Joseph Fadyn Kennesaw State University 1100 South Marietta Parkway Marietta, Georgia

Similar documents
Joseph Fadyn Southern Polytechnic State University 1100 South Marietta Parkway Marietta, Georgia 30060

Elliptic Curve Cryptography

CPSC 467: Cryptography and Computer Security

CPSC 467b: Cryptography and Computer Security

Public Key Cryptography

during transmission safeguard information Cryptography: used to CRYPTOGRAPHY BACKGROUND OF THE MATHEMATICAL

Elliptic Curve Computations (1) View the graph and an elliptic curve Graph the elliptic curve y 2 = x 3 x over the real number field R.

Carmen s Core Concepts (Math 135)

Other Public-Key Cryptosystems

Elliptic Curves. Giulia Mauri. Politecnico di Milano website:

10 Modular Arithmetic and Cryptography

Chapter 8 Public-key Cryptography and Digital Signatures

MATH 158 FINAL EXAM 20 DECEMBER 2016

MATH3302 Cryptography Problem Set 2

CPE 776:DATA SECURITY & CRYPTOGRAPHY. Some Number Theory and Classical Crypto Systems

Definition: For a positive integer n, if 0<a<n and gcd(a,n)=1, a is relatively prime to n. Ahmet Burak Can Hacettepe University

Elliptic Curve Cryptography

Public Key Cryptography

basics of security/cryptography

CPSC 467b: Cryptography and Computer Security

8 Elliptic Curve Cryptography

One can use elliptic curves to factor integers, although probably not RSA moduli.

Other Public-Key Cryptosystems

Cryptography. P. Danziger. Transmit...Bob...

Digital Signatures. Saravanan Vijayakumaran Department of Electrical Engineering Indian Institute of Technology Bombay

Discrete logarithm and related schemes

Public-Key Encryption: ElGamal, RSA, Rabin

Lecture 1: Introduction to Public key cryptography

Lemma 1.2. (1) If p is prime, then ϕ(p) = p 1. (2) If p q are two primes, then ϕ(pq) = (p 1)(q 1).

Security Issues in Cloud Computing Modern Cryptography II Asymmetric Cryptography

Public Key 9/17/2018. Symmetric Cryptography Review. Symmetric Cryptography: Shortcomings (1) Symmetric Cryptography: Analogy

CRYPTOGRAPHY AND NUMBER THEORY

Notes for Lecture 17

Introduction to Modern Cryptography. Benny Chor

Public Key Cryptography. All secret key algorithms & hash algorithms do the same thing but public key algorithms look very different from each other.

Candidates must show on each answer book the type of calculator used. Only calculators permitted under UEA Regulations may be used.

Number theory (Chapter 4)

Cryptography. pieces from work by Gordon Royle

Arithmétique et Cryptographie Asymétrique

Mathematics of Cryptography

Discrete Mathematics GCD, LCM, RSA Algorithm

Introduction to Modern Cryptography. Benny Chor

Cryptography and RSA. Group (1854, Cayley) Upcoming Interview? Outline. Commutative or Abelian Groups

Public-Key Cryptosystems CHAPTER 4

Public-key Cryptography and elliptic curves

Introduction to Elliptic Curve Cryptography. Anupam Datta

AN INTRODUCTION TO THE UNDERLYING COMPUTATIONAL PROBLEM OF THE ELGAMAL CRYPTOSYSTEM

Cryptography and Security Final Exam

Lecture Notes, Week 6

2. Cryptography 2.5. ElGamal cryptosystems and Discrete logarithms

Public-key Cryptography and elliptic curves

Introduction to Elliptic Curve Cryptography

Cryptography. Lecture 2: Perfect Secrecy and its Limitations. Gil Segev

The Vigenère cipher is a stronger version of the Caesar cipher The encryption key is a word/sentence/random text ( and )

Univ.-Prof. Dr. rer. nat. Rudolf Mathar. Written Examination. Cryptography. Tuesday, August 29, 2017, 01:30 p.m.

1 Recommended Reading 1. 2 Public Key/Private Key Cryptography Overview RSA Algorithm... 2

L7. Diffie-Hellman (Key Exchange) Protocol. Rocky K. C. Chang, 5 March 2015

RSA-256bit 數位電路實驗 TA: 吳柏辰. Author: Trumen

Points of High Order on Elliptic Curves ECDSA

Introduction to Cybersecurity Cryptography (Part 4)

Asymmetric Encryption

Final Exam Math 105: Topics in Mathematics Cryptology, the Science of Secret Writing Rhodes College Tuesday, 30 April :30 11:00 a.m.

Polynomial Interpolation in the Elliptic Curve Cryptosystem

Ma/CS 6a Class 1. Course Details

Classical Cryptography

Introduction to Cryptography. Lecture 8

Introduction to Cybersecurity Cryptography (Part 4)

Public Key Cryptography

RSA RSA public key cryptosystem

Cryptography IV: Asymmetric Ciphers

CIS 551 / TCOM 401 Computer and Network Security

Theme : Cryptography. Instructor : Prof. C Pandu Rangan. Speaker : Arun Moorthy CS

Overview. Background / Context. CSC 580 Cryptography and Computer Security. March 21, 2017

Gurgen Khachatrian Martun Karapetyan

ASYMMETRIC ENCRYPTION

Course 2BA1: Trinity 2006 Section 9: Introduction to Number Theory and Cryptography

University of Regina Department of Mathematics & Statistics Final Examination (April 21, 2009)

CS483 Design and Analysis of Algorithms

Introduction to Modern Cryptography. Lecture RSA Public Key CryptoSystem 2. One way Trapdoor Functions

Practice Assignment 2 Discussion 24/02/ /02/2018

Mathematical Foundations of Public-Key Cryptography

Cryptanalysis on An ElGamal-Like Cryptosystem for Encrypting Large Messages

Elliptic curves: Theory and Applications. Day 4: The discrete logarithm problem.

Elliptic Curve Cryptosystems

Lattices. A Lattice is a discrete subgroup of the additive group of n-dimensional space R n.

CODING AND CRYPTOLOGY III CRYPTOLOGY EXERCISES. The questions with a * are extension questions, and will not be included in the assignment.

COMP4109 : Applied Cryptography

Encryption: The RSA Public Key Cipher

Question 2.1. Show that. is non-negligible. 2. Since. is non-negligible so is μ n +

Question: Total Points: Score:

Logic gates. Quantum logic gates. α β 0 1 X = 1 0. Quantum NOT gate (X gate) Classical NOT gate NOT A. Matrix form representation

Network Security Technology Spring, 2018 Tutorial 3, Week 4 (March 23) Due Date: March 30

Is It As Easy To Discover As To Verify?

Public Key Algorithms

10 Public Key Cryptography : RSA

Fully homomorphic encryption scheme using ideal lattices. Gentry s STOC 09 paper - Part II

Applied Cryptography and Computer Security CSE 664 Spring 2018

Math 412: Number Theory Lecture 13 Applications of

Sharing a Secret in Plain Sight. Gregory Quenell

Solution to Midterm Examination

Transcription:

ELLIPTIC CURVE CRYPTOGRAPHY USING MAPLE Joseph Fadyn Kennesaw State University 1100 South Marietta Parkway Marietta, Georgia 30060 jfadyn@spsu.edu An elliptic curve is one of the form: y 2 = x 3 + ax + b where the coefficients a and b are chosen from some field K. All of our work in this paper will be done with K=GF(p)=<Z p,+, >. We require that the cubic x 3 + ax + b does not have repeated roots in Z p which is equivalent to the condition that 4a 3 + 27b 2 0 (mod p). As an example, consider the graph of: y 2 = x 3-7x - 5 over R : If we consider this elliptic curve over the field Z 13, then we obtain a finite set of points: { (3, ±1), (6, 0), (7, ±9), (8, ±3), (11, ±1), (12, ±1) }. If we add to this set the so-called point at infinity, denoted by O, we obtain a set denoted by E 13 (-7,-5) which contains a total of 12 points. E 13 (-7,-5) can be made into an abelian (commutative) group. For a general elliptic curve E and prime p we have (see [ 3 ]): To begin we define: P + O = P for all P. Next, if P 1 = (x 1, y 1 ) and P 2 = (x 2, y 2 ) are points on E with P 1, P 2 O, define P 1 + P 2 = P 3 = (x 3, y 3 ) by: 1. If x 1 x 2, then x 3 = m 2 x 1 x 2, y 3 = m(x 1 x 3 ) y 1, where m = (y 2 -y 1 )/(x 2 -x 1 ). 2. If x 1 = x 2 but y 1 y 2. Then P 1 + P 2 = O. 3. If P 1 = P 2 and y 1 0 then x 3 = m 2-2x 1, y 3 = m(x 1 x 3 ) y 1, where m = (3x 1 2 +a) / (2y 1 ). 4. If P 1 = P 2 and y 1 = 0 then P 1 + P 2 = O. I now present a number of Maple procedures to do basic elliptic curve computations. All computations will be done modulo a prime p > 3: 121

1. ecnopts : Computes the number of points on y 2 = x 3 + ax + b: 2. ecpoints: Produces a complete or partial list of points on y 2 = x 3 + ax + b: 122

3. mdexpec(ba,e,n,a,b). Here ba = [x 1,y 1 ]. This program finds the value of e ba = e [x 1,y 1 ] modulo n on y 2 = x 3 + ax + b (mod n) using a form of modular exponentiation: 4. ecorder: Finds the order of c = [x 1,y 1 ] in E pr (a,b) where y 2 = x 3 + ax + b and pr >3 is a prime. The number of points in E pr (a,b) must be known to be n: 5. ecsump : Finds the sum of points r and s on y 2 = x 3 + ax + b where r = [x 1,y 1 ] and s = [x 2,y 2 ]: 123

I now describe a basic form of elliptic curve encryption based on the ElGammal cryptosystem [5]. For this, I follow the discussion in [1]. We begin with a plaintext message M encoded as the x-coordinate of the point P M which lies on the curve y 2 = x 3 + ax + b (mod p). We choose a point G on the curve whose order n in E p (a,b) is a large prime number. Both E p (a,b) and G are made public. Each user (Alice and Bob) selects a private key n A and n B and forms the public keys P A = n A G and P B = n B G. If Alice (A) encrypts P M to send to Bob (B), she chooses a random positive integer k < n and sends Bob the ciphertext pair of points: P C = { kg, (P M + kp B )}. Upon receiving the ciphertext message P C, Bob recovers the original plaintext P M via the computation: ( P M + kp B ) [n B (kg)] = ( P M + kn B G) - [n B (kg)] = P M. Note that a cryptanalyst would know G and also kg (which appears in P C ), so if he could find k from this information, he could decode P M + kp B (because he also knows P B ) as follows: (P M + kp B ) kp B = P M. Finding k from G and kg is the elliptic curve discrete logarithm problem: log G (kg) = k which is considered to be a computationaly 124

intractable problem for large values of k and a generator point G with large order n. The encoding and decoding schemes are implemented in Maple as: EXAMPLE 1: A naive approach: We give an example of encryption and decryption using Maple along with the use of some of the supporting procedures written above for a small prime and a short message. We use the prime p = 9883 and. We encode the letters A Z by the shift scheme: E = 1, F = 2, G = 3, C = 0, D = 1. The message which Alice will send to Bob is LIKE which corresponds to plaintext ciphers as 8571. To check that 8571 is the x-coordinate of a point on the elliptic curve we define: > Then modp(f(8571), 9883) gives 5791. Then msqrt(5791, 9883) produces the y- coordinate which is 3277: So our message point PM is [8571, 3277]. To find the order of the group E9883 (765, 871), we run ecnopts(765, 871, 9883) which gives 9827 : To see some of the actual points in E9883 (765, 871) we can use ecpoints. For example if we want to see the first (approximately) 40 points, we run: 125

For a base point G we choose a random x, 0 x 9883. For example, if x = 7 then modp(f(7), 9833) gives 6569 and then msqrt(6569, 9883) yields the y-coordinate which is 2813: Our prospective G is [7, 2813]. Next we find the order of G in the group E9883 (765, 871) by running ecorder([7, 2813], 765, 871, 9827, 9883) which produces 9827 is the order : > If Bob s secret key is nb = 873, then his public key is PB = nbg, so that: PB = 873 [7, 2813]. For this computation we use: mdexpec([7, 2813], 873, 9883, 765, 871) to obtain PB = [7516, 1555] which is Bob s public key: If Alice s random number k (which she selects) if k = 2477, then the encrypted message which Alice sends to Bob can be obtained by: ecencrypt( [8471, 3277], [7516, 1555], [7, 2813], 2477, 765, 871, 9883). This produces the ciphertext pair: PC = [ [4225, 3276], [27, 203] ]: Now Bob may decrypt PC by using ecdecryp(kg, pmkpb, nb, a, b, p) which in our example is: ecdecryp([4225, 3276], [27, 203], 873, 765, 871, 9883). This outputs the plaintext point PM as [8571, 3277]: > So the message is in the x-coordinate, which is 8571 which we map back into LIKE. 126

We now produce a somewhat more sophisticated approach which will handle much larger primes. For this, we will need a number of additional procedures. 127

Example 2: To illustrate the use of these procedures, we will use the NIST (National Institute of Standards and Technology ) standard curve called P-192 along with the suggested base point and parameters for this curve (see [ 4 ]). We now generate random values for na, nb and k as follows: 128

We find Bob's public key: We now illustrate the encrypting/decrypting process: 129

References 1. Chouinard, Jean Yves, Notes on Elliptic Curve Cryptography, 2002, http://www.site.uottawa.ca/~chouinar/handout_csi4138_ecc_2002.pdf 2. J.N. Fadyn, Basic Elliptic Curve Cryptography using the TI-89 and Maple, Proceedings of the ICTCM 2014. 3. Washington, L.C., Elliptic Curves : Number Theory and Cryptography, Second Edition, CRC Press, 2008. 4. Recommended Elliptic Curves for Federal Government Use, July, 1999, http://csrc.nist.gov/groups/st/toolkit/documents/dss/nistrecur.pdf 130

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback