Cryptography Reference
In-Depth Information
domain_parameters T;
key_pair A;
key_pair B;
point Z1, Z2;
T.p = 23;
T.a = 1;
T.b = 1;
T.G.x = 5;
T.G.y = 19;
7. Obviously, you want most of these numbers to be much larger — although
the value 1 for
a
and
b
is fairly typical in real ECC. A and B each have
private keys — random numbers which are again hardcoded here:
A.private_key = 4;
B.private_key = 2;
The public keys are not random. They're
private_key * G
:
A.public_key.x = T.G.x;
A.public_key.y = T.G.y;
multiply_point( &A.public_key, A.private_key, T.a, T.p );
B.public_key.x = T.G.x;
B.public_key.y = T.G.y;
multiply_point( &B.public_key, B.private_key, T.a, T.p );
This is important for key agreement. At this point, A's public key is the
point (13, 16) and B's public key is the point (17, 3). Of course, they would
compute these individually, after having agreed on the domain parameters.
8. Finally, there's the matter of key agreement. A sends B his public key
(13, 16) and B sends A his public key (17, 3), and each computes the fi nal
point
Z
:
Z1.x = A.public_key.x;
Z1.y = A.public_key.y;
multiply_point( &Z1, B.private_key, T.a, T.p );
Z2.x = B.public_key.x;
Z2.y = B.public_key.y;
multiply_point( &Z2, A.private_key, T.a, T.p );
A and B have both computed ZZ
(5,
4). In this case, by convention, ZZ.x
5 is the shared secret — although of course, they could have used ZZ.y
4,
as long as both sides agreed on this convention beforehand.
Why Elliptic-Curve Cryptography?
As you can see, ECC is quite a bit more complex than “modulus” cryptography
such as RSA or classic Diffi e-Hellman. So, why bother with it? Speed. ECC can
provide the same security with an 80-bit private key as RSA can provide with a
Search WWH ::
Custom Search