless Sensor Networks

Kurose & Ross, Chapters (5 th ed.)

Diffie-Hellman Protocol as a Symmetric Cryptosystem

TinyECC: A Configurable Library for Elliptic Curve Cryptography in Wireless Sensor Networks

CSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography

Crypto CS 485/ECE 440/CS 585 Fall 2017

Outline. Cryptography. Encryption/Decryption. Basic Concepts and Definitions. Cryptography vs. Steganography. Cryptography: the art of secret writing

Encryption. INST 346, Section 0201 April 3, 2018

Design and Evaluation of FPGA Based Hardware Accelerator for Elliptic Curve Cryptography Scalar Multiplication

Elliptic Curve Cryptography

Elliptic Curve Cryptography (ECC) Elliptic Curve Cryptography. Elliptic Curves. Elliptic Curve Cryptography (ECC) Elliptic curve

Lecture 6: Overview of Public-Key Cryptography and RSA

Public Key Cryptography

Applied Cryptography and Computer Security CSE 664 Spring 2018

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

ECC1 Core. Elliptic Curve Point Multiply and Verify Core. General Description. Key Features. Applications. Symbol

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

CS3235 Seventh set of lecture slides

Elements of Cryptography and Computer and Networking Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

Transcription:

By Abhijith Chandrashekar and Dushyant Maheshwary

Introduction What are Elliptic Curves? Curve with standard form y 2 = x 3 + ax + b a, b ϵ R Characteristics of Elliptic Curve Forms an abelian group Symmetric about the x-axis Point at Infinity acting as the identity element

Examples of Elliptic Curves

Finite Fields aka Galois Field GF(p n ) = a set of integers {0, 1, 2,, p n -1) where p is a prime, n is a positive integer It is denoted by {F, +, x} where + and x are the group operators

Group, Ring, Field

Why Elliptic Curve Cryptography? Shorter Key Length Lesser Computational Complexity Low Power Requirement More Secure

Comparable Key Sizes for Equivalent Security Symmetric Encryption (Key Size in bits) RSA and Diffie-Hellman (modulus size in bits) ECC Key Size in bits 56 512 112 80 1024 160 112 2048 224 128 3072 256 192 7680 384 256 15360 512

What is Elliptic Curve Cryptography? Implementing Group Operations Main operations - point addition and point multiplication Adding two points that lie on an Elliptic Curve results in a third point on the curve Point multiplication is repeated addition If P is a known point on the curve (aka Base point; part of domain parameters) and it is multiplied by a scalar k, Q=kP is the operation of adding P + P + P + P +P (k times) Q is the resulting public key and k is the private key in the public-private key pair

What is Elliptic Curve Cryptography? Adding two points on the curve P and Q are added to obtain P+Q which is a reflection of R along the X axis

What is Elliptic Curve Cryptography? A tangent at P is extended to cut the curve at a point; its reflection is 2P Adding P and 2P gives 3P Similarly, such operations can be performed as many times as desired to obtain Q = kp

What is Elliptic Curve Cryptography? Discrete Log Problem The security of ECC is due the intractability or difficulty of solving the inverse operation of finding k given Q and P This is termed as the discrete log problem Methods to solve include brute force and Pollard s Rho attack both of which are computationally expensive or unfeasible The version applicable in ECC is called the Elliptic Curve Discrete Log Problem Exponential running time

ECC in Windows DRM v2.0 A Practical Example : Finite field chosen p = 785963102379428822376694789446897396207498568951 Gx = 771507216262649826170648268565579889907769254176 Gy = 390157510246556628525279459266514995562533196655 y 2 = x 3 + 317689081251325503476317476413827693272746955927x + 790528966078787587181205720257185354321100651934 Gx and Gy constitute the agreed upon base point (P) and the numbers in the above equation are values for the parameters a and b

Elliptic Curve Schemes Elliptic Curve Digital Signature Algorithm (ECDSA) Elliptic Curve Pintsov Vanstone Signature(ECPVS) Elliptic Curve Diffie-Hellman (ECDH)

Elliptic Curve Digital Signature Algorithm (ECDSA) Elliptic curve variant of Digital Signature Algorithm Canadian postage stamp that uses ECDSA

ECDSA Signature Generation Once we have the domain parameters and have decided on the keys to be used, the signature is generated by the following steps. 1. A random number k, 1 k n-1 is chosen 2. kg = (x 1,y 1 ) is computed. x 1 is converted to its corresponding integer x 1 3. Next, r = x 1 mod n is computed 4. We then compute k -1 mod q 5. e = HASH(m) where m is the message to be signed 6. s = k -1 (e + dr) mod n. We have the signature as (r,s)

ECDSA Signature Verification At the receiver s end the signature is verified as follows: 1. Verify whether r and s belong to the interval [1, n-1] for the signature to be valid. 2. Compute e = HASH(m). The hash function should be the same as the one used for signature generation. 3. Compute w = s -1 mod n. 4. Compute u 1 = ew mod n and u 2 = rw mod n. 5. Compute (x 1,y 1 ) = u 1 G + u 2 Q. 6. The signature is valid if r = x 1 mod n, invalid otherwise. This is how we know that the verification works the way we want it to: We have, s = k -1 (e + dr) mod n which we can rearrange to obtain, k = s -1 (e + dr) which is s -1 e + s -1 rd This is nothing but we + wrd = (u 1 + u 2 d) (mod n) We have u 1 G + u 2 Q = (u 1 + u 2 d)g = kg which translates to v = r.

Elliptic Curve Pintsov Vanstone Signature (ECPVS) Signature scheme using Elliptic Curves More efficient than RSA as overhead is extremely low

ECPVS Signature Generation The plaintext message is split into two parts: part C representing the data elements requiring confidentiality and part V representing the data elements presented in plaintext. Both the parts are signed. The signature is generated as follows: 1. A random number k, 1 k n-1 is chosen. 2. Calculate the point R on the curve (R = kg). 3. Use point R and a symmetric encryption algorithm to get e = T R (C). 4. Calculate a variable d such that d = HASH(e I A V) where I A is the identity of the mailer terminal. 5. Now calculate the other part of the signature s as follows: s= ad + k(mod n). The signature pair (s,e) is transmitted together with the portion V of the plaintext.

ECPVS Signature Verification 1. Retrieve Q A (Q A is mailer A s public key) 2. Calculate the variable d = HASH(e I A V) using the same HASH algorithm as the one used for generating the signature. 3. Compute U = sg dq A. 4. Recover C = T -1 u (e). 5. Run a redundancy test on C. If the test fails, discard the message. Else, the plaintext is recovered. We have, s = ad + k. Multiply by base point G to obtain sg = adg + kg which is dq A + R Therefore, R = sg dq A which is U. Comparing the decrypted versions, m and m obtained using U and R, we ascertain the validity of the signature

Elliptic Curve Diffie-Hellman (ECDH) Elliptic curve variant of the key exchange Diffie-Hellman protocol. Decide on domain parameters and come up with a Public/Private key pair To obtain the private key, the attacker needs to solve the discrete log problem

ECDH How the key exchange takes place: 1. Alice and Bob publicly agree on an elliptic curve E over a large finite field F and a point P on that curve. 2. Alice and Bob each privately choose large random integers, denoted a and b 3. Using elliptic curve point-addition, Alice computes ap on E and sends it to Bob. Bob computes bp on E and sends it to Alice. 4. Both Alice and Bob can now compute the point abp Alice by multiplying the received value of bp by her secret number a and Bob vice-versa. 5. Alice and Bob agree that the x coordinate of this point will be their shared secret value.

Pros and Cons Pros Shorter Key Length Same level of security as RSA achieved at a much shorter key length Better Security Secure because of the ECDLP Higher security per key-bit than RSA Higher Performance Shorter key-length ensures lesser power requirement suitable in wireless sensor applications and low power devices More computation per bit but overall lesser computational expense or complexity due to lesser number of key bits

Pros and Cons Cons Relatively newer field Idea prevails that all the aspects of the topic may not have been explored yet possibly unknown vulnerabilities Doesn t have widespread usage Not perfect Attacks still exist that can solve ECC (112 bit key length has been publicly broken) Well known attacks are the Pollard s Rho attack (complexity O( n) ), Pohlig s attack, Baby Step,Giant Step etc

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback