Lecture 13: Elliptic Curve Cryptography
In general, an elliptic curve can be defined by the equation y
2
+axy+by = x
3
+cx
2
+dx+e.
For our purposes, we'll only consider those of the form:
y
2
= x
3
+ bx + c.
Consider the following example: Let a=1, b=1. We define the set of points that satisfy the
equation y
2
= x
3
+ x + 1, as E(1,1). If we include "the point at infinity" with these points,
we have a set of points that define an abelian group, under certain conditions.
A couple notes before we define the group.
1) Note that the graph is symmetric about the xaxis. If (x,y) is a solution to the equation
above, so is (x, y). For our particular graph some sample points are (0, 1), (0, 1), (1,
√
3)
and (1, 
√
3).
2) To ensure that the function in x on the righthand side has no repeated factors, we must
make sure to pick a and b such that 4a
3
≠
27b
2
.
If we pick a and b based on the rules in #2, then we define addition amongst these points
as follows:
If 3 points on an elliptic curve lie on a straight line, their sum is 0, the point at infinity.
If we consistently apply this definition above, we can derive the following:
1) 0 = 0, and 0 is the additive identity, thus P + 0 = P.
For the rest of these rules, we will assume that P
≠
0 and Q
≠
0.
This preview has intentionally blurred sections. Sign up to view the full version.
View Full Document
This is the end of the preview.
Sign up
to
access the rest of the document.
 Summer '09
 Cryptography, Elliptic Curve, Elliptic curve cryptography

Click to edit the document details