Elliptic Curve Cryptography (ECC)

There are many available choices for asymmetric cryptography, such as RSA or DLP-based cryptosystems. However, ECC has an edge over others in that it requires a shorter length keys than other cryptosystems to provide a similar security level. For example, where RSA, DLP-based cryptosystems require a key of 1024-2048 bits, we will need a key length of only 160-256 bits for ECC. Being able to use shorter key lengths with ECC means we get shorter digital signatures.

For cryptography, an elliptic curve is a particular type of polynomial equation constructed over a finite field. Prime fields, denoted as $GF(p)$ (after the name of mathematician Galois), are the most popular choice of finite fields, where all arithmetic is performed over modulo prime $p$.

The elliptic curve equation in a finite field is:

$y^2≡x^3+ax+b \ mod \ p:p>3 \ and \ a,b \ are \ elements \ of \ Z_p$

Special consideration to note:

$a$, $b$ and $p$ are required to satisfy the condition $4a^3+27b^2 \ mod \ p ≠0$

We consider an imaginary point of infinity $Φ$ (this is simply an identity element)

To visualise the above equation and understand a few operations, we must make use of coordinate geometry.

Note - plotting the above graph defined with $Z_p$does not give us a curve, but rather a set of discrete points instead.

Therefore to demonstrate some ideas in the following examples, we construct the graph over a set of real numbers which yields a complete curve.

Group Operations

We mentioned the identity element above, and now, below is a high-level overview of group operations.

Point Doubling

Note:

i. The rationale to perform addition ensures that the set of points on the elliptic curve, satisfies the necessary condition for a group.

ii. Generalizing above, in real-world applications, point addition is achieved by finding the slope of the line and solving the cubic equation.

Inverse

Is considered as a mirror image of the point on the curve. Identity is already mentioned above.

Scalar Multiplication

Scalar Multiplication is achieved by using Point Addition and Point Doubling. The algorithm used for Scalar Multiplication is included below; however, it is an optional topic. The algorithm is used for computing public keys in ECDSA

Square-and-Multiply Algorithm

Scalar Multiplication makes use of the "square-and-multiply algorithm." The difference is square is replaced by Point Doubling and multiply by Point Addition.

Convert the scalar value into a binary representation. Start from (MSB - 1) position and iterate till LSB (MSB stands for "Most significant bit" and LSB stands for "Least significant bit").

If in the iteration a bit is 0, then perform Point Doubling; if the bit is 1, then perform Point Doubling and Point Addition. For MSB, we don't perform any operation and consider the value as-is.

When we define the elliptic curve as above, under certain conditions the set of points and the identity element form a cyclic group. Firstly, the formation of a cyclic group implies the set must have a generator, i.e., an element in the set, such that its powers generate the entire group. Secondly, it leads to the next and last topic of pre-requisites.