Cryptography Baby Step Giant Step

An Improvement of Baby Step Giant Step
Algorithm for Solving Elliptic Curve Discrete
Logarithmic Problem
A presentation on Dissertation
BY
SAUVIK BISWAS (16MT001409)
Under the guidance of
Prof. G. P. BISWAS
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
INDIAN INSTITUTE OF TECHNOLOGY (INDIAN SCHOOL OF MINES), DHANBAD
INDIA
MAY 2018

ACKNOWLEDGEMENT
• Prof. G. P. Biswas (Dept. of Computer Science & Engineering)
 Prof. P. K. Jana (HOD, Dept. of Computer Science & Engineering)
• Asst. Prof. Hari Om (M.Tech CSE-IS Course Coordinator , Dept. of Computer
Science & Engineering)

Layout of Presentation
 Overview of Cryptography
 Symmetrical and Asymmetrical Encryption
 Overview of ECC
 Singular and Non-singular Elliptic Curve
 Operations on Elliptic Curve
 Elliptic Curve Discrete Logarithmic Problem
 Literature Survey
 Proposed approach on Baby Step Giant Step algorithm
 Experimental Results
 Complexity Analysis
 Conclusion and References

• Cryptography is the study of mathematical techniques for the secure transmission
of a private message over an insecure channel.
• For many years, the concept of cryptography was used to ensure the safe transfer
of messages for military purposes. But these days, it is the security of ATM cards,
computer passwords, online bank transaction and electronic commerce that mainly
depends on cryptography.
Definition :
It is a method of storing and transmitting data in a particular form so that only those
for whom it is intended can read and process it
a
b
Overview of Cryptography
Hello
(Plaintext)
ᴪᴨ♦ᴧᴦ
(Ciphertext)
b

Symmetrical and Asymmetrical Encryption
Symmetrical Encryption :
This is the simplest kind of encryption that involves only one secret key to cipher and
decipher information. Symmetrical encryption is an old and best-known technique.

Symmetrical and Asymmetrical
Encryption(Cont.)
Asymmetrical Encryption :
Asymmetrical Encryption or Public key Cryptography, is an encryption scheme
that uses two mathematically related, but not identical, keys - a public key and a
private key. Unlike symmetric key algorithms that rely on one key to both encrypt
and decrypt, each key performs a unique function. The public key is used to
encrypt and the private key is used to decrypt. It ensures that malicious persons
do not misuse the keys.

 Symmetrical Encryption and Asymmetrical Encryption
 Overview of ECC
 Conclusion and References

Overview of ECC
Generalized Weierstrass Equation of elliptic curves:
Let Fp be a field. An elliptic curve E over Fp is defined by the Weierstrass equation
y2
+ a1xy + a3y = x3
+ a2x2
+ a4x + a6 ,
• Char Fp = 2
y2
+ xy = x3
+ ax2
+ b , where a,b ∈ Fp
• Char Fp = 3
y2
= x3
+ b2x2
+ b4x + b6 , where bi ∈ Fp
• Char Fp ≠ 2,3
y2
= x3
+ ax + b , where a,b ∈ Fp
where ai ∈ Fp

Overview of ECC(Cont.)
Definition :
An elliptic curveE is the graph of the equation
E : y2
= x3
+ ax + b where a and b areelementsfrom field Fp of characteristic ≠ 2.
We’ll also include the point (∞, ∞), denoted as infinity.
Figure: y2 = x3 + x Figure: y2 = x3 + 73

Singular and Non-singular Elliptic Curve
 If 4a³ + 27b² = 0, then we have a singular elliptic curve
 This could potentially lead to having to not having 3 distinct
roots
 Therefore, we must deal with non-singular elliptic curves with
the condition 4a³ + 27b² ≠ 0, in order to assure that we have 3
distinct roots.

Operations on Elliptic Curve
Point Addition Point Doubling

Operations on Elliptic Curve(Cont.)
 Suppose P, Q ∈ E, where P = (x1,y1) and Q = (x2,y2), we must
consider three cases:
1) x1 ≠ x2
2) x1 = x2 and y1 = - y2
3) x1 = x2 and y1 = y2
 These cases must be considered when defining “addition” for
our solution set

 Case 1 ( x1 ≠ x2 )
(x1,y1) + (x2,y2) = (x3,y3) ∈ E, where x3 = λ² - x1 - x2 ,y3 = λ(x1 – x3) - y1, and
λ = (y2 – y1) / (x2 – x1)
 Case 2 (x1 = x2 and y1 = - y2 )
(x1,y1) + (x2,y2) = (x3,y3) ∈ E
(x,y) + (x,-y) = O, the point at infinity
x3 = λ² - ( x1 - x2 ),y3 = λ(x1 – x3) - y1, and λ = (y2 – y1) / (x2 – x1)
 Case 3 (x1 = x2 and y1 = y2)
(x1,y1) + (x2,y2) = (x3,y3) ∈ E where x3 = λ² - ( x1 - x2 ),y3 = λ(x1 – x3) - y1, and
λ = (3x1
2 + a) / 2y1

 Point Addition :
SupposeEis defined asy 2 ≡ x 3 + 4x + 4 (mod 5). Let P= (1, 2) , Q = (4, 3)
Then
P + Q = (1,2) + (4,3) = (4,2)
 Point Doubling:
SupposeEis defined asy 2≡x 3+ 2x + 2 (mod 17). Let P = (5, 1).
Then
P + P = 2P = (6,3)

Elliptic Curve Discrete Logarithmic Problem
The strength of the ECC security is reliant on the ECDLP. This problem can be
defined as follows.
Let P has order n, which belongs to the points of an elliptic curve defined over
the field Fp and another point Q ∈ < P > then finding k ∈ [1, n – 1] such
that Q = [k]P = P ⊕ P ⊕ . . . ⊕ P is called the
k times
discrete log of Q to the base P which is symbolized by k = logPQ Because k can
be inferred from Q if the ECDLP is easy, so the difficulty of the ECDLP plays a
crucial role in the security of these Elliptic Curve Cryptographic system.

Literature Survey
• The elliptic curve cryptosystems that is dependent on public key
cryptosystem were first proposed separately by Koblitz and Miller in 1985.
• The security of these cryptographic systems is reliant on the hardness of
solving the discrete logarithm problem on elliptic curves (ECDLP). These
schemes will be broken easily if this problem can be resolved efficiently.
• Pollard’s Rho method is present known as the fastest algorithm to resolve
the discrete logarithm problem on elliptic curves.
• Baby Step and Giant Step is also a good algorithm to solve the problem
because its mathematical operations is less than other approaches.

Literature Survey(Cont.)
Hasse’s Theorem:
Let E be an elliptic curve over the finite field, Fp, then the order of E(Fp) is
denoted by #E(Fp). We have a bound for #E(Fp) given by Hasse’s Theorem.
Then the interval is
𝑝 + 1 + 2 𝑝 ≥ #𝐸(𝐹𝑝) ≥ p + 1 − 2 𝑝
• We will provide a better approach of Baby Step Giant Step method to solve the
ECDLP. After that, the developed method will be analyzed by giving examples.

Proposed approach on Baby Step Giant Step
algorithm
We are going to propose an approach of Baby Step Giant Step algorithm for
solving ECDLP recalling the DLP problem. In this algorithm we are using Baby
Step set size a, where 0 < i <
m
2
. So this algorithm has faster Baby Step faster
precomputation runtime complexity and reduced number of Baby Step set,
where N = #E(Fp).We have to find a n that exists such that Q = [𝐤]P.
Proposed Approach :
 calculation of m : Here we ate taking the value of m > N, where N is
order of elliptic curve E over prime field Fp.
 calculation of mP : In this step we will compute the value of mP.

Proposed approach on Baby Step Giant Step
algorithm(Cont.)
 creating Baby Step set :We will calculate each i𝑃 and store it in an array of
list for i = 0 to i =
m
2
− 1 and create Baby Step set.
 creating Giant Step set : Here we compute each jmP and store it in an
array of list for j = 0 to j = m − 1 for creating Giant Step set.
 sorting : We then sort the Baby Step and Giant Step set in some consistent
way.
 Comparing sets : We will Compare the Baby Step set and Giant Step set
until a pair i, j such that iP = Q - jmP is found.
 getting value of k : Return k ≡ i + jm (mod N) which we are looking for

Experimental Results
Example (1): Elliptic curve equation y2
= x3
+ 4x + 10 over prime field F19. Intruder got the
plaintext as P(2,8) and ciphertext Q(16,3).Now he wants to find k.
Previous method :
Baby Step Set Giant Step Set
1𝑃 => 2,8 2,8
2𝑃 => 16,16 10,10
3𝑃 => 18,10 6,16
4𝑃 => 10,10 2,11
Order of point P => 22
Hasee’s interval => 11.28 <=> 28.71
Final answer => 9𝑃
Final point is => 9𝑃 16,3
Execution time : 0.164 sec

Experimental Results(Cont.)
= x3
Proposed method :
1𝑃 => 2,8 2,8
2𝑃 => 16,16 10,10
3𝑃 => 18,10 6,16
2,11

= x3
Previous method :
1𝑃 => 11,15 11,15
2𝑃 => 1,8 8,14
3𝑃 => 20,4 3,15
4𝑃 => 4,2 8,9

= x3
Proposed method :
1𝑃 => 11,15 11,15
2𝑃 => 1,8 8,14
3𝑃 => 20,4 3,15
8,9

0
0.05
0.1
0.15
0.2
0.25
0.3
0.35
0.4
Example (1) Example (2)
Execution Time(sec)
Previous Method Proposed Method

 Symmetrical Encryption and Asymmetrical Encryption
 Overview of ECC
 Conclusion and References.

Complexity Analysis
 In previous we find that the running time is on the order of N. The storage space
needed is also on the order of N, as that is how much space is needed to store
the lists in steps 3 and 4.
• In proposed method we have done a little betterment in solving the problem using
Baby Step Giant Step algorithm. Proposed method step 4 we are calculating the
Baby step set. Previous method takes 0 < j ≤ m − 1 step size. Proposed method
we are restricting the upper bound to
m
2
− 1 that is 0 < j ≤
m
2
− 1.
• This process gives almost 141.42% betterment in precomputation of Baby step set
and required less storage than of original baby Step Giant Step storage
requirements.

Conclusion
• We have presented an introduction of Elliptic Curve Cryptography. This project
we gave a brief overview about the discrete Logarithmic problem. We have
revealed an enhanced algorithm for solving the problem ECDLP.
• Here we restricted the upper bound step size of Baby step set. It gives a smaller
no of Baby Step set comparing to the previous method.
• Our algorithm has faster Baby Step precomputation and less storage
requirement than of original baby Step Giant Step storage requirements.
• This indicates proposed algorithm is having a lower overhead that has
comparatively smaller list to be fitted in the memory quickly

References
1) D. Kohel. Cryptography. 2007. Lecture notes are available at
http://enchidna.maths.usyd.edu .au/~kohel/res/index.html.
2) https://www.ssl2buy.com/wiki/symmetric-vs-asymmetric-encryption-what-are-
differences
3) https://www.globalsign.com/en-in/ssl-information-center/what-is-public-key-
cryptography/
4) https://www.slideshare.net/KellyBresnahan/elliptic-curve-cryptography-66406021
5) https://www.cs.clemson.edu/course/cpsc420/presentations/Spring2007/Elliptic%2
0Curve%20Cryptography.ppt
6) https://arxiv.org/ftp/arxiv/papers/1607/1607.05901.pdf
7) Hankerson et al., 2004 ; Chee and Park, 2005)
8) https://www.cs.cmu.edu/~adamchik/15-
121/lectures/Algorithmic%20Complexity/complexity. html
9) http://bigocheatsheet.com
10) https://ocw.mit.edu/courses/mathematics/18-704-seminar-in-algebra-and-
number-theory-rational-points-on-elliptic-curves-fall2004/projects/asarina.pdf

References(Cont.)
11) https://ee.stanford.edu/~hellman/publications/24.pdf
12) https://ieeexplore.ieee.org/document/5992208/metrics
13) https://link.springer.com/article/10.1007%2FBF01933667
14) https://en.wikipedia.org/wiki/Baby-step_giant-step

Cryptography Baby Step Giant Step

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Cryptography Baby Step Giant Step

Similar to Cryptography Baby Step Giant Step (20)

Recently uploaded

Recently uploaded (20)

Cryptography Baby Step Giant Step