NoteVerse

Elliptic-Curve Based Cryptography and Public-Key Encryption

Comprehensive study notes, diagrams, and exam preparation for Elliptic-Curve Based Cryptography and Public-Key Encryption.

Elliptic-Curve Based Cryptography and Public-Key Encryption

Definition

Elliptic-Curve Based Cryptography is a family of cryptographic techniques that rely on the difficulty of the Elliptic Curve Discrete Logarithm Problem (ECDLP). In public-key encryption, an elliptic curve is used to generate a public key and a private key pair, where the public key can be shared openly and the private key remains secret. Security is achieved because, while it is easy to compute a point multiplication on the curve, it is computationally infeasible to reverse the process and derive the private key from the public key.

An elliptic curve used in cryptography is typically represented by an equation such as:

y² = x³ + ax + b

where the curve is defined over a finite field and satisfies conditions that make it suitable for secure cryptographic operations.

Main Content

1. Elliptic Curve Mathematics

  • An elliptic curve in cryptography is not a geometric ellipse; it is a specific algebraic structure defined by an equation such as y² = x³ + ax + b over a finite field. The set of points on this curve, along with a special point called the point at infinity, form a group under a defined addition operation.
  • The fundamental operation in ECC is scalar multiplication, which means repeatedly adding a point to itself. If P is a point on the curve and k is an integer, then kP = P + P + ... + P (k times). This operation is easy to compute, but given P and kP, finding k is extremely hard.
  • The security of ECC relies on the Elliptic Curve Discrete Logarithm Problem: if a public point Q = kP is known, it is computationally infeasible to determine k. This one-way property is the basis of ECC security.

Example:
If a user selects a private key k = 17 and a base point P on the curve, the public key is Q = 17P. Anyone can calculate Q from P and k, but no practical method exists to recover k from Q and P if the curve is properly chosen.

Visual understanding of point multiplication:

P + P = 2P
2P + P = 3P
3P + P = 4P
...
kP = public point

2. Public-Key Encryption with ECC

  • In public-key encryption, ECC is used to let one party encrypt a message using the recipient’s public key, while only the recipient’s private key can decrypt it. One of the most common approaches is the Elliptic Curve Integrated Encryption Scheme (ECIES).
  • ECIES typically uses ECC for key agreement and symmetric cryptography for actual message encryption. This is because symmetric algorithms are faster for handling large data, while ECC is used to securely establish the shared secret.
  • The sender generates an ephemeral random key, computes a shared secret using the recipient’s public key, derives a symmetric key from that secret, and encrypts the data. The recipient performs a similar curve-based computation using their private key to recover the same symmetric key and decrypt the message.

Example:
Suppose Alice wants to send a confidential file to Bob. Bob shares his ECC public key with Alice. Alice uses Bob’s public key and a temporary secret to derive a shared key, encrypts the file with AES, and sends the result. Bob uses his private key to derive the same shared key and decrypts the file.

Simple flow of ECC public-key encryption:

Sender -> Recipient public key -> Shared secret -> Symmetric key -> Encrypted message
Recipient private key -> Shared secret -> Same symmetric key -> Decryption

3. Security, Key Sizes, and Cryptographic Use

  • ECC offers high security with much smaller keys than many traditional public-key systems. For example, a 256-bit ECC key can provide security comparable to a 3072-bit RSA key. This makes ECC highly efficient in terms of storage, transmission, and computational cost.
  • Smaller keys mean faster computations, reduced bandwidth usage, and lower power consumption. This is especially useful for smartphones, smart cards, IoT devices, and other constrained environments.
  • ECC is used in a range of cryptographic applications beyond encryption, including digital signatures (like ECDSA), authenticated key exchange (like ECDH), secure websites, blockchain systems, and digital certificates.

Example:
A modern secure website may use ECC-based certificates and key exchange to establish an HTTPS connection quickly and securely, reducing handshake overhead compared with larger-key alternatives.

Comparison idea:

Security Level RSA Key Size ECC Key Size
Similar strength 3072 bits 256 bits
Higher strength 7680 bits 384 bits

Working / Process

1. Curve and key setup

  • A suitable elliptic curve and finite field are selected based on security standards.
  • A base point G with large prime order is defined.
  • The user chooses a secret private key d, which is a random integer.
  • The public key is computed as Q = dG.

2. Encryption or key agreement

  • The sender obtains the recipient’s public key Q.
  • For public-key encryption, the sender usually creates an ephemeral random value and computes a shared secret using ECC rules.
  • A symmetric encryption key is derived from the shared secret using a key derivation function.
  • The message is encrypted with a fast symmetric algorithm such as AES.

3. Decryption and verification

  • The recipient uses their private key d and the sender’s transmitted curve data to compute the same shared secret.
  • The same symmetric key is derived.
  • The ciphertext is decrypted, and integrity checks confirm that the message has not been altered.

Typical ECC-based encryption flow:

Plaintext
   |
   v
Shared secret derived from ECC
   |
   v
Symmetric key generation
   |
   v
Encrypt with AES / similar cipher
   |
   v
Ciphertext sent over network

Advantages / Applications

  • ECC provides strong security with smaller key sizes, making it more efficient than many older public-key methods.
  • It reduces memory usage, computational workload, and transmission overhead, which is ideal for low-power and resource-constrained devices.
  • It is widely used in secure communications, including HTTPS/TLS, secure email, virtual private networks, mobile authentication, blockchain wallets, digital signatures, and IoT security systems.

Summary

  • ECC is a public-key cryptographic method based on elliptic curve mathematics and the hardness of reversing point multiplication.
  • It enables secure encryption and key exchange with much smaller keys than many traditional systems.
  • It is efficient, practical, and widely used in modern secure communication technologies.
  • Important terms to remember: elliptic curve, finite field, public key, private key, scalar multiplication, ECDLP, ECIES, ECDH, ECDSA
← Prev: DiffieHellman Problem
Next: CCA -secure Public-key Hybrid Ciphers Based on Diffie-Hellman Problems and RSAassumption →