This preview shows pages 1–2. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: Lecture 13: Elliptic Curve Cryptography In general, an elliptic curve can be defined by the equation y 2 +axy+by = x 3 +cx 2 +dx+e. For our purposes, we'll only consider those of the form: y 2 = x 3 + bx + c. Consider the following example: Let a=1, b=1. We define the set of points that satisfy the equation y 2 = x 3 + x + 1, as E(1,1). If we include "the point at infinity" with these points, we have a set of points that define an abelian group, under certain conditions. A couple notes before we define the group. 1) Note that the graph is symmetric about the x-axis. If (x,y) is a solution to the equation above, so is (x, -y). For our particular graph some sample points are (0, 1), (0, -1), (1, 3) and (1, - 3). 2) To ensure that the function in x on the right-hand side has no repeated factors, we must make sure to pick a and b such that 4a 3 27b 2 . If we pick a and b based on the rules in #2, then we define addition amongst these points as follows: If 3 points on an elliptic curve lie on a straight line, their sum is 0, the point at infinity. If we consistently apply this definition above, we can derive the following: 1) 0 = -0, and 0 is the additive identity, thus P + 0 = P. For the rest of these rules, we will assume that P 0 and Q 0....
View Full Document
- Summer '09