Elliptic Curve Cryptography

N. P. Smart, University of Bristol, UK


Group Law

Geometric Definition of the Group Law

Algebraic Formulation of the Group Law

Projective Coordinates

Point Multiplication

Special Curves

The Elliptic Curve Discrete Logarithm Problem

Known Generic Attacks

Known Special Attacks

Domain Parameter Generation



Key Agreement


Defences Against Side Channel Attacks

Simple Power Analysis

Differential Power Analysis



Cross References



Elliptic curves were first introduced into cryptography by Miller (1986) and Koblitz (1987). In recent years they have gained widespread interest because of their shorter key size compared to systems such as RSA, their superior efficiency in certain situations, and the smaller bandwidth that they require. These advantages are becoming more compelling as time progresses because of the increased use of smaller and smaller mobile computing devices with associated bandwidth and computational constraints.

However, probably the main driving force behind interest in elliptic curve based cryptography (ECC) is that as time progresses one needs to increase ECC key sizes more slowly than one needs to increase RSA key sizes. This is because the best known attacks against ECC are exponential in nature, whereas we already know that integer factorization has subexponential solutions.

In this chapter we aim to introduce the basics of elliptic curve cryptography. However, ...

Get Handbook of Information Security: Information Warfare, Social, Legal, and International Issues and Security Foundations, Volume 2 now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.