A project which implements the Elliptic Curve Cryptography for the Diffie-Hellman keys exchange, in order to establish a secure channel between two Android devices.
2. Asymmetric
cryptography
concepts
● The concept of
Public Key
cryptography(PKC)
was first introduced
by Diffie and
Hellman in 1976.
● Pair of keys: public
and private
● Trapdoor function
3. Trapdoor
● Collection of one-way functions: is a function
that is easy to compute on every input, but hard
to invert given the image of a random input.
● RSA: prime number factorization, given number
n there exists prime numbers p and q such that
! = #×%, the trapdoor is to find these two
primes given only n.
● Mathematics behind DH key exchange is that
computing &'()* ! is easy, but it is infeasible
to find the discrete logarithm (the + value) of
the function.
4. Elliptic Curve
Cryptography
• Elliptic Curve Cryptography is an
approach to public-key cryptography,
based on elliptic curves over finite
fields.
• The technique was first proposed
individually by Neal Koblitz and
Victor Miller in 1985.
• Based on the Elliptic Curve Discrete
Logarithm problem, which is a
known NP-Hard problem.
5. Elliptic Curve
Cryptography
ECC is based on the use of algebraic structure
of elliptic curves over finite fields, which are
set of elements accepting two binary
operations (+,x).
In ECC the multiplication is defined by
repeated addition over an elliptic curve.
• The security of ECC depends on the
difficulty of the Elliptic Curve Discrete
Logarithm: having ! and " two point on the
curve such that !# = " where # is a scalar,
it is infeasible to obtain # if it is large
enough.
• In this way # is the factor that can’t be
extracted by the public key.
9. ECDH-Curve25519-Mobile
Implements Diffie-Hellman
key exchange based on the
Elliptic Curve 25519 for
Android devices.
It is a native Android library
since NaCl is implemented in
C rather than Java. However,
it can be easily compiled for
all Android platforms like
ARM or x86, so this is not a
practical limitation compared
to a Java implementation.
// Create Alice's secret key from a big random number.
SecureRandom random = new SecureRandom();
byte[] alice_secret_key = ECDHCurve25519.generate_secret_key(random);
// Create Alice's public key.
byte[] alice_public_key =ECDHCurve25519.generate_public_key(alice_secret_key);
// Bob is also calculating a key pair.
byte[] bob_secret_key = ECDHCurve25519.generate_secret_key(random);
byte[] bob_public_key = ECDHCurve25519.generate_public_key(bob_secret_key);
// Assume that Alice and Bob have exchanged their public keys.
// Alice is calculating the shared secret.
byte[] alice_shared_secret = ECDHCurve25519.generate_shared_secret(
alice_secret_key, bob_public_key);
// Bob is also calculating the shared secret.
byte[] bob_shared_secret = ECDHCurve25519.generate_shared_secret (
bob_secret_key, alice_public_key);
https://github.com/duerrfk/ecdh-curve25519-mobile
12. Magic, but why not
implemented yet?
• ECC’s cryptographic applications have been
noticed only recently.
• RSA has been well-researched and its
vulnerabilities have been studied a lot though
time.
• The cryptographic use for EC was only discovered
in the process of finding out new attacks on the
RSA system.
• Crypto community do not trust ECC enough to be
implemented, like RSA.