Elliptic Curve Crypto & ECC Diffie-Hellman

1. Elliptic Curve Crypto & ECC Diffie-Hellman Presenter: Le ThanhBinh

2. Outline • What is Elliptic Curve ? • Addition on an elliptic curve • Elliptic Curve Crypto (ECC) • ECC Diffie–Hellman

3. Lets start with a puzzle… • What is the number of balls that may be piled as a square pyramid and also rearranged into a square array?

4. Lets start with a puzzle… • What is the number of balls that may be piled as a square pyramid and also rearranged into a square array? • Sol:Let x be the height of the pyramid… Thus, We also want this to be a square: Hence, y=70 (4900 balls)

5. Graphical Representation Curves of this nature are called ELLIPTIC CURVES

6. What is an Elliptic Curve ? • An elliptic curve E is the graph of an equation of the form y2 = x3 + ax + b “Elliptic curve” is not a cryptosystem

7. Addition on an elliptic curve mod p The Elliptic Curve E

8. Addition on an elliptic curve mod p Start with two points P and Q on E

9. Addition on an elliptic curve mod p Draw the line L through P and Q.

10. Addition on an elliptic curve mod p The line L intersects the cubic curve E in a third point. Call that third point R.

11. Addition on an elliptic curve mod p Draw the vertical line through R. It hits E in another point.

12. Addition on an elliptic curve mod p We define the sum of P and Q on E to be the reflected point. We denote it by P ⊕Q or just P + Q

13. Addition on an elliptic curve mod p If P1 and P2 are on E, we can define P3 = P1 + P2 y P2 P1 x P3

14. Addition on an elliptic curve mod p Suppose that we want to add the points on the elliptic curve Let the line connecting P1to P2be L : y = mx + v Explicitly, the slope and y-intercept of L are given by

15. Addition on an elliptic curve mod p We find the intersection of by solving We already know that x1 and x2 are solutions, so we can find the third solution x3 by comparing the two sides of Equating the coefficients and hence Then we compute y3 And finally

17. Addition on an elliptic curve mod p Consider y2 = x3 + 2x + 3 (mod 5) x = 0  y2 = 3  no solution (mod 5) Example x = 1  y2 = 6 = 1  y = 1,4 (mod 5) x = 2  y2 = 15 = 0  y = 0 (mod 5) x = 3  y2 = 36 = 1  y = 1,4 (mod 5) x = 4  y2 = 75 = 0  y = 0 (mod 5) Then points on the elliptic curve are (1,1) (1,4) (2,0) (3,1) (3,4) (4,0) and the point at infinity:  What is (1,4) + (3,1) = P3 = (x3,y3)?

18. Addition on an elliptic curve mod p Consider y2 = x3 + 2x + 3 (mod 5) y What is (1,4) + (3,1) = P3 = (x3,y3)? P2 P1 y=mx+v m = (1-4)(3-1)-1 = -32-1 x P3 • ((a mod n)(b mod n)) mod n = ab mod n = ((-3 mod 5)(2-1 mod 5))mod5 = (2)(3) mod 5 = 6 mod 5 = 1 y2=x3+Ax+B

19. Addition on an elliptic curve mod p Consider y2 = x3 + 2x + 3 (mod 5) y What is (1,4) + (3,1) = P3 = (x3,y3)? P2 P1 y=mx+v m = 1 x x3 = 1 - 1 - 3 = 2 (mod 5) P3 y3 = 1(1-2) - 4 = 0 (mod 5) On this curve, (1,4) + (3,1) = (2,0) y2=x3+Ax+B

20. Elliptic Curve Crypto (ECC) Elliptic curve cryptography [ECC] is a public-key cryptosystem (just like RSA)

21. Private Private Public Public Public-keycryptosystem

22. Public Public Public-keycryptosystem

23. ??? Secret Secret Public-keycryptosystem

24. Addition on an elliptic curve

25. ECC Diffie-Hellman • Public: Elliptic curve and point (x,y) on curve • Private: Alice’s A and Bob’s B A(x,y) B(x,y) Alice, A Bob, B • Alice computes A(B(x,y)) • Bob computes B(A(x,y)) • These are the same since AB = BA

26. ECC Diffie–Hellman - Example • Public: Curve y2 = x3 + 7x + b (mod 37) and point (2,5)  b = 3 • Alice’s private:A = 4 • Bob’s private:B = 7 • Alice sends Bob: 4(2,5) = (7,32) • Bob sends Alice: 7(2,5) = (18,35) • Alice computes: 4(18,35) = (22,1) • Bob computes: 7(7,32) = (22,1) Addition 4 times

27. Demonstration http://www-cs-students.stanford.edu/~tjw/jsbn/ecdh.html ----------- THE END ------------ Thank you for listening