Cryptographically Secure Elliptic Curves
Learn about elliptic curve-based cryptosystems and elliptic curve domain parameters.
We'll cover the following
Overview
In order to communicate by using an EC cryptosystem, any two parties have to agree on elliptic curve domain parameters to identify a certain EC group E. The security of elliptic curve-based cryptosystems depends on the choice of the curve parameters, which should be chosen such that the ECDLP is resistant to all known cryptographic attacks we discussed in the previous lesson. Simultaneously, the curve parameters should allow efficient computation since the selection of the parameters influences the performance of the cryptosystem. Hence, the security and performance of ECC can only be assured by using appropriate curve parameters, thus their choice is crucial.
Furthermore, the curve parameters should be generated in a way that’s trusted by the cryptographic community.
There are mainly two kinds of curves in use:
- Pseudo-random curves whose coefficients and were “generated from the output of a seeded cryptographic hash.” These curves are referred to as being “verifiably random,” which means that their parameters were computed verifiably at random by using a special algorithm and thus allow verification that the coefficients and were indeed generated through that method if the seed value and the algorithm are known.
- Special curves whose coefficients and underlying field have been selected to optimize the efficiency of the elliptic curve operations.
These curves can be defined either over the prime field or the binary field for . In the following sections, we give an introduction to the requirement of the domain parameters in order to form robust cryptographic curves (
Get hands-on with 1400+ tech skills courses.