Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II...
Transcript of Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II...
![Page 1: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/1.jpg)
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Fun with Certificates part IIa Deep Dive into Elliptic Curve Cryptography for all ages
Brian Epstein(he/him/his)
Institute for Advanced Study
Computer Manager, Network and Security
Information Security Officer
[email protected] - @epepepep
![Page 2: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/2.jpg)
https://security.ias.edu 3
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Topics● Explain why ECC came about● ECC deep dive● Safe Curves and Trust● Certs● Demo
![Page 3: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/3.jpg)
https://security.ias.edu 4
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
So I was browsing the Interwebs...
![Page 4: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/4.jpg)
5
![Page 5: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/5.jpg)
6
![Page 6: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/6.jpg)
https://security.ias.edu 7
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
26%
1%
64%
7%1%
no SSL
RSA 1024 bit
RSA 2048 bit
RSA 4096 bit
ECC 256 bit
.edu's taken from Majestic's top 1 million websites (3096 total)
2017 TLS Certificate Breakdown for Edu's
![Page 7: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/7.jpg)
https://security.ias.edu 8
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
13%
0%
78%
6%
3%
0%
no SSL
RSA 1024 bit
RSA 2048 bit
RSA 4096 bit
ECC 256 bit
ECC 384 bit
.edu's taken from Majestic's top 1 million websites (4008 total)
2018 TLS Certificate Breakdown for Edu's
![Page 8: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/8.jpg)
https://security.ias.edu 9
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Why create ECC, we have RSA?
● If RSA breaks, what then?● Faster computers force increased key size● Speed is faster with ECC (for most things)
![Page 9: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/9.jpg)
https://security.ias.edu 10
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Key Length Comparison
![Page 10: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/10.jpg)
https://security.ias.edu 11
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Elliptic Curve Cryptography
Neal Koblitz
Victor Miller
1985
![Page 11: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/11.jpg)
https://security.ias.edu 12
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Elliptic Curve Cryptography (ECC)
● Explain the end goal for ECC● Review a little math● Show how to get to our end goal
So, let's begin at the end...
![Page 12: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/12.jpg)
https://security.ias.edu 13
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Secret Exchange
Where can wetalk privately??I have an
idea . . .
![Page 13: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/13.jpg)
https://security.ias.edu 14
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 14: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/14.jpg)
https://security.ias.edu 15
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
dingo (2,38)
gazelle (21,31)
stallion (17,15)
donkey (30,35)
iguana (19,18)
jackal (15,40)
orangutan (33,14)
goat (38,15)
mongoose (32,29)
rat (28,19)
deer (27,26)
cow (10,38)
![Page 15: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/15.jpg)
https://security.ias.edu 16
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
dingo(2,38)
gazelle
(21,31)
stallio
n
(17,15)
donke
y
(30,
35)
chipmunk(2,3)
mule(21,10)alligator(17,26)
jack
al(1
5,4
0)
igua
na(1
9,18
)
ferret
(19,2
3)
boar
(30,6)
ora
ng
uta
n(3
3,1
4)
goat
(38,1
5)
mong
oose
(32,2
9)
rat
(28
,19)
deer
(27,2
6)
cow
(10
,38)
hip
po
(29
,3)
meeka
t(6
,34
)
musk
rat
(34,3
5)
cou
gar
(37
,5)
wom
bat
(22
,16)
newt(35,11)
gibbon
(25,33)
opossum
(18,35)
panda
(26,28)
llama(5,0)
sloth (35,30) pa
rake
et(2
5,8)
reindee
r(3
7,3
6)
dormouse
(22,25)
hed
geh
og
(26,1
3)
chim
panz
ee
(18,
6)
cat
(34,6
)
an
teate
r(6
,7)
oce
lot
(29,3
8)
beaver
(10,3
)
pon
y(2
7,1
5)
porcu
pin
e(2
8,2
2)
squ
irrel
(32,1
2)
koala
(38
,26)
an
telo
pe
(33,2
7)
chicke
n(1
5,1
)
![Page 16: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/16.jpg)
https://security.ias.edu 17
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
dingo(2,38)
gazelle
(21,31)
stallio
n
(17,15)
donke
y
(30,
35)
chipmunk(2,3)
mule(21,10)alligator(17,26)
jack
al(1
5,4
0)
igua
na(1
9,18
)
ferret
(19,2
3)
boar
(30,6)
ora
ng
uta
n(3
3,1
4)
goat
(38,1
5)
mong
oose
(32,2
9)
rat
(28
,19)
deer
(27,2
6)
cow
(10
,38)
hip
po
(29
,3)
meeka
t(6
,34
)
musk
rat
(34,3
5)
cou
gar
(37
,5)
wom
bat
(22
,16)
newt(35,11)
gibbon
(25,33)
opossum
(18,35)
panda
(26,28)
llama(5,0)
sloth (35,30) pa
rake
et(2
5,8)
reindee
r(3
7,3
6)
dormouse
(22,25)
hed
geh
og
(26,1
3)
chim
panz
ee
(18,
6)
cat
(34,6
)
an
teate
r(6
,7)
oce
lot
(29
,38)
beaver
(10,3
)
pon
y(2
7,1
5)
porcu
pin
e(2
8,2
2)
squ
irrel
(32,1
2)
koala
(38
,26)
an
telo
pe
(33,2
7)
chicke
n(1
5,1
)
G = dingo (2,38)
d = ?
Q = wombat (22,16)
r = ?
R = panda (26,28)
![Page 17: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/17.jpg)
https://security.ias.edu 18
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
dingo(2,38)
gazelle
(21,31)
stallio
n
(17,15)
donke
y
(30,
35)
chipmunk(2,3)
mule(21,10)alligator(17,26)
jack
al(1
5,4
0)
igua
na(1
9,18
)
ferret
(19,2
3)
boar
(30,6)
ora
ng
uta
n(3
3,1
4)
goat
(38,1
5)
mong
oose
(32,2
9)
rat
(28
,19)
deer
(27,2
6)
cow
(10
,38)
hip
po
(29
,3)
meeka
t(6
,34
)
musk
rat
(34,3
5)
cou
gar
(37
,5)
wom
bat
(22
,16)
newt(35,11)
gibbon
(25,33)
opossum
(18,35)
panda
(26,28)
llama(5,0)
sloth (35,30) pa
rake
et(2
5,8)
reindee
r(3
7,3
6)
dormouse
(22,25)
hed
geh
og
(26,1
3)
chim
panz
ee
(18,
6)
cat
(34,6
)
an
teate
r(6
,7)
oce
lot
(29
,38)
beaver
(10,3
)
pon
y(2
7,1
5)
porcu
pin
e(2
8,2
2)
squ
irrel
(32,1
2)
koala
(38
,26)
an
telo
pe
(33,2
7)
chicke
n(1
5,1
)
G = dingo (2,38)
d = ?
Q = wombat (22,16)
r = ?
R = panda (26,28)
![Page 18: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/18.jpg)
https://security.ias.edu 19
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
dingo(2,38)
gazelle
(21,31)
stallio
n
(17,15)
donke
y
(30,
35)
chipmunk(2,3)
mule(21,10)alligator(17,26)
jack
al(1
5,4
0)
igua
na(1
9,18
)
ferret
(19,2
3)
boar
(30,6)
ora
ng
uta
n(3
3,1
4)
goat
(38,1
5)
mong
oose
(32,2
9)
rat
(28
,19)
deer
(27,2
6)
cow
(10
,38)
hip
po
(29
,3)
meeka
t(6
,34
)
musk
rat
(34,3
5)
cou
gar
(37
,5)
wom
bat
(22
,16)
newt(35,11)
gibbon
(25,33)
opossum
(18,35)
panda
(26,28)
llama(5,0)
sloth (35,30) pa
rake
et(2
5,8)
reindee
r(3
7,3
6)
dormouse
(22,25)
hed
geh
og
(26,1
3)
chim
panz
ee
(18,
6)
cat
(34,6
)
an
teate
r(6
,7)
oce
lot
(29
,38)
beaver
(10,3
)
pon
y(2
7,1
5)
porcu
pin
e(2
8,2
2)
squ
irrel
(32,1
2)
koala
(38
,26)
an
telo
pe
(33,2
7)
chicke
n(1
5,1
)
G = dingo (2,38)
d = ?
Q = wombat (22,16)
r = ?
R = panda (26,28)
![Page 19: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/19.jpg)
https://security.ias.edu 20
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
dingo(2,38)
gazelle
(21,31)
stallio
n
(17,15)
donke
y
(30,
35)
chipmunk(2,3)
mule(21,10)alligator(17,26)
jack
al(1
5,4
0)
igua
na(1
9,18
)
ferret
(19,2
3)
boar
(30,6)
ora
ng
uta
n(3
3,1
4)
goat
(38,1
5)
mong
oose
(32,2
9)
rat
(28
,19)
deer
(27,2
6)
cow
(10
,38)
hip
po
(29
,3)
meeka
t(6
,34
)
musk
rat
(34,3
5)
cou
gar
(37
,5)
wom
bat
(22
,16)
newt(35,11)
gibbon
(25,33)
opossum
(18,35)
panda
(26,28)
llama(5,0)
sloth (35,30) pa
rake
et(2
5,8)
reindee
r(3
7,3
6)
dormouse
(22,25)
hed
geh
og
(26,1
3)
chim
panz
ee
(18,
6)
cat
(34,6
)
an
teate
r(6
,7)
oce
lot
(29
,38)
beaver
(10,3
)
pon
y(2
7,1
5)
porcu
pin
e(2
8,2
2)
squ
irrel
(32,1
2)
koala
(38
,26)
an
telo
pe
(33,2
7)
chicke
n(1
5,1
)
G = dingo (2,38)
d = ?
Q = wombat (22,16)
r = ?
R = panda (26,28)
S = mule (21,10)
![Page 20: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/20.jpg)
https://security.ias.edu 22
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
G = dingo (2,38)
d = ?
Q = wombat (22,16)
r = ?
R = panda (26,28)
S = mule (21,10)
d r
+ r+ d = = SWhy does this work?
d = 16 r = 25
25 + 16 = 16 + 25 = 41
![Page 21: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/21.jpg)
https://security.ias.edu 23
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Humpf,how romantic...
I should'vepicked a better
number.
![Page 22: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/22.jpg)
https://security.ias.edu 25
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Math● Square and Square root● Graphing● Elliptic Curves with point math● Finite Fields
![Page 23: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/23.jpg)
https://security.ias.edu 26
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Square and Square Root
√9=3
√9=−3√9=±3
32=3⋅3=9
(−3)2=−3⋅−3=9
32=3⋅332
(−3)2=−3⋅−3(−3)2
![Page 24: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/24.jpg)
https://security.ias.edu 27
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Graphing
0 1 2 3 40
2
4
6
8
10
12
14
16
18
1
x
y
y=x2+1
x yx2+1
0
1
2
34
5
02+1
1017
26
0•0+10+11
12+11•1+11+12
22+12•2+14+15
0 1 2 3 40
2
4
6
8
10
12
14
16
18
12
x
y
0 1 2 3 40
2
4
6
8
10
12
14
16
18
12
5
x
y
0 1 2 3 40
2
4
6
8
10
12
14
16
18
12
5
10
x
y
0 1 2 3 40
2
4
6
8
10
12
14
16
18
12
5
10
17
x
y
0 1 2 3 4 50
5
10
15
20
25
30
12
5
10
17
26
x
y
![Page 25: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/25.jpg)
https://security.ias.edu 28
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Elliptic Curves
![Page 26: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/26.jpg)
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
An Elliptical Machine
![Page 27: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/27.jpg)
https://security.ias.edu 30
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Elliptic Curvesy2= x3−x+3{(x , y )∈ℝ2∣y2= x3+ax+b ,4 a3+27 b2≠0}∪{0}
![Page 28: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/28.jpg)
https://security.ias.edu 31
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Elliptic Curve Math● Create “point addition” ⊕
P⊕Q⊕R=0
P⊕Q=-R● Create “point multiplication” ⊙
2⊙P = P⊕P
5⊙P = P⊕P⊕P⊕P⊕P● Demo D
![Page 29: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/29.jpg)
32
![Page 30: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/30.jpg)
33
![Page 31: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/31.jpg)
34
![Page 32: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/32.jpg)
35
![Page 33: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/33.jpg)
36
![Page 34: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/34.jpg)
37
![Page 35: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/35.jpg)
38
![Page 36: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/36.jpg)
39
![Page 37: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/37.jpg)
40
![Page 38: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/38.jpg)
41
![Page 39: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/39.jpg)
42
![Page 40: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/40.jpg)
43
![Page 41: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/41.jpg)
44
![Page 42: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/42.jpg)
45
![Page 43: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/43.jpg)
https://security.ias.edu 46
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
0 1 2 3 40
2
4
6
8
10
12
14
16
18
12
5
10
17
x
y
x x2+1
0
1
2
34
5
1017
26
0
2
5
Graphing
![Page 44: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/44.jpg)
https://security.ias.edu 47
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Finite Fields● Finite
– There is an end● Field
– Football– Soccer
● Demo A
![Page 45: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/45.jpg)
https://security.ias.edu 48
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Benefits from Finite Fields● computers are terrible at irrational
numbers● get to use whole numbers (integers)● reduce the size of the problem● Field is “closed”
![Page 46: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/46.jpg)
https://security.ias.edu 49
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Example Finite Field● Field size is 41● x axis goes from 0 to 40● y axis goes from 0 to 40
![Page 47: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/47.jpg)
https://security.ias.edu 50
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Graphing an EC on a Finite Field
![Page 48: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/48.jpg)
https://security.ias.edu 51
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
0 1 2 3 4 5 6 7 8 9 101112131415161718192021222324252627282930313233343536373839400
5
10
15
20
25
30
35
40
x
y
y2(mod 41)≡ x3−x+3 (mod 41)x
![Page 49: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/49.jpg)
https://security.ias.edu 52
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
0 1 2 3 4 5 6 7 8 9 101112131415161718192021222324252627282930313233343536373839400
5
10
15
20
25
30
35
40
x
y
2 3;
y2(mod 41)≡ x3−x+3 (mod 41)x
![Page 50: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/50.jpg)
https://security.ias.edu 53
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
0 1 2 3 4 5 6 7 8 9 101112131415161718192021222324252627282930313233343536373839400
5
10
15
20
25
30
35
40
x
y
2 3; 38
y2(mod 41)≡ x3−x+3 (mod 41)x
![Page 51: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/51.jpg)
https://security.ias.edu 54
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
0 1 2 3 4 5 6 7 8 9 101112131415161718192021222324252627282930313233343536373839400
5
10
15
20
25
30
35
40
x
y
2
5
3; 38
0
y2(mod 41)≡ x3−x+3 (mod 41)x
![Page 52: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/52.jpg)
https://security.ias.edu 55
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
0 1 2 3 4 5 6 7 8 9 101112131415161718192021222324252627282930313233343536373839400
5
10
15
20
25
30
35
40
x
y
2
6
3; 38
7; 34
5 0
y2(mod 41)≡ x3−x+3 (mod 41)x
![Page 53: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/53.jpg)
https://security.ias.edu 56
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
0 1 2 3 4 5 6 7 8 9 101112131415161718192021222324252627282930313233343536373839400
5
10
15
20
25
30
35
40
x
y
2
610
3; 38
7; 343; 38
5 0
y2(mod 41)≡ x3−x+3 (mod 41)x
![Page 54: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/54.jpg)
https://security.ias.edu 57
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
0 1 2 3 4 5 6 7 8 9 101112131415161718192021222324252627282930313233343536373839400
5
10
15
20
25
30
35
40
x
y
2
610
1517
18
1; 4015; 26
6; 35
3; 38
7; 343; 38
5 0
y2(mod 41)≡ x3−x+3 (mod 41)x
... …
![Page 55: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/55.jpg)
https://security.ias.edu 58
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
0 1 2 3 4 5 6 7 8 9 101112131415161718192021222324252627282930313233343536373839400
5
10
15
20
25
30
35
40
x
y
2
610
1517
18
1; 4015; 26
6; 35
3; 38
7; 343; 38
5 0; 41
y2(mod 41)≡ x3−x+3 (mod 41)x
... …
![Page 56: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/56.jpg)
https://security.ias.edu 59
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
0 1 2 3 4 5 6 7 8 9 101112131415161718192021222324252627282930313233343536373839400
5
10
15
20
25
30
35
40
x
y
2
610
1517
18
1; 4015; 26
6; 35
3; 38
7; 343; 38
5 0
y2(mod 41)≡ x3−x+3 (mod 41)x
... …
![Page 57: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/57.jpg)
https://security.ias.edu 60
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
0 1 2 3 4 5 6 7 8 9 101112131415161718192021222324252627282930313233343536373839400
5
10
15
20
25
30
35
40
x
y
2
610
1517
18
1; 4015; 26
6; 35
3; 38
7; 343; 38
5 0
y2(mod 41)≡ x3−x+3 (mod 41)x
... …
![Page 58: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/58.jpg)
https://security.ias.edu 61
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Point Addition ⊕● Draw a line between points P and Q● Flip over at the sides, keep your slope● When you hit the next point, flip to
opposite side of the graph
![Page 59: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/59.jpg)
https://security.ias.edu 62
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
0 1 2 3 4 5 6 7 8 9 101112131415161718192021222324252627282930313233343536373839400
5
10
15
20
25
30
35
40
x
y
2
610
1517
18
1; 4015; 26
6; 35
3; 38
7; 343; 38
5 0
y2(mod 41)≡ x3−x+3 (mod 41)x
... …
P
Q
R
-R
P ⊕ Q = -RP ⊕ Q ⊕ R = 0
![Page 60: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/60.jpg)
https://security.ias.edu 63
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
One way function
X
![Page 61: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/61.jpg)
https://security.ias.edu 64
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
One way function● Point addition ⊕ and multiplication ⊙ are easy● Point subtraction ⊖ and division ⊘ are hard● Given R, what are P & Q?
![Page 62: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/62.jpg)
https://security.ias.edu 65
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
0 1 2 3 4 5 6 7 8 9 101112131415161718192021222324252627282930313233343536373839400
5
10
15
20
25
30
35
40
x
y
2
610
1517
18
1; 4015; 26
6; 35
3; 38
7; 343; 38
5 0
y2(mod 41)≡ x3−x+3 (mod 41)x
... …R
P + Q = -R
P + Q + R = 0
-R
P
![Page 63: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/63.jpg)
https://security.ias.edu 66
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Point Multiplication ⊙
![Page 64: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/64.jpg)
https://security.ias.edu 67
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
2 ⊙ (2,38) =(2,38) ⊕ (2,38) =(21,31)
![Page 65: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/65.jpg)
https://security.ias.edu 68
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
3 ⊙ (2,38) =(2,38) ⊕ ((2,38) ⊕ (2,38)) =(2,38) ⊕ (21,31) =(17,15)
![Page 66: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/66.jpg)
https://security.ias.edu 69
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
4 ⊙ (2,38) =(2,38) ⊕ ((2,38) ⊕ ((2,38) ⊕ (2,38))) =(2,38) ⊕ ((2,38) ⊕ (21,31)) =(2,38) ⊕ (17,15) =(30,35)
![Page 67: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/67.jpg)
https://security.ias.edu 70
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 68: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/68.jpg)
https://security.ias.edu 71
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 69: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/69.jpg)
https://security.ias.edu 73
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 70: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/70.jpg)
https://security.ias.edu 74
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
dingo(2,38)
gazelle
(21,31)
stallio
n
(17,15)
donke
y
(30,
35)
chipmunk(2,3)
mule(21,10)alligator(17,26)
jack
al(1
5,4
0)
igua
na(1
9,18
)
ferret
(19,2
3)
boar
(30,6)
ora
ng
uta
n(3
3,1
4)
goat
(38,1
5)
mong
oose
(32,2
9)
rat
(28
,19)
deer
(27,2
6)
cow
(10
,38)
hip
po
(29
,3)
meeka
t(6
,34
)
musk
rat
(34,3
5)
cou
gar
(37
,5)
wom
bat
(22
,16)
newt(35,11)
gibbon
(25,33)
opossum
(18,35)
panda
(26,28)
llama(5,0)
sloth (35,30) pa
rake
et(2
5,8)
reindee
r(3
7,3
6)
dormouse
(22,25)
hed
geh
og
(26,1
3)
chim
panz
ee
(18,
6)
cat
(34,6
)
an
teate
r(6
,7)
oce
lot
(29
,38)
beaver
(10,3
)
pon
y(2
7,1
5)
porcu
pin
e(2
8,2
2)
squ
irrel
(32,1
2)
koala
(38
,26)
an
telo
pe
(33,2
7)
chicke
n(1
5,1
)
![Page 71: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/71.jpg)
https://security.ias.edu 75
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
And they lived happily ever after...
… until Dual_EC_DRBG
![Page 72: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/72.jpg)
https://security.ias.edu 76
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Dual Elliptic Curve Deterministic Random Bit Generator (Dual_EC_DRBG)● Developed prior to 2004 by NSA
● Approved by NIST
● RSA Security used as default
● Bruce Schneier concluded it weak
● Edward Snowden leaks included documents revealing plot by NSA
![Page 73: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/73.jpg)
https://security.ias.edu 77
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Is ECC compromised then?● No, but we have some trust issues.● ANSI X9.62 (1999), IEEE P1363 (2000)?● SEC 2 (2000), NIST FIPS 186-2 (2000)?● ANSI X9.63 (2001), Brainpool (2005)?● NSA Suite B (2005)?● ANSSI FRP256V1 (2011)?
![Page 74: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/74.jpg)
https://security.ias.edu 78
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
SafeCurves
● Choosing safe curves for elliptic-curve cryptography
● https://safecurves.cr.yp.to/
![Page 75: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/75.jpg)
https://security.ias.edu 79
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Million Dollar ECC curve
● Publicly verifiable randomness produced in February 2016 by many national lotteries
● http://cryptoexperts.github.io/million-dollar-curve/
![Page 76: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/76.jpg)
https://security.ias.edu 80
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
And they lived happily ever after...
Hello? It's Eve here.Did you forget about me?
I heard everything!
![Page 77: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/77.jpg)
https://security.ias.edu 81
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 78: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/78.jpg)
https://security.ias.edu 82
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 79: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/79.jpg)
https://security.ias.edu 83
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
(Jimmy)nkwwm
![Page 80: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/80.jpg)
https://security.ias.edu 84
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
nkwwm
![Page 81: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/81.jpg)
https://security.ias.edu 85
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
nkwwmJimmy (Jimmy)orqql
![Page 82: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/82.jpg)
https://security.ias.edu 86
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Jimmy orqql
![Page 83: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/83.jpg)
https://security.ias.edu 87
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Jimmy orqqlJimmy
![Page 84: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/84.jpg)
https://security.ias.edu 88
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Jimmy Jimmy
(got it)ldg jg
![Page 85: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/85.jpg)
https://security.ias.edu 89
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Jimmy Jimmy
ldg jg
![Page 86: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/86.jpg)
https://security.ias.edu 90
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Jimmy Jimmy
ldg jggot it(got it)tes fs
![Page 87: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/87.jpg)
https://security.ias.edu 91
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Jimmy Jimmy
got ittes fs
![Page 88: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/88.jpg)
https://security.ias.edu 92
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Jimmy Jimmy
got ittes fsgot it
![Page 89: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/89.jpg)
https://security.ias.edu 93
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
RSA Certificates● Subject (FQDN)● Issuer (CA)● Public Key
● Modulus (n) product of two prime numbers● Public Exponent (e)
● x509 extensions● Certificate Authority Signature
![Page 90: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/90.jpg)
2008-05-29 Fun with Certificates
![Page 91: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/91.jpg)
2008-05-29 Fun with Certificates
![Page 92: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/92.jpg)
https://security.ias.edu 97
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
ECC Certificates● Subject (FQDN)● Issuer (CA)● Public Key
● Curve● Generator (start)● Public x,y coordinate
● x509 extensions● Certificate Authority Signature
![Page 93: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/93.jpg)
98
RSA ECC
![Page 94: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/94.jpg)
https://security.ias.edu 99
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
RSA Private Keys● Private Key
● Modulus (n) product of two prime numbers (p*q)● Public Exponent (e)● Private Exponent (d)● Prime1 (p)● Prime2 (q)
![Page 95: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/95.jpg)
2008-05-29 Fun with Certificates
![Page 96: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/96.jpg)
https://security.ias.edu 101
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
ECC Private Keys● Private Key
● Private number (how many steps)● Public x,y coordinate● Public Generator (starting point)● Curve
![Page 97: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/97.jpg)
102
RSA ECC
![Page 98: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/98.jpg)
https://security.ias.edu 103
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 99: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/99.jpg)
https://security.ias.edu 104
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 100: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/100.jpg)
https://security.ias.edu 105
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 101: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/101.jpg)
https://security.ias.edu 106
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Trust● Public Key Infrastructure (PKI)
● Certificate Authority (CA) i.e. notary● Intermediate Certificate● Client Certificate
● Web of Trust
![Page 102: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/102.jpg)
https://security.ias.edu 107
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Public Key Infrastructure(PKI)
Web of Trust
![Page 103: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/103.jpg)
https://security.ias.edu 108
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
PKI● Why do we trust CAs?
● time consuming vetting process● regularly audited● $$$● bundled with product● certificate revocation
![Page 104: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/104.jpg)
https://security.ias.edu 109
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Structure● Root CA
● self signed● Intermediate certificate● Server certificate
![Page 105: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/105.jpg)
https://security.ias.edu 110
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 106: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/106.jpg)
https://security.ias.edu 111
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Who provides the CA certificate, the client or the server?
The client.
...the intermediate certificate?
The server. (or it should)
![Page 107: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/107.jpg)
https://security.ias.edu 112
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 108: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/108.jpg)
https://security.ias.edu 113
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 109: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/109.jpg)
https://security.ias.edu 114
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 110: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/110.jpg)
https://security.ias.edu 115
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Getting Your Cert Signed● Internal Certificate Authority● Commercial Certificate Authority
● Be a reseller ($12/yr, $119/yr wildcard)● inCommon for .edu’s ($2k-$20k/yr)
● https://www.incommon.org/certificates/
![Page 111: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/111.jpg)
https://security.ias.edu 117
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Semi-primes
41 * 43 = easy!1763
1739 = 47 * 37 difficult
1791904897 = 49943 * 35879
170122668341587273458646411386585043888873643113298660753168823105496218048396254258389541689798276387535036676575062116463749217204880781486238521463801806647717753763762209533452596443765433132839199250997874070119227832756249288919712152428105344288137338378592441098310151010596800002333954751873349228763 * 143685366445138003711595402594806625836106895764255994658099545498390517894693472991085893832864915801761970155763201096759761623694012072299292478856561357050062892354466628960025947611851554780658080196114743327960874693198902680721554877864174333388893106637708514607610834750473283277858418617695308935563 = 24444137941285645379511684911299365678423833046448779381238796084162536046797899019234205442218213499926991297229281024701278950648068677702332885730383357978977040184484121175079987603694398742376695650950853277837222494281038135867022877083226479856395867447419772143605903245226717018069307504429199930327344784767917383283267106133917174472280561457908186415882389738067587305825291144415722855157890883871648649466532813832921881732883942736314267482744271752456430649004239402313393638372879487394870568428620598721555293620836002747794896212943069775576590434653324242136440479444891894641015313209968513198569
hard, I need a computer!
Really hard, I need a super computer and a couple of millennia!
![Page 112: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/112.jpg)
https://security.ias.edu 118
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Breaking semi-primes● Brute force● Sieve methods (slightly better)● Rainbow table
● What if we stored all 174 bit primes on micro-SD cards?
![Page 113: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/113.jpg)
https://security.ias.edu 119
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001001101100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010100101100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010111111100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000110000101100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000110101111100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001100111111100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001110001101100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010001111101100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010011111011100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010100010011100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010100111001100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010111000011100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000011000001111100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000011011100001100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000011101000001100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000011110000101.........................................................................
11972621413014756705924586149611790497021399392059337≅ 1.2*1052
23945242826029513411849172299223580994042798784118783≅ 2.4*1052
100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001001101
111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111101
Let's store every 174 bit prime number!
![Page 114: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/114.jpg)
https://security.ias.edu 120
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 115: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/115.jpg)
https://security.ias.edu 121
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
How many?# primes = π(x) = x/ln(x)
x1 = 11972621413014756705924586149611790497021399392059392
x2 = 23945242826029513411849172299223580994042798784118783
π(x2) – π(x
1) ≅ 9.87*1049 primes
0.005 g 1pb microsd
solar mass 1.9891*1030 kg
174 bitsprime
1 byte8 bits
1 kb 1024 bytes
1 mb 1024 kb
1 gb 1024 mb
1 tb 1024 gb
1 pb 1024 tb
1 kg 1000 gx
x x x x
x x x x =
x9.87*1049 primes
4.8 solar masses ≅ ???
![Page 116: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/116.jpg)
https://security.ias.edu 122
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 117: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/117.jpg)
https://security.ias.edu 123
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
![Page 118: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/118.jpg)
https://security.ias.edu 124
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Cert Lab
![Page 119: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/119.jpg)
https://security.ias.edu 125
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
Wrap-up● Cryptography● RSA overview● Explain why ECC came about● ECC deep dive● Safe Curves and Trust● Certs
![Page 120: Fun with Certificates part II - Institute for Advanced Study · Fun with Certificates part II Elliptic Curve Cryptography May 13, 2019 Network Security Institute for Advanced Study](https://reader036.fdocuments.in/reader036/viewer/2022081402/5f0d9e067e708231d43b3de7/html5/thumbnails/120.jpg)
https://security.ias.edu 126
Fun with Certificates part IIElliptic Curve Cryptography
May 13, 2019
Network SecurityInstitute for Advanced Study
T
H
A
N
K
S