What is elliptic curve cryptography, and how does it work? The technology keeps your iMessages encrypted, powers Bitcoin and Ethereum, and just about every major website you visit.
Elliptic curve cryptography (ECC) is a type of public-key cryptographic system. This class of systems relies on challenging "one-way" math problems – easy to compute one way and intractable to solve the "other" way. Sometimes these are called "trapdoor" functions – easy to fall into, complicated to escape.
For example, the RSA system uses a class of "one-way" problems that deal with factorization. Every number has a unique prime number factorization. For example, 8 can be expressed as 23, and 30 is 2*3*5. If I asked you to solve (with a calculator) 13*19, you could quickly tell me that it's 247. However, if I asked you to go the other way and solve the prime factorization of 247, it would be more challenging (even with a computer).
ECC doesn't rely on factorization but instead solves equations (elliptic curves) of the form
y2 = x3 + ax + b
You can see a graph of this equation below. ECC relies on the fact that a third point can be determined, given two points on the line. Here is the graphed equation with points P, Q, and R.
Elliptic curves have some unique properties. The most important one is that a kind of operation can be defined on the curve – an operation that mathematically satisfies a set of criteria called a group. We'll use the + "operator," and you can think of it as a type of addition.
For a line that intersects three points, P + Q +R = 0, which means that P + Q = -R. Point 0 is defined as a "point at infinity" – an easy way to think about this point is to think about parallel railroad tracks that appear to intersect at the horizon.
We define inverses as the point flipped over the horizontal line of symmetry. Commutativity can easily be proven, i.e., P + Q = Q + P. Associativity is not as obvious but also holds, i.e., P + (Q + R) = (P + Q) + R. The identity element (an element that can be applied to any other element and leaves that element unchanged, e.g., "0" in addition) is the point at infinity.
You might be curious about what happens at the edge cases of the group law on elliptic curves. Points that are tangents and the leftmost tangent point on the curve. Here are some other interesting identities you can derive.
Instead of factorization as the complicated "one-way" problem, ECC applies the equation P+P (the tangent line at P) multiple (n) times. The easy-to-verify side of the equation is the starting point P and the ending point E (usually chosen to be 0). The difficult-to-compute part is determining how many times (n) P was added to itself.
There's more to it, but intuitively that's the trapdoor function and how it works. But why elliptic curves over factorization? It turns out that for the same size numbers, it's much harder for one to compute the "difficult-to-compute" side of the function for elliptic curves.
The difference is stark. Here's a chart that makes the security levels more intuitive by comparing the energy needed to compute the "difficult-to-compute" side of the trapdoor function for elliptic curves ("cryptographic hash") and factorization ("RSA modulus") based on the length of the key ("bit-lengths").
For a 242-bit RSA key, you could break the encryption with just enough energy to boil a teaspoon of water. For a 228-bit ECC-based key, you'd need enough energy to boil all the water on earth to break the encryption.
Certainly! Elliptic Curve Cryptography (ECC) is a fundamental pillar of modern cryptography, revolutionizing secure communications and digital transactions. As someone deeply entrenched in this field, let's delve into the core concepts interwoven within the article you've mentioned.
-
Public-Key Cryptography: ECC is a type of public-key cryptographic system, distinct from symmetric-key systems where the same key is used for both encryption and decryption. Here, a pair of keys, public and private, are generated, with the public key used for encryption and the private key for decryption.
-
Trapdoor Functions: These are mathematical problems that are easy to compute in one direction but computationally infeasible to reverse. ECC relies on elliptic curve equations as a trapdoor function, unlike RSA, which uses factorization as its trapdoor function.
-
Elliptic Curve Equation: ECC leverages equations in the form of (y^2 = x^3 + ax + b), representing elliptic curves. These curves possess unique properties allowing for mathematical operations, akin to a group, with an operation akin to addition denoted by (+).
-
Group Criteria: ECC operations on elliptic curves satisfy group criteria, such as commutativity, associativity, identity element (point at infinity), and inverses.
-
Trapdoor Function in ECC: Instead of relying on factorization, ECC employs repeated addition of a point (P) on the curve multiple times (n) to solve the equation (nP = E), where (E) is usually a point at infinity.
-
Security Comparison: ECC's strength lies in its resistance to attacks compared to RSA for the same key size. The difficulty in computing the "difficult-to-compute" side of the trapdoor function is significantly higher in ECC than in RSA. This is represented by the energy required to break encryption for respective key lengths: ECC demands exponentially more energy compared to RSA.
This comparison, often illustrated through energy requirements, highlights the robustness of ECC over RSA, making it an attractive choice for securing communications and cryptocurrencies like Bitcoin and Ethereum due to its significantly higher computational complexity.
In summary, ECC's foundation lies in exploiting the complexity of elliptic curve equations to create cryptographic schemes that provide strong security guarantees, making it a cornerstone in safeguarding digital communications and transactions.
