Home AES cipher ECC Tutorial Papers License About Us

Elliptic Curve Cryptography

The Elliptic Curve Cryptography library that is published be The Hanalei Company is a work from scratch based upon the information from Dr. Michael Rosing's book Implementing Elliptic Curve Cryptography. His book details the basic math for several mathematical basis for implementing Elliptic Curve Cryptography, along with samples in C. It also covered some complex details or strategies that one can deploy with ECC (e.g. - T-matrix, hiding data on the curve itself).

The implementation that is presented for download involves the simplest mathematical modeling and the simplists strategy for forming secrets. The mathematics involves a finite field over F_2^m and the simple algorithms necessary for establishing a shared secret using one private key, another public key, and a base point on the curve. And the elliptic curves published here are considered by experts in the field to be strong candidates, even if a sub exponential time attack against the curves is discovered.

For those of you who are new to ECC, see our tutorial on Elliptic Curve Cryptography.

Check out our publication line up for ECC:

Hash key protocol for ECC, put in the public domain by Greg Ofiesh in 1999
Well known curves for ECC deployment
ECC C++ template files for downloading and use

Present Day Technology

It is becoming clear that ECC is a technology being embraced by the industry as one would expect for an emerging encryption technology. That is, it's acceptance demonstrates an industry wide belief that the technology is sound and may one day replace RSA altogether.

ECC provides some clear benefits for those wishing to deploy an asymmetric cipher that requires less ROM and less RAM than alternate ciphers. It also provides some advantages over its only real competitor, RSA, in the area of verification of key selection and algorithms.

All values in the ECC private key space are legal keys. Therefore, the selection of a private key should be random. Any checks against the selection would be for weak keys only, if some were demonstrated against a curve.

On the other hand, RSA private key selection involves finding a valid prime value. This selection must then be verified to see if it is even a legal value. The result is one of a hunt and pick selection method. Not very effecient for a state of the art cipher.

The entire ECC process of key generation (both private and public) are well known and exposed to the public. It has been said that this is not true for RSA.