Elliptic Curve Diffie-Hellman

Elliptic Curve Diffie-Hellman

Elliptic Curve Diffie-Hellman (ECDH) is a key agreement protocol that allows two parties to estabilish a shared secret key over an insecure channel [NIST, [http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf Special Publication 800-56A, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography] , March, 2006.] [Certicom Research, [http://www.secg.org/download/aid-385/sec1_final.pdf Standards for efficient cryptography, SEC 1: Elliptic Curve Cryptography] , Version 1.0, September 20, 2000.] . This key can then be used to encrypt subsequent communications using a symmetric key cipher. It is a variant of the Diffie-Hellman protocol using elliptic curve cryptography.

Key establishment protocol

Suppose Alice wants to establish a shared key with Bob, but the only channel available for them may be eavesdropped by a third party. Initially, the domain parameters (that is (p,a,b,G,n,h) in the prime case or (m,f(x),a,b,G,n,h) in the binary case) must be agreed upon. Also, each party must have a key pair suitable for elliptic curve cryptography, consisting of a private key d (a randomly selected integer in the interval [1, n-1] ) and a public key Q (where Q = d G). Let Alice's key pair be (d_A, Q_A) and Bob's key pair be (d_B, Q_B). Each party must have the other party's public key.

Alice computes (x_k, y_k) = d_A Q_B. Bob computes k = d_B Q_A. The shared key is x_k (the "x" coordinate of the point).

The number calculated by both parties is equal, because d_A Q_B = d_A d_B G = d_B d_A G = d_B Q_A.

The protocol is secure because nothing is disclosed (except for the public keys, which are not secret), and no party can derive the private key of the other unless it can solve the Elliptic Curve Discrete Logarithm Problem.

The public keys are either static (and trusted, say via a certificate) or ephemeral. Ephemeral keys are not necessarily authenticated, so if authentication is wanted, it has to be obtained by other means. Static public keys provide neither forward secrecy nor key-compromise impersonation resilience, among other advanced security properties. Holders of static private keys should validate the other public key, and should apply a secure key derivation function to the raw Diffie-Hellman shared secret to avoid leaking information about the static private key. For schemes with more advanced security properties see ECMQV.

References


Wikimedia Foundation. 2010.

Игры ⚽ Нужно решить контрольную?

Look at other dictionaries:

  • Elliptic Curve Diffie-Hellman — oder abgekürzt ECDH ist eine Implementation des Diffie Hellman Schlüsselaustauschs mittels elliptischer Kurven. Kategorie: Kryptologisches Verfahren …   Deutsch Wikipedia

  • Elliptic curve cryptography — (ECC) is an approach to public key cryptography based on the algebraic structure of elliptic curves over finite fields. The use of elliptic curves in cryptography was suggested independently by Neal Koblitz[1] and Victor S. Miller[2] in 1985.… …   Wikipedia

  • Diffie–Hellman key exchange — (D–H)[nb 1] is a specific method of exchanging keys. It is one of the earliest practical examples of key exchange implemented within the field of cryptography. The Diffie–Hellman key exchange method allows two parties that have no prior knowledge …   Wikipedia

  • Diffie-Hellman key exchange — (D H) is a cryptographic protocol that allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt subsequent communications… …   Wikipedia

  • Elliptic Curve Cryptography — Elliptische Kurve über Unter Elliptic Curve Cryptography (ECC) oder deutsch Elliptische Kurven Kryptographie versteht man asymmetrische Kryptosysteme, die Operationen auf elliptischen Kurven über endlichen Körpern v …   Deutsch Wikipedia

  • Diffie-Hellman-Schlüsselaustausch — Der Diffie Hellman Schlüsselaustausch oder Diffie Hellman Merkle Schlüsselaustausch ist ein Protokoll aus dem Bereich der Kryptografie. Mit ihm erzeugen zwei Kommunikationspartner einen geheimen Schlüssel, den nur diese beiden kennen. Dieser… …   Deutsch Wikipedia

  • Elliptic Curve DSA — Der Elliptic Curve Digital Signature Algorithmus (ECDSA) (deutsch: digitaler Signatur Algorithmus mit elliptischen Kurven) ist eine Variante des Digital Signature Algorithm (DSA), der Elliptische Kurven Kryptographie verwendet. Inhaltsverzeichnis …   Deutsch Wikipedia

  • Diffie-Hellman problem — The Diffie Hellman problem (DHP) is the name of a specific problem in cryptography which was first proposed by Whitfield Diffie and Martin Hellman. The DHP is a problem that is assumed to be difficult to do, hence the security of many… …   Wikipedia

  • Diffie–Hellman problem — Cryptography portal The Diffie–Hellman problem (DHP) is a mathematical problem first proposed by Whitfield Diffie and Martin Hellman in the context of cryptography. The motivation for this problem is that many security systems use mathematical… …   Wikipedia

  • Hellman — is the surname of: * Danny Hellman (born 1964), American illustrator and cartoonist nicknamed Dirty Danny * Frances Hellman, physicist at University of California, Berkeley * Jakob Hellman (born 1965), Swedish pop singer * Lillian Hellman… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”