SlideShare a Scribd company logo

Elliptic Curve Cryptography: Arithmetic behind

Ayan Sengupta
Ayan Sengupta

Elliptic curve and cryptosystems.

Science
1 of 42
Download to read offline
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Arithmetic of Elliptic Curves Ayan Sengupta May 5, 2015
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Overview 1 Group Structure of Elliptic Curves 2 Rational Points of Finite Order on Elliptic Curve 3 Group of Rational Points on Elliptic Curve 4 Application in Cryptography
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Motivation Very important concept and major area of current research in Number Theory. Andrew Wiles used in his famour proof of Fermat’s last theorem. They are vividly used in many algorithms: - Lenstra elliptic curve factorization. - Elliptic curve primality testing. Elliptic curve cryptography (ECC) is based on the elliptic curve discrete logarithm problem.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography What is Elliptic Curve ? An algebraic curve of the form Y 2 = X3 + aX2 + bX + c (1) where a, b, c ∈ K, field (most popular are Q, Fp), such that f (X) = X3 + aX2 + bX + c has no repeated root in C. We also assume a point at infinity O included in elliptic curve, that is the point where the vertical lines in XY -plane meet.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography What is Elliptic Curve ? An algebraic curve of the form Y 2 = X3 + aX2 + bX + c (1) where a, b, c ∈ K, field (most popular are Q, Fp), such that f (X) = X3 + aX2 + bX + c has no repeated root in C. We also assume a point at infinity O included in elliptic curve, that is the point where the vertical lines in XY -plane meet. (a) One real root of f (X) (b) Three real roots of f (X)
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography What is Elliptic Curve ? A smooth, projective algebraic curve of genus one with a pre-assumed point O. It is nothing related to ellipses!
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Group Structure of Elliptic Curves Figure : Addition operation on elliptic curve Explicitely, x3 = λ2 − a − x1 − x2 (2) y3 = λx3 + ν (3) where, λ and ν are respectively the slope and intercept of the line joining P1, P2.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Group Structure of Elliptic Curves Figure : Doubling a point x3 = x4 1 −2bx2 1 −8cx1+b2−4ac 4x3 1 +4ax2 1 +4bx1+4c (duplication formula)
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Group Structure of Elliptic Curves Figure : Inverse of a point
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Group Structure of Elliptic Curves Using Nine intersection theorem, associativity can be proved.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Group Structure of Elliptic Curves Points on an elliptic curve form an abelian group under the above mentioned addition operation.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Group Structure of Elliptic Curves Concentrate on elliptic curve C over Q and points (x1, y1) such that both x1, y1 ∈ Q. It can be shown that such points (rational points) on C form a subgroup under the same addition operation.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Order of a Point on Elliptic Curve P is a point (x1, y1) on elliptic curve C with order m if mP = P + P + · · · + P m = O (4) such that m P = O for all integers 1 ≤ m < m.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Order of a Point on Elliptic Curve P is a point (x1, y1) on elliptic curve C with order m if mP = P + P + · · · + P m = O (4) such that m P = O for all integers 1 ≤ m < m. If no such m exists then P is of infinite order.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Points of Order 2 2P = O if and only if P = −P, i.e. y1 = −y1. So, y1 = 0.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Points of Order 2 2P = O if and only if P = −P, i.e. y1 = −y1. So, y1 = 0. Number of rational points of order 2 depends on the number of solutions of the equation f (x) = 0 in Q.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Points of Order 3 3P = O if and only if 2P = P. From duplication formula, x4 1 − 2bx2 1 − 8cx1 + b2 − 4ac 4x3 1 + 4ax2 1 + 4bx1 + 4c = x1 (5) So, x1 is a root of the equation 3X4 + 4aX3 + 6bX2 + 12cX + (4ac − b2) which is same as 2f (X)f (X) − f (X) 2 . For each x1 we can get two distinct y1s. So, total there are 9 points in complex field of order 3 (including O).
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Points of Order 3 3P = O if and only if 2P = P. From duplication formula, x4 1 − 2bx2 1 − 8cx1 + b2 − 4ac 4x3 1 + 4ax2 1 + 4bx1 + 4c = x1 (5) So, x1 is a root of the equation 3X4 + 4aX3 + 6bX2 + 12cX + (4ac − b2) which is same as 2f (X)f (X) − f (X) 2 . For each x1 we can get two distinct y1s. So, total there are 9 points in complex field of order 3 (including O). These points are precisely all the inflection points i.e., the points on the curve C, such that the tangent at that point has multiplicity 3.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Nagell-Lutz Theorem This theorem gives the overview of all the rational points that can have finite order. Theorem (Nagell-Lutz) Let Y 2 = f (X) = X3 + aX2 + bX + c (6) be a non-singular cubic curve with integer coefficients a, b, c; and let D be the discriminant of the cubic polynomial f (x), D = −4a3 c + a2 b2 + 18abc − 4b3 − 27c2 . (7) Let P = (x, y) be a rational point of finite order. Then x and y are integers; and either y = 0, or else y|D.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Nagell-Lutz Theorem Nagell-Lutz theorem is not an if and only if condition!
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Nagell-Lutz Theorem Nagell-Lutz theorem is not an if and only if condition! To find whether a particular point on C has finite order or not, we need to check all of its multiples to find the order. Mazur’s theorem is a very strong result which makes our life easier.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Mazur’s Theorem Theorem Let C be a non-singular rational cubic curve, and suppose that C(Q) contans a point of finite order m. Then either 1 ≤ m ≤ 10 or m = 12. More precisely, the set of all points of finite order in C(Q) forms a subgroup, which has one of the following two forms: a) A cyclic group of order N with 1 ≤ N ≤ 10 or N = 12. b) The product of a cyclic group of order two and a cyclic group of order 2N with 1 ≤ N ≤ 4.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Example
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Mordell’s Theorem Theorem Let C be a non-singular cubic curve with rational coefficients and has a rational point. Then the group of rational points C(Q) is finitely generated. This theorem tells us that starting from a single rational point on an elliptic curve and using only the group laws (addition, duplication, inversion) we can generate the whole set of rational points.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Mordell’s Theorem We define a map H : C −→ [0, ∞) such that H(x, y) = max{|m|, |n|} where, x = m n in its irreducible form. If x = 0, we define H(x, y) = 1. Also H(O) = 1. We call this map “height”of a point.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Mordell’s Theorem We define a map H : C −→ [0, ∞) such that H(x, y) = max{|m|, |n|} where, x = m n in its irreducible form. If x = 0, we define H(x, y) = 1. Also H(O) = 1. We call this map “height”of a point. Define “small height”h(x, y) = logH(x, y).
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Proof of Mordell’s Theorem Theorem (Descent’s Theorem) If Γ is a abelian group with a function h : Γ −→ [0, ∞) such that a) For every real number n, the set {P ∈ Γ : h(P) ≤ n} is finite. b) For every P0 ∈ Γ, there is a constant k0 such that h(P + P0) ≤ 2h(P) + k0 (8) for every P ∈ Γ. c) There is a constant k such that h(2P) ≥ 4h(P) − k (9) for all P ∈ Γ. d) The subgroup 2Γ has finite index in Γ. Then Γ is finitely generated.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Proof of Mordell’s Theorem It can be proved explicitely that C(Q) and the map “little height”h satisfy the above conditions.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Mordell’s Theorem We have C(Q) ∼= Z ⊕ Z ⊕ · · · ⊕ Z r ⊕Zp1 d1 ⊕ Zp2 d2 ⊕ · · · ⊕ Zps ds . (10) r is called rank of Γ and the subgroup Zp1 d1 ⊕ Zp2 d2 ⊕ · · · ⊕ Zps ds correspondes to the elements of finite order in C(Q).
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Example
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Basics of Cryptography Cryptography is the study of message hiding. The basic model of cryptography is Figure : Adversarial model of cryptography
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Secure Systems For most secure and robust system, we assume that the adversary has considerable capabilites. He is able to read all the data transmitted over the channel, has significant computational resources and has complete descriptions of the communications protocols and any cryptographic mechanisms deployed (except for secret keying informations). The challenge is to design a robust mechanism to secure the communication from such powerful adversaries.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Public-Key Cryptography It is a part of cryptography where each entity selects a pair of keys, consisting of a public key, which is used for encryption and a private key which is used for decryption. The keys have the property that the actual plain text can not be computed effeciently from the knowledge of only cipher text and the public keys. Public-key cryptosystems rely on the hardness of some very popular number theoretic problems. e.g.-
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Public-Key Cryptography It is a part of cryptography where each entity selects a pair of keys, consisting of a public key, which is used for encryption and a private key which is used for decryption. The keys have the property that the actual plain text can not be computed effeciently from the knowledge of only cipher text and the public keys. Public-key cryptosystems rely on the hardness of some very popular number theoretic problems. e.g.- RSA scheme is based on the intractibility of integer factorization problem for semiprimes. ECC schemes depends totally on the hardness of elliptic curve discrete logarithm problem (ECDLP). Merkle-Hellman knapsack cryptosystem is based on integer knapsack problem (also called subset sum problem).
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography ECDLP Definition For a point P of order n and a point Q ∈ {O, P, 2P, · · · , (n − 1)P} find the integer d ∈ [0, n − 1] such that Q = dP.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography ElGamal Elliptic Curve Cryptographic System Suppose we have an elliptic curve C defined over a finite field Fq, where q is a large prime. C, q and a point P ∈ C with large order n are publicly known. We first represent our message m as a point M in C(Fq). When A wants to communicate secretly with B, they proceed thus: B choose a random integer b ∈ [0, n − 1] and publishes the point bP as public key and keeps b to himself as the private key. A chooses a random integer a ∈ [0, n − 1] and publishes the point aP. He then sends the pair (aP, M + a(bP)) to B, where M + a(bP) is the ciphertext. A keeps his secret key, a to himself.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography ElGamal Elliptic Curve Cryptographic System To decrypt the message, B first calculates b(aP) using A’s public key and B’s own private key. As C is an abelian group, a(bP) = b(aP). Now, B gets back the message from M + a(bP) − b(aP) = M. From M, B gets back the original message m by reversing the imbedding.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography ECDLP Many protocols like - Elliptic Curve Integrated Encryption Scheme, Elliptic Curve Digital Signature Algorithm are based on the intractibility of ECDLP.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography ECDLP Many protocols like - Elliptic Curve Integrated Encryption Scheme, Elliptic Curve Digital Signature Algorithm are based on the intractibility of ECDLP. There are several algorithms such as Number field sieve, Pohlig-Hellman algorithm, Pollard’s rho algorithm, Shor’s algorithm solve this problem. But the best known algorithm so far is of complexity O( √ p), where p is the largest prime divisor of n. But yet no one has been able to prove mathematically the intractibility of ECDLP.
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Acknoweledgement 1. http://en.wikipedia.org/wiki 2. https://www.nsa.gov/ia/programs/ suitebcryptography/index.shtml
Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography The End

Recommended

Elliptical curve cryptography
Elliptical curve cryptographyElliptical curve cryptography
Elliptical curve cryptographyBarani Tharan
 
Elliptic curve cryptography
Elliptic curve cryptographyElliptic curve cryptography
Elliptic curve cryptographyCysinfo Cyber Security Community
 
Elliptic Curve Cryptography
Elliptic Curve CryptographyElliptic Curve Cryptography
Elliptic Curve CryptographyKelly Bresnahan
 
EULER AND FERMAT THEOREM
EULER AND FERMAT THEOREMEULER AND FERMAT THEOREM
EULER AND FERMAT THEOREMankita pandey
 
Elliptic Curves and Elliptic Curve Cryptography
Elliptic Curves and Elliptic Curve CryptographyElliptic Curves and Elliptic Curve Cryptography
Elliptic Curves and Elliptic Curve CryptographyMd. Al-Amin Khandaker Nipu
 
Elliptic Curve Cryptography
Elliptic Curve CryptographyElliptic Curve Cryptography
Elliptic Curve CryptographyAdri Jovin
 
Cs8792 cns - unit i
Cs8792 cns - unit iCs8792 cns - unit i
Cs8792 cns - unit iArthyR3
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 

Recommended

Elliptical curve cryptography
Elliptical curve cryptographyElliptical curve cryptography
Elliptical curve cryptographyBarani Tharan
 
Elliptic curve cryptography
Elliptic curve cryptographyElliptic curve cryptography
Elliptic curve cryptographyCysinfo Cyber Security Community
 
Elliptic Curve Cryptography
Elliptic Curve CryptographyElliptic Curve Cryptography
Elliptic Curve CryptographyKelly Bresnahan
 
EULER AND FERMAT THEOREM
EULER AND FERMAT THEOREMEULER AND FERMAT THEOREM
EULER AND FERMAT THEOREMankita pandey
 
Elliptic Curves and Elliptic Curve Cryptography
Elliptic Curves and Elliptic Curve CryptographyElliptic Curves and Elliptic Curve Cryptography
Elliptic Curves and Elliptic Curve CryptographyMd. Al-Amin Khandaker Nipu
 
Elliptic Curve Cryptography
Elliptic Curve CryptographyElliptic Curve Cryptography
Elliptic Curve CryptographyAdri Jovin
 
Cs8792 cns - unit i
Cs8792 cns - unit iCs8792 cns - unit i
Cs8792 cns - unit iArthyR3
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
CRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITYCRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITYJyothishmathi Institute of Technology and Science Karimnagar
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and CryptographyAdam Reagan
 
DISCRETE LOGARITHM PROBLEM
DISCRETE LOGARITHM PROBLEMDISCRETE LOGARITHM PROBLEM
DISCRETE LOGARITHM PROBLEMMANISH KUMAR
 
Pseudo Random Number Generators
Pseudo Random Number GeneratorsPseudo Random Number Generators
Pseudo Random Number GeneratorsDarshini Parikh
 
Security Attacks on RSA
Security Attacks on RSASecurity Attacks on RSA
Security Attacks on RSAPratik Poddar
 
Public Key Cryptography
Public Key CryptographyPublic Key Cryptography
Public Key CryptographyGopal Sakarkar
 
Diffie Hellman Key Exchange
Diffie Hellman Key ExchangeDiffie Hellman Key Exchange
Diffie Hellman Key ExchangeSAURABHDHAGE6
 
Rsa cryptosystem
Rsa cryptosystemRsa cryptosystem
Rsa cryptosystemAbhishek Gautam
 
Number theory and cryptography
Number theory and cryptographyNumber theory and cryptography
Number theory and cryptographyYasser Ali
 
1524 elliptic curve cryptography
1524 elliptic curve cryptography1524 elliptic curve cryptography
1524 elliptic curve cryptographyDr Fereidoun Dejahang
 
Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewMohamed Loey
 
Information Security & Cryptography
Information Security & CryptographyInformation Security & Cryptography
Information Security & CryptographyArun ACE
 
Applications of linear algebra in field of it
Applications of linear algebra in field of itApplications of linear algebra in field of it
Applications of linear algebra in field of ituniversity of Gujrat, pakistan
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Securityvishnukp34
 
Elliptic Curve Cryptography
Elliptic Curve CryptographyElliptic Curve Cryptography
Elliptic Curve CryptographyJorgeVillamarin5
 
Number Theory In Cryptography
Number Theory In CryptographyNumber Theory In Cryptography
Number Theory In CryptographyAadya Vatsa
 
block ciphers
block ciphersblock ciphers
block ciphersAsad Ali
 
Intro to modern cryptography
Intro to modern cryptographyIntro to modern cryptography
Intro to modern cryptographyzahid-mian
 
Elliptic Curve Cryptography for those who are afraid of maths
Elliptic Curve Cryptography for those who are afraid of mathsElliptic Curve Cryptography for those who are afraid of maths
Elliptic Curve Cryptography for those who are afraid of mathsMartijn Grooten
 
Encryption algorithms
Encryption algorithmsEncryption algorithms
Encryption algorithmstrilokchandra prakash
 
Cryptography Baby Step Giant Step
Cryptography Baby Step Giant StepCryptography Baby Step Giant Step
Cryptography Baby Step Giant StepSAUVIK BISWAS
 
SYMMETRIC BILINEAR CRYPTOGRAPHY ON ELLIPTIC CURVE AND LIE ALGEBRA
SYMMETRIC BILINEAR CRYPTOGRAPHY ON ELLIPTIC CURVE AND LIE ALGEBRASYMMETRIC BILINEAR CRYPTOGRAPHY ON ELLIPTIC CURVE AND LIE ALGEBRA
SYMMETRIC BILINEAR CRYPTOGRAPHY ON ELLIPTIC CURVE AND LIE ALGEBRABRNSS Publication Hub
 

More Related Content

What's hot

Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and CryptographyAdam Reagan
 
DISCRETE LOGARITHM PROBLEM
DISCRETE LOGARITHM PROBLEMDISCRETE LOGARITHM PROBLEM
DISCRETE LOGARITHM PROBLEMMANISH KUMAR
 
Pseudo Random Number Generators
Pseudo Random Number GeneratorsPseudo Random Number Generators
Pseudo Random Number GeneratorsDarshini Parikh
 
Security Attacks on RSA
Security Attacks on RSASecurity Attacks on RSA
Security Attacks on RSAPratik Poddar
 
Public Key Cryptography
Public Key CryptographyPublic Key Cryptography
Public Key CryptographyGopal Sakarkar
 
Diffie Hellman Key Exchange
Diffie Hellman Key ExchangeDiffie Hellman Key Exchange
Diffie Hellman Key ExchangeSAURABHDHAGE6
 
Number theory and cryptography
Number theory and cryptographyNumber theory and cryptography
Number theory and cryptographyYasser Ali
 
Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewMohamed Loey
 
Information Security & Cryptography
Information Security & CryptographyInformation Security & Cryptography
Information Security & CryptographyArun ACE
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Securityvishnukp34
 
Elliptic Curve Cryptography
Elliptic Curve CryptographyElliptic Curve Cryptography
Elliptic Curve CryptographyJorgeVillamarin5
 
Number Theory In Cryptography
Number Theory In CryptographyNumber Theory In Cryptography
Number Theory In CryptographyAadya Vatsa
 
block ciphers
block ciphersblock ciphers
block ciphersAsad Ali
 
Intro to modern cryptography
Intro to modern cryptographyIntro to modern cryptography
Intro to modern cryptographyzahid-mian
 
Elliptic Curve Cryptography for those who are afraid of maths
Elliptic Curve Cryptography for those who are afraid of mathsElliptic Curve Cryptography for those who are afraid of maths
Elliptic Curve Cryptography for those who are afraid of mathsMartijn Grooten
 

What's hot (20)

CRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITYCRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITY
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and Cryptography
 
DISCRETE LOGARITHM PROBLEM
DISCRETE LOGARITHM PROBLEMDISCRETE LOGARITHM PROBLEM
DISCRETE LOGARITHM PROBLEM
 
Pseudo Random Number Generators
Pseudo Random Number GeneratorsPseudo Random Number Generators
Pseudo Random Number Generators
 
Security Attacks on RSA
Security Attacks on RSASecurity Attacks on RSA
Security Attacks on RSA
 
Public Key Cryptography
Public Key CryptographyPublic Key Cryptography
Public Key Cryptography
 
Diffie Hellman Key Exchange
Diffie Hellman Key ExchangeDiffie Hellman Key Exchange
Diffie Hellman Key Exchange
 
Rsa cryptosystem
Rsa cryptosystemRsa cryptosystem
Rsa cryptosystem
 
Number theory and cryptography
Number theory and cryptographyNumber theory and cryptography
Number theory and cryptography
 
1524 elliptic curve cryptography
1524 elliptic curve cryptography1524 elliptic curve cryptography
1524 elliptic curve cryptography
 
Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: Overview
 
Information Security & Cryptography
Information Security & CryptographyInformation Security & Cryptography
Information Security & Cryptography
 
Applications of linear algebra in field of it
Applications of linear algebra in field of itApplications of linear algebra in field of it
Applications of linear algebra in field of it
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Security
 
Elliptic Curve Cryptography
Elliptic Curve CryptographyElliptic Curve Cryptography
Elliptic Curve Cryptography
 
Number Theory In Cryptography
Number Theory In CryptographyNumber Theory In Cryptography
Number Theory In Cryptography
 
block ciphers
block ciphersblock ciphers
block ciphers
 
Intro to modern cryptography
Intro to modern cryptographyIntro to modern cryptography
Intro to modern cryptography
 
Elliptic Curve Cryptography for those who are afraid of maths
Elliptic Curve Cryptography for those who are afraid of mathsElliptic Curve Cryptography for those who are afraid of maths
Elliptic Curve Cryptography for those who are afraid of maths
 
Encryption algorithms
Encryption algorithmsEncryption algorithms
Encryption algorithms
 

Similar to Elliptic Curve Cryptography: Arithmetic behind

Cryptography Baby Step Giant Step
Cryptography Baby Step Giant StepCryptography Baby Step Giant Step
Cryptography Baby Step Giant StepSAUVIK BISWAS
 
SYMMETRIC BILINEAR CRYPTOGRAPHY ON ELLIPTIC CURVE AND LIE ALGEBRA
SYMMETRIC BILINEAR CRYPTOGRAPHY ON ELLIPTIC CURVE AND LIE ALGEBRASYMMETRIC BILINEAR CRYPTOGRAPHY ON ELLIPTIC CURVE AND LIE ALGEBRA
SYMMETRIC BILINEAR CRYPTOGRAPHY ON ELLIPTIC CURVE AND LIE ALGEBRABRNSS Publication Hub
 
Graphs and eularian circuit & path with c++ program
Graphs and eularian circuit & path with c++ programGraphs and eularian circuit & path with c++ program
Graphs and eularian circuit & path with c++ programMuhammad Danish Badar
 
elliptic-curves-modern
elliptic-curves-modernelliptic-curves-modern
elliptic-curves-modernEric Seifert
 
Grovers Algorithm
Grovers Algorithm Grovers Algorithm
Grovers Algorithm CaseyHaaland
 
Mathematics compendium for class ix
Mathematics compendium for class ixMathematics compendium for class ix
Mathematics compendium for class ixAPEX INSTITUTE
 
High-dimensional polytopes defined by oracles: algorithms, computations and a...
High-dimensional polytopes defined by oracles: algorithms, computations and a...High-dimensional polytopes defined by oracles: algorithms, computations and a...
High-dimensional polytopes defined by oracles: algorithms, computations and a...Vissarion Fisikopoulos
 
Elliptic Curves as Tool for Public Key Cryptography
Elliptic Curves as Tool for Public Key CryptographyElliptic Curves as Tool for Public Key Cryptography
Elliptic Curves as Tool for Public Key Cryptographyinventy
 
2016--04-07-NCUR-JON (1)
2016--04-07-NCUR-JON (1)2016--04-07-NCUR-JON (1)
2016--04-07-NCUR-JON (1)Jon Scott
 
Efficient Edge-Skeleton Computation for Polytopes Defined by Oracles
Efficient Edge-Skeleton Computation for Polytopes Defined by OraclesEfficient Edge-Skeleton Computation for Polytopes Defined by Oracles
Efficient Edge-Skeleton Computation for Polytopes Defined by OraclesVissarion Fisikopoulos
 
Lesson 8: Determinants III
Lesson 8: Determinants IIILesson 8: Determinants III
Lesson 8: Determinants IIIMatthew Leingang
 
Pshs 3rd yr_functions_young_einstein
Pshs 3rd yr_functions_young_einsteinPshs 3rd yr_functions_young_einstein
Pshs 3rd yr_functions_young_einsteinRenee Tan
 
Pshs 3rd yr_functions
Pshs 3rd yr_functionsPshs 3rd yr_functions
Pshs 3rd yr_functionsRenee Tan
 
3.3 graphs of factorable polynomials and rational functions
3.3 graphs of factorable polynomials and rational functions3.3 graphs of factorable polynomials and rational functions
3.3 graphs of factorable polynomials and rational functionsmath265
 

Similar to Elliptic Curve Cryptography: Arithmetic behind (20)

Cryptography Baby Step Giant Step
Cryptography Baby Step Giant StepCryptography Baby Step Giant Step
Cryptography Baby Step Giant Step
 
SYMMETRIC BILINEAR CRYPTOGRAPHY ON ELLIPTIC CURVE AND LIE ALGEBRA
SYMMETRIC BILINEAR CRYPTOGRAPHY ON ELLIPTIC CURVE AND LIE ALGEBRASYMMETRIC BILINEAR CRYPTOGRAPHY ON ELLIPTIC CURVE AND LIE ALGEBRA
SYMMETRIC BILINEAR CRYPTOGRAPHY ON ELLIPTIC CURVE AND LIE ALGEBRA
 
LPS talk notes
LPS talk notesLPS talk notes
LPS talk notes
 
Control chap7
Control chap7Control chap7
Control chap7
 
Graphs and eularian circuit & path with c++ program
Graphs and eularian circuit & path with c++ programGraphs and eularian circuit & path with c++ program
Graphs and eularian circuit & path with c++ program
 
Lec12
Lec12Lec12
Lec12
 
elliptic-curves-modern
elliptic-curves-modernelliptic-curves-modern
elliptic-curves-modern
 
Grovers Algorithm
Grovers Algorithm Grovers Algorithm
Grovers Algorithm
 
Mathematics compendium for class ix
Mathematics compendium for class ixMathematics compendium for class ix
Mathematics compendium for class ix
 
Unit 6.5
Unit 6.5Unit 6.5
Unit 6.5
 
High-dimensional polytopes defined by oracles: algorithms, computations and a...
High-dimensional polytopes defined by oracles: algorithms, computations and a...High-dimensional polytopes defined by oracles: algorithms, computations and a...
High-dimensional polytopes defined by oracles: algorithms, computations and a...
 
Elliptic Curves as Tool for Public Key Cryptography
Elliptic Curves as Tool for Public Key CryptographyElliptic Curves as Tool for Public Key Cryptography
Elliptic Curves as Tool for Public Key Cryptography
 
2016--04-07-NCUR-JON (1)
2016--04-07-NCUR-JON (1)2016--04-07-NCUR-JON (1)
2016--04-07-NCUR-JON (1)
 
Volume computation and applications
Volume computation and applications Volume computation and applications
Volume computation and applications
 
Efficient Edge-Skeleton Computation for Polytopes Defined by Oracles
Efficient Edge-Skeleton Computation for Polytopes Defined by OraclesEfficient Edge-Skeleton Computation for Polytopes Defined by Oracles
Efficient Edge-Skeleton Computation for Polytopes Defined by Oracles
 
Lesson 8: Determinants III
Lesson 8: Determinants IIILesson 8: Determinants III
Lesson 8: Determinants III
 
Pshs 3rd yr_functions_young_einstein
Pshs 3rd yr_functions_young_einsteinPshs 3rd yr_functions_young_einstein
Pshs 3rd yr_functions_young_einstein
 
Pshs 3rd yr_functions
Pshs 3rd yr_functionsPshs 3rd yr_functions
Pshs 3rd yr_functions
 
3.3 graphs of factorable polynomials and rational functions
3.3 graphs of factorable polynomials and rational functions3.3 graphs of factorable polynomials and rational functions
3.3 graphs of factorable polynomials and rational functions
 
COORDINATE GEOMETRY II
COORDINATE GEOMETRY IICOORDINATE GEOMETRY II
COORDINATE GEOMETRY II
 

More from Ayan Sengupta

Pricing of Apple iPhone
Pricing of Apple iPhonePricing of Apple iPhone
Pricing of Apple iPhoneAyan Sengupta
 
Applications of Machine Learning in High Frequency Trading
Applications of Machine Learning in High Frequency TradingApplications of Machine Learning in High Frequency Trading
Applications of Machine Learning in High Frequency TradingAyan Sengupta
 
Case Study on Housing.com
Case Study on Housing.comCase Study on Housing.com
Case Study on Housing.comAyan Sengupta
 
Cab travel time prediction using ensemble models
Cab travel time prediction using ensemble modelsCab travel time prediction using ensemble models
Cab travel time prediction using ensemble modelsAyan Sengupta
 
Nike Stock Pitch: Analysis and Valuation
Nike Stock Pitch: Analysis and ValuationNike Stock Pitch: Analysis and Valuation
Nike Stock Pitch: Analysis and ValuationAyan Sengupta
 
2-Approximation Algorithm of Semi-Matching Problem
2-Approximation Algorithm of Semi-Matching Problem2-Approximation Algorithm of Semi-Matching Problem
2-Approximation Algorithm of Semi-Matching ProblemAyan Sengupta
 
Existence and Uniqueness of Algebraic Closure
Existence and Uniqueness of Algebraic ClosureExistence and Uniqueness of Algebraic Closure
Existence and Uniqueness of Algebraic ClosureAyan Sengupta
 

More from Ayan Sengupta (7)

Pricing of Apple iPhone
Pricing of Apple iPhonePricing of Apple iPhone
Pricing of Apple iPhone
 
Applications of Machine Learning in High Frequency Trading
Applications of Machine Learning in High Frequency TradingApplications of Machine Learning in High Frequency Trading
Applications of Machine Learning in High Frequency Trading
 
Case Study on Housing.com
Case Study on Housing.comCase Study on Housing.com
Case Study on Housing.com
 
Cab travel time prediction using ensemble models
Cab travel time prediction using ensemble modelsCab travel time prediction using ensemble models
Cab travel time prediction using ensemble models
 
Nike Stock Pitch: Analysis and Valuation
Nike Stock Pitch: Analysis and ValuationNike Stock Pitch: Analysis and Valuation
Nike Stock Pitch: Analysis and Valuation
 
2-Approximation Algorithm of Semi-Matching Problem
2-Approximation Algorithm of Semi-Matching Problem2-Approximation Algorithm of Semi-Matching Problem
2-Approximation Algorithm of Semi-Matching Problem
 
Existence and Uniqueness of Algebraic Closure
Existence and Uniqueness of Algebraic ClosureExistence and Uniqueness of Algebraic Closure
Existence and Uniqueness of Algebraic Closure
 

Recently uploaded

A relative description on Sonoporation.pdf
A relative description on Sonoporation.pdfA relative description on Sonoporation.pdf
A relative description on Sonoporation.pdfnehabiju2046
 
Physiochemical properties of nanomaterials and its nanotoxicity.pptx
Physiochemical properties of nanomaterials and its nanotoxicity.pptxPhysiochemical properties of nanomaterials and its nanotoxicity.pptx
Physiochemical properties of nanomaterials and its nanotoxicity.pptxAArockiyaNisha
 
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...jana861314
 
Hubble Asteroid Hunter III. Physical properties of newly found asteroids
Hubble Asteroid Hunter III. Physical properties of newly found asteroidsHubble Asteroid Hunter III. Physical properties of newly found asteroids
Hubble Asteroid Hunter III. Physical properties of newly found asteroidsSérgio Sacani
 
Stunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCR
Stunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCRStunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCR
Stunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCRDelhi Call girls
 
Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...RohitNehra6
 
VIRUSES structure and classification ppt by Dr.Prince C P
VIRUSES structure and classification ppt by Dr.Prince C PVIRUSES structure and classification ppt by Dr.Prince C P
VIRUSES structure and classification ppt by Dr.Prince C PPRINCE C P
 
Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...Nistarini College, Purulia (W.B) India
 
Call Girls in Munirka Delhi 💯Call Us 🔝9953322196🔝 💯Escort.
Call Girls in Munirka Delhi 💯Call Us 🔝9953322196🔝 💯Escort.Call Girls in Munirka Delhi 💯Call Us 🔝9953322196🔝 💯Escort.
Call Girls in Munirka Delhi 💯Call Us 🔝9953322196🔝 💯Escort.aasikanpl
 
G9 Science Q4- Week 1-2 Projectile Motion.ppt
G9 Science Q4- Week 1-2 Projectile Motion.pptG9 Science Q4- Week 1-2 Projectile Motion.ppt
G9 Science Q4- Week 1-2 Projectile Motion.pptMAESTRELLAMesa2
 
Analytical Profile of Coleus Forskohlii | Forskolin .pptx
Analytical Profile of Coleus Forskohlii | Forskolin .pptxAnalytical Profile of Coleus Forskohlii | Forskolin .pptx
Analytical Profile of Coleus Forskohlii | Forskolin .pptxSwapnil Therkar
 
All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...
All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...
All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...Sérgio Sacani
 
Grafana in space: Monitoring Japan's SLIM moon lander in real time
Grafana in space: Monitoring Japan's SLIM moon lander in real timeGrafana in space: Monitoring Japan's SLIM moon lander in real time
Grafana in space: Monitoring Japan's SLIM moon lander in real timeSatoshi NAKAHIRA
 
Analytical Profile of Coleus Forskohlii | Forskolin .pdf
Analytical Profile of Coleus Forskohlii | Forskolin .pdfAnalytical Profile of Coleus Forskohlii | Forskolin .pdf
Analytical Profile of Coleus Forskohlii | Forskolin .pdfSwapnil Therkar
 
Scheme-of-Work-Science-Stage-4 cambridge science.docx
Scheme-of-Work-Science-Stage-4 cambridge science.docxScheme-of-Work-Science-Stage-4 cambridge science.docx
Scheme-of-Work-Science-Stage-4 cambridge science.docxyaramohamed343013
 
Natural Polymer Based Nanomaterials
Natural Polymer Based NanomaterialsNatural Polymer Based Nanomaterials
Natural Polymer Based NanomaterialsAArockiyaNisha
 
Behavioral Disorder: Schizophrenia & it's Case Study.pdf
Behavioral Disorder: Schizophrenia & it's Case Study.pdfBehavioral Disorder: Schizophrenia & it's Case Study.pdf
Behavioral Disorder: Schizophrenia & it's Case Study.pdfSELF-EXPLANATORY
 
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...Sérgio Sacani
 
Is RISC-V ready for HPC workload? Maybe?
Is RISC-V ready for HPC workload? Maybe?Is RISC-V ready for HPC workload? Maybe?
Is RISC-V ready for HPC workload? Maybe?Patrick Diehl
 

Recently uploaded (20)

A relative description on Sonoporation.pdf
A relative description on Sonoporation.pdfA relative description on Sonoporation.pdf
A relative description on Sonoporation.pdf
 
The Philosophy of Science
The Philosophy of ScienceThe Philosophy of Science
The Philosophy of Science
 
Physiochemical properties of nanomaterials and its nanotoxicity.pptx
Physiochemical properties of nanomaterials and its nanotoxicity.pptxPhysiochemical properties of nanomaterials and its nanotoxicity.pptx
Physiochemical properties of nanomaterials and its nanotoxicity.pptx
 
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
 
Hubble Asteroid Hunter III. Physical properties of newly found asteroids
Hubble Asteroid Hunter III. Physical properties of newly found asteroidsHubble Asteroid Hunter III. Physical properties of newly found asteroids
Hubble Asteroid Hunter III. Physical properties of newly found asteroids
 
Stunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCR
Stunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCRStunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCR
Stunning ➥8448380779▻ Call Girls In Panchshil Enclave Delhi NCR
 
Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...
 
VIRUSES structure and classification ppt by Dr.Prince C P
VIRUSES structure and classification ppt by Dr.Prince C PVIRUSES structure and classification ppt by Dr.Prince C P
VIRUSES structure and classification ppt by Dr.Prince C P
 
Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...
 
Call Girls in Munirka Delhi 💯Call Us 🔝9953322196🔝 💯Escort.
Call Girls in Munirka Delhi 💯Call Us 🔝9953322196🔝 💯Escort.Call Girls in Munirka Delhi 💯Call Us 🔝9953322196🔝 💯Escort.
Call Girls in Munirka Delhi 💯Call Us 🔝9953322196🔝 💯Escort.
 
G9 Science Q4- Week 1-2 Projectile Motion.ppt
G9 Science Q4- Week 1-2 Projectile Motion.pptG9 Science Q4- Week 1-2 Projectile Motion.ppt
G9 Science Q4- Week 1-2 Projectile Motion.ppt
 
Analytical Profile of Coleus Forskohlii | Forskolin .pptx
Analytical Profile of Coleus Forskohlii | Forskolin .pptxAnalytical Profile of Coleus Forskohlii | Forskolin .pptx
Analytical Profile of Coleus Forskohlii | Forskolin .pptx
 
All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...
All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...
All-domain Anomaly Resolution Office U.S. Department of Defense (U) Case: “Eg...
 
Grafana in space: Monitoring Japan's SLIM moon lander in real time
Grafana in space: Monitoring Japan's SLIM moon lander in real timeGrafana in space: Monitoring Japan's SLIM moon lander in real time
Grafana in space: Monitoring Japan's SLIM moon lander in real time
 
Analytical Profile of Coleus Forskohlii | Forskolin .pdf
Analytical Profile of Coleus Forskohlii | Forskolin .pdfAnalytical Profile of Coleus Forskohlii | Forskolin .pdf
Analytical Profile of Coleus Forskohlii | Forskolin .pdf
 
Scheme-of-Work-Science-Stage-4 cambridge science.docx
Scheme-of-Work-Science-Stage-4 cambridge science.docxScheme-of-Work-Science-Stage-4 cambridge science.docx
Scheme-of-Work-Science-Stage-4 cambridge science.docx
 
Natural Polymer Based Nanomaterials
Natural Polymer Based NanomaterialsNatural Polymer Based Nanomaterials
Natural Polymer Based Nanomaterials
 
Behavioral Disorder: Schizophrenia & it's Case Study.pdf
Behavioral Disorder: Schizophrenia & it's Case Study.pdfBehavioral Disorder: Schizophrenia & it's Case Study.pdf
Behavioral Disorder: Schizophrenia & it's Case Study.pdf
 
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
PossibleEoarcheanRecordsoftheGeomagneticFieldPreservedintheIsuaSupracrustalBe...
 
Is RISC-V ready for HPC workload? Maybe?
Is RISC-V ready for HPC workload? Maybe?Is RISC-V ready for HPC workload? Maybe?
Is RISC-V ready for HPC workload? Maybe?
 

Elliptic Curve Cryptography: Arithmetic behind

  • 1. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Arithmetic of Elliptic Curves Ayan Sengupta May 5, 2015
  • 2. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Overview 1 Group Structure of Elliptic Curves 2 Rational Points of Finite Order on Elliptic Curve 3 Group of Rational Points on Elliptic Curve 4 Application in Cryptography
  • 3. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Motivation Very important concept and major area of current research in Number Theory. Andrew Wiles used in his famour proof of Fermat’s last theorem. They are vividly used in many algorithms: - Lenstra elliptic curve factorization. - Elliptic curve primality testing. Elliptic curve cryptography (ECC) is based on the elliptic curve discrete logarithm problem.
  • 4. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography What is Elliptic Curve ? An algebraic curve of the form Y 2 = X3 + aX2 + bX + c (1) where a, b, c ∈ K, field (most popular are Q, Fp), such that f (X) = X3 + aX2 + bX + c has no repeated root in C. We also assume a point at infinity O included in elliptic curve, that is the point where the vertical lines in XY -plane meet.
  • 5. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography What is Elliptic Curve ? An algebraic curve of the form Y 2 = X3 + aX2 + bX + c (1) where a, b, c ∈ K, field (most popular are Q, Fp), such that f (X) = X3 + aX2 + bX + c has no repeated root in C. We also assume a point at infinity O included in elliptic curve, that is the point where the vertical lines in XY -plane meet. (a) One real root of f (X) (b) Three real roots of f (X)
  • 6. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography What is Elliptic Curve ? A smooth, projective algebraic curve of genus one with a pre-assumed point O. It is nothing related to ellipses!
  • 7. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Group Structure of Elliptic Curves Figure : Addition operation on elliptic curve Explicitely, x3 = λ2 − a − x1 − x2 (2) y3 = λx3 + ν (3) where, λ and ν are respectively the slope and intercept of the line joining P1, P2.
  • 8. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Group Structure of Elliptic Curves Figure : Doubling a point x3 = x4 1 −2bx2 1 −8cx1+b2−4ac 4x3 1 +4ax2 1 +4bx1+4c (duplication formula)
  • 9. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Group Structure of Elliptic Curves Figure : Inverse of a point
  • 10. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Group Structure of Elliptic Curves Using Nine intersection theorem, associativity can be proved.
  • 11. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Group Structure of Elliptic Curves Points on an elliptic curve form an abelian group under the above mentioned addition operation.
  • 12. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Group Structure of Elliptic Curves Concentrate on elliptic curve C over Q and points (x1, y1) such that both x1, y1 ∈ Q. It can be shown that such points (rational points) on C form a subgroup under the same addition operation.
  • 13. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Order of a Point on Elliptic Curve P is a point (x1, y1) on elliptic curve C with order m if mP = P + P + · · · + P m = O (4) such that m P = O for all integers 1 ≤ m < m.
  • 14. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Order of a Point on Elliptic Curve P is a point (x1, y1) on elliptic curve C with order m if mP = P + P + · · · + P m = O (4) such that m P = O for all integers 1 ≤ m < m. If no such m exists then P is of infinite order.
  • 15. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Points of Order 2 2P = O if and only if P = −P, i.e. y1 = −y1. So, y1 = 0.
  • 16. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Points of Order 2 2P = O if and only if P = −P, i.e. y1 = −y1. So, y1 = 0. Number of rational points of order 2 depends on the number of solutions of the equation f (x) = 0 in Q.
  • 17. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Points of Order 3 3P = O if and only if 2P = P. From duplication formula, x4 1 − 2bx2 1 − 8cx1 + b2 − 4ac 4x3 1 + 4ax2 1 + 4bx1 + 4c = x1 (5) So, x1 is a root of the equation 3X4 + 4aX3 + 6bX2 + 12cX + (4ac − b2) which is same as 2f (X)f (X) − f (X) 2 . For each x1 we can get two distinct y1s. So, total there are 9 points in complex field of order 3 (including O).
  • 18. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Points of Order 3 3P = O if and only if 2P = P. From duplication formula, x4 1 − 2bx2 1 − 8cx1 + b2 − 4ac 4x3 1 + 4ax2 1 + 4bx1 + 4c = x1 (5) So, x1 is a root of the equation 3X4 + 4aX3 + 6bX2 + 12cX + (4ac − b2) which is same as 2f (X)f (X) − f (X) 2 . For each x1 we can get two distinct y1s. So, total there are 9 points in complex field of order 3 (including O). These points are precisely all the inflection points i.e., the points on the curve C, such that the tangent at that point has multiplicity 3.
  • 19. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Nagell-Lutz Theorem This theorem gives the overview of all the rational points that can have finite order. Theorem (Nagell-Lutz) Let Y 2 = f (X) = X3 + aX2 + bX + c (6) be a non-singular cubic curve with integer coefficients a, b, c; and let D be the discriminant of the cubic polynomial f (x), D = −4a3 c + a2 b2 + 18abc − 4b3 − 27c2 . (7) Let P = (x, y) be a rational point of finite order. Then x and y are integers; and either y = 0, or else y|D.
  • 20. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Nagell-Lutz Theorem Nagell-Lutz theorem is not an if and only if condition!
  • 21. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Nagell-Lutz Theorem Nagell-Lutz theorem is not an if and only if condition! To find whether a particular point on C has finite order or not, we need to check all of its multiples to find the order. Mazur’s theorem is a very strong result which makes our life easier.
  • 22. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Mazur’s Theorem Theorem Let C be a non-singular rational cubic curve, and suppose that C(Q) contans a point of finite order m. Then either 1 ≤ m ≤ 10 or m = 12. More precisely, the set of all points of finite order in C(Q) forms a subgroup, which has one of the following two forms: a) A cyclic group of order N with 1 ≤ N ≤ 10 or N = 12. b) The product of a cyclic group of order two and a cyclic group of order 2N with 1 ≤ N ≤ 4.
  • 23. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Example
  • 24. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Mordell’s Theorem Theorem Let C be a non-singular cubic curve with rational coefficients and has a rational point. Then the group of rational points C(Q) is finitely generated. This theorem tells us that starting from a single rational point on an elliptic curve and using only the group laws (addition, duplication, inversion) we can generate the whole set of rational points.
  • 25. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Mordell’s Theorem We define a map H : C −→ [0, ∞) such that H(x, y) = max{|m|, |n|} where, x = m n in its irreducible form. If x = 0, we define H(x, y) = 1. Also H(O) = 1. We call this map “height”of a point.
  • 26. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Mordell’s Theorem We define a map H : C −→ [0, ∞) such that H(x, y) = max{|m|, |n|} where, x = m n in its irreducible form. If x = 0, we define H(x, y) = 1. Also H(O) = 1. We call this map “height”of a point. Define “small height”h(x, y) = logH(x, y).
  • 27. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Proof of Mordell’s Theorem Theorem (Descent’s Theorem) If Γ is a abelian group with a function h : Γ −→ [0, ∞) such that a) For every real number n, the set {P ∈ Γ : h(P) ≤ n} is finite. b) For every P0 ∈ Γ, there is a constant k0 such that h(P + P0) ≤ 2h(P) + k0 (8) for every P ∈ Γ. c) There is a constant k such that h(2P) ≥ 4h(P) − k (9) for all P ∈ Γ. d) The subgroup 2Γ has finite index in Γ. Then Γ is finitely generated.
  • 28. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Proof of Mordell’s Theorem It can be proved explicitely that C(Q) and the map “little height”h satisfy the above conditions.
  • 29. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Mordell’s Theorem We have C(Q) ∼= Z ⊕ Z ⊕ · · · ⊕ Z r ⊕Zp1 d1 ⊕ Zp2 d2 ⊕ · · · ⊕ Zps ds . (10) r is called rank of Γ and the subgroup Zp1 d1 ⊕ Zp2 d2 ⊕ · · · ⊕ Zps ds correspondes to the elements of finite order in C(Q).
  • 30. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Example
  • 31. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Basics of Cryptography Cryptography is the study of message hiding. The basic model of cryptography is Figure : Adversarial model of cryptography
  • 32. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Secure Systems For most secure and robust system, we assume that the adversary has considerable capabilites. He is able to read all the data transmitted over the channel, has significant computational resources and has complete descriptions of the communications protocols and any cryptographic mechanisms deployed (except for secret keying informations). The challenge is to design a robust mechanism to secure the communication from such powerful adversaries.
  • 33. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Public-Key Cryptography It is a part of cryptography where each entity selects a pair of keys, consisting of a public key, which is used for encryption and a private key which is used for decryption. The keys have the property that the actual plain text can not be computed effeciently from the knowledge of only cipher text and the public keys. Public-key cryptosystems rely on the hardness of some very popular number theoretic problems. e.g.-
  • 34. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Public-Key Cryptography It is a part of cryptography where each entity selects a pair of keys, consisting of a public key, which is used for encryption and a private key which is used for decryption. The keys have the property that the actual plain text can not be computed effeciently from the knowledge of only cipher text and the public keys. Public-key cryptosystems rely on the hardness of some very popular number theoretic problems. e.g.- RSA scheme is based on the intractibility of integer factorization problem for semiprimes. ECC schemes depends totally on the hardness of elliptic curve discrete logarithm problem (ECDLP). Merkle-Hellman knapsack cryptosystem is based on integer knapsack problem (also called subset sum problem).
  • 35. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography ECDLP Definition For a point P of order n and a point Q ∈ {O, P, 2P, · · · , (n − 1)P} find the integer d ∈ [0, n − 1] such that Q = dP.
  • 36. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography ElGamal Elliptic Curve Cryptographic System Suppose we have an elliptic curve C defined over a finite field Fq, where q is a large prime. C, q and a point P ∈ C with large order n are publicly known. We first represent our message m as a point M in C(Fq). When A wants to communicate secretly with B, they proceed thus: B choose a random integer b ∈ [0, n − 1] and publishes the point bP as public key and keeps b to himself as the private key. A chooses a random integer a ∈ [0, n − 1] and publishes the point aP. He then sends the pair (aP, M + a(bP)) to B, where M + a(bP) is the ciphertext. A keeps his secret key, a to himself.
  • 37. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography ElGamal Elliptic Curve Cryptographic System To decrypt the message, B first calculates b(aP) using A’s public key and B’s own private key. As C is an abelian group, a(bP) = b(aP). Now, B gets back the message from M + a(bP) − b(aP) = M. From M, B gets back the original message m by reversing the imbedding.
  • 38. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography ECDLP Many protocols like - Elliptic Curve Integrated Encryption Scheme, Elliptic Curve Digital Signature Algorithm are based on the intractibility of ECDLP.
  • 39. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography ECDLP Many protocols like - Elliptic Curve Integrated Encryption Scheme, Elliptic Curve Digital Signature Algorithm are based on the intractibility of ECDLP. There are several algorithms such as Number field sieve, Pohlig-Hellman algorithm, Pollard’s rho algorithm, Shor’s algorithm solve this problem. But the best known algorithm so far is of complexity O( √ p), where p is the largest prime divisor of n. But yet no one has been able to prove mathematically the intractibility of ECDLP.
  • 40. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography
  • 41. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography Acknoweledgement 1. http://en.wikipedia.org/wiki 2. https://www.nsa.gov/ia/programs/ suitebcryptography/index.shtml
  • 42. Arithmetic of Elliptic Curves Ayan Sengupta Group Structure of Elliptic Curves Rational Points of Finite Order on Elliptic Curve Group of Rational Points on Elliptic Curve Application in Cryptography The End