Elliptic Curve Cryptography (ECC) was discovered in 1985 by Victor Miller (IBM) and Neil Koblitz (University of Washington) as an alternative mechanism for implementing public-key cryptography. Public-key algorithms create a mechanism for sharing keys among large numbers of participants or entities in a complex information system. Unlike other popular algorithms such as RSA, ECC is based on discrete logarithms that is much more difficult to challenge at equivalent key lengths.
At the time of its discovery, the ECC algorithm was described and placed in the public domain. What others found was that while it offered greater potential security it was slow. Certicom focused its efforts on creating better implementations of the algorithm to improve its performance. After many years of research, Certicom introduced the first commercial toolkit to support ECC and make it practical for use in a variety of applications.
Other cryptographers have also become interested in ECC. Today Certicom sponsors theCentre for Advanced Cryptographic Research (CACR)at the University of Waterloo, Ontario along with the Canadian government, Mondex, MasterCard International, and Pitney Bowes. Each year the Centre sponsors an ECC workshop attended by over 100 top cryptographers to discuss advances in the field of elliptic curve cryptography.
Other important industry activity is bringing additional credibility to the technology. TheCerticom ECC Challengeoffers an opportunity for people around the world to create new methods of attacking the algorithm and exposing any weaknesses. The longer an algorithm stands up to attack the more confidence developers have in its ultimate security. The ECC Challenge started in November 1997 and still runs today. Certicom hosts an annual Certicom ECC Conference, which brings together thought leaders, researchers and industry executives to talk about ECC and its applications.
Also important is the formation of theStandards for Efficient Cryptography Group. The SECG is a consortium of leading providers of cryptography and information security solutions who have united to address the lack of interoperability between today's different cryptographic solutions.
On February 16, 2005 the National Security Agency (NSA) presented its strategy and recommendations for securing U.S. Government sensitive and unclassified communications. The strategy included a recommended set of advanced cryptography algorithms known as Suite B.
The protocols included in Suite B are Elliptic Curve Diffie-Hellman (ECDH) and Elliptic Curve Menezes-Qu-Vanstone (ECMQV) for key transport and agreement; the Elliptic Curve Digital Signature Algorithm (ECDSA) for digital signatures; the Advanced Encryption Standard (AES) for symmetric encryption; and the Secure Hashing Algorithm (SHA).
In order to properly meet the Suite B standards, vendors must have a firm grasp onECC-based algorithmsor work with a security partner who does. They must also decide on the best way to implement these algorithms into their existing solutions, as well as plan for those in the future.
Suite B is not just for government use, however. As with other technologies in the past, the U.S. Goverment has led the way in what it considers adequate for secure communications. Many corporations have sensitive intellectual property online and/or electronically process sensitive information. Suite B algorithms are also appropriate in these types of situations.
Generally speaking, Certicom believes, what appealed to the NSA about ECC was its strong security, efficiency and scalability over conventional public-key cryptography algorithms. These benefits of ECC were very important to the NSA as it chooses its security for use over several decades in its crypto hardware. Likewise we feel that Suite B requirements will be significant for some time to come.
FAQs
It is normally 256 bits in length (a 256-bit ECC key is equivalent to a 3072-bit RSA key), making it securer and able to offer stronger anti-attack capabilities. Moreover, the computation of ECC is faster than RSA, and thus it offers higher efficiency and consumes fewer server resources.
What are the weakness of elliptic curve cryptography? ›
Disadvantages of ECC: -Complicated and tricky to implement securely, particularly the standard curves. Standards aren't state-of-the-art, particularly ECDSA which is kind of a hack compared to Schnorr signatures. Signing with a broken random number generator compromises the key.
Can elliptic curve cryptography be hacked? ›
Quantum computing might crack ECC in the future, but it's impossible to break elliptic curve cryptography with current computational power. So most experts consider elliptic curve encryption secure and superior to other public key encryption, such as RSA.
What is an advantage of elliptic curve cryptography (ECC)? ›
Using ECC, you can achieve the same security level using smaller keys. In a world where mobile devices must do more and more cryptography with less computational power, ECC offers high security with faster, shorter keys compared to RSA.
Why is ECC not widely used? ›
ECC uses a finite field, so even though elliptical curves themselves are relatively new, most of the math involved in taking a discrete logarithm over the field is much older. In fact, most of the algorithms used are relatively minor variants of factoring algorithms.
Does ECC really matter? ›
Using ECC decreases your computer's performance by about 2 percent. Current technology DRAM is very stable, and memory errors are rare, so unless you have a need for ECC, you are better served with non-parity (non-ECC) memory.
Can elliptic curve cryptography be trusted? ›
ECC is considered more secure than RSA, because RSA is based on factoring large numbers, a problem that computers have solved. In contrast, elliptic curve cryptography is based on the discrete logarithm problem, which is much harder to solve.
What advantage might elliptic curve cryptography ECC have over RSA? ›
The biggest difference between ECC and RSA/DSA is the greater cryptographic strength that ECC offers for equivalent key size. An ECC key is more secure than an RSA or DSA key of the same size.
What are the vulnerabilities of ECC? ›
Security of ECC
However, despite being regarded as secure, ECC vulnerabilities exist. For example, a side-channel attack like simple power attacks, fault analysis, and differential power attacks, may cause leaks. Another type of attack is twist-security attacks. These are used to leak the private key.
How many qubits to break ECC? ›
Breaking an RSA key requires a quantum computer with roughly 2n qubits, whereas breaking an ECC key requires a quantum computer with roughly 6n qubits.
However, ECC is even more vulnerable to quantum computers than RSA, requiring even less qubits for the calculation.
Does Bitcoin use elliptic curve? ›
Elliptic Curve Digital Signature Algorithm or ECDSA is a cryptographic algorithm used by Bitcoin to ensure the effective and secure control of ownership of funds. A few concepts related to ECDSA: private key: A secret number, known only to the person that generated it.
Is ECC quantum safe? ›
ECC has some unique properties that make it more resistant to quantum computing attacks than traditional encryption methods. One of the main benefits of ECC is the use of smaller key sizes, which makes it more difficult for quantum computers to factor the large composite numbers used in RSA encryption.
How to decrypt ECC? ›
To decrypt the encrypted message, we use the data produced during the encryption { ciphertext , nonce , authTag , ciphertextPubKey }, along with the decryption privateKey . The result is the decrypted plaintext message.
What is the security strength of elliptic curve? ›
Elliptic Curve Cryptography (ECC) were introduced as an alternative to RSA in public key cryptography. One advantage of ECC over RSA is key size versus strength. For example, a security strength of 80 bits can be achieved through an ECC key size of 160 bits, whereas RSA requires a key size of 1024.
Is ECC or non-ECC better? ›
At the cost of a little money and performance, ECC RAM is many times more reliable than non-ECC RAM. And when high-value data is involved, that increase in reliability is almost always going to be worth the small monetary and performance costs. In fact, anytime it is possible to do so, we would recommend using ECC RAM.
Is ECC better than AES? ›
Fortunately, ECC scales linearly with AES and maintains relatively compact key sizes at all security levels. ECC keys by comparison are only 512 bits for 256-bit AES and therefore do not hinder performance.
Is ECC more expensive? ›
Advantages and Disadvantages of ECC Memory
In the data center, ECC is more reliable than non-ECC memory. However, ECC memory does not only bring advantages, and there are also some disadvantages. Compared to non-ECC memory, ECC memory is more expensive because of the extra memory chips and their complexity.
What is better than RSA algorithm? ›
What is ECDSA? The algorithm, called ECDSA (Elliptic Curve Digital Signature Algorithm), was first proposed by Scott Vanstone in 1992. Signatures based on the algorithm of ECS, the ancestor of ECDSA, have several important advantages over RSA-algorithms: they are smaller in size and are created much faster.
