After two decades of research and development, elliptic curve cryptography now has widespread exposure and acceptance. Industry, banking, and government standards are in place to facilitate extensive deployment of this efficient public-key mechanism.

Anchored by a comprehensive treatment of the practical aspects of elliptic curve cryptography, this guide explains the basic mathematics, describes state-of-the art implementation methods, and presents standardized protocols for public-key encryption, digital signatures, and key establishment. In addition, the book addresses some issues that arise in software and hardware implementation, side-channel attacks and countermeasures, and efficient parameter generation. Readers receive the theoretical fundamentals as an underpinning for a wealth of practical and accessible knowledge on efficient application. Features:

*Breadth of coverage and unified, integrated approach to elliptic curve cryptosystems

*Describes important protocols developed by industry and government, such as the FIPS 186-2 standard from the U.S. National Institute for Standards and Technology *Provides full exposition on key techniques for efficiently implementing finite-field and elliptic curve arithmetic *Distills complex mathematics and algorithms for easy understanding, yet total subject integration *Includes useful literature references in each chapter, as well as a list of algorithms and appendixes on sample parameters, ECC standards, and software tools This all-embracing and highly focused reference offers a unique overview and strategic viewpoint for one of the most widely used cryptosystems in wireless devices and smart cards today. It is an indispensable resource for any practitioners, professionals, or researchers in computer science, computer engineering, network design, and network data security.

Darrel Hankerson is an industryconsultant and author of books on cryptography and data compression.

Alfred Menezes is co-director of the University of Waterloo's Center for Applied Cryptographic Research, leader of an ECC algorithm standardization committee, and author of books on cryptography and cryptosystems.

Scott Vanstone coauthored an applied cryptography handbook with A. Menezes and is founder of Certicom Corp. (Canada), a leading ECC company.

Key topics:

> Public-key cryptography

> Cryptographic protocols

> Attacks and secure implementation

> Domain parameters

> Signature schemes

> Key establishment

> ECC standards

> Finite- and binary-field arithmetic

-- Security / Cryptography

-- Beginning / Intermediate Level

Contenu

Contents List of Algorithms List of Tables List of Figures Acronyms Preface 1 Introduction and Overview 1.1 Cryptography basics 1.2 Public-key cryptography 1.2.1 RSAsystems 1.2.2 Discrete logarithmsystems 1.2.3 Elliptic curve systems 1.3 Why elliptic curve cryptography? 1.4 Roadmap 1.5 Notes and further references 2 Finite Field Arithmetic 2.1 Introduction to finite fields 2.2 Primefieldarithmetic 2.2.1 Addition and subtraction 2.2.2 Integer multiplication 2.2.3 Integer squaring 2.2.4 Reduction 2.2.5 Inversion 2.2.6 NISTprimes 2.3 Binary field arithmetic 2.3.1 Addition 2.3.2 Multiplication 2.3.3 Polynomial multiplication 2.3.4 Polynomial squaring 2.3.5 Reduction 2.3.6 Inversion and division 2.4 Optimal extension field arithmetic 2.4.1 Addition and subtraction 2.4.2 Multiplication and reduction 2.4.3 Inversion 2.5 Notes andfurther references 3 Elliptic Curve Arithmetic 3.1 Introduction to elliptic curves 3.1.1 Simplified Weierstrass equations 3.1.2 Group law 3.1.3 Group order 3.1.4 Group structure 3.1.5 Isomorphism classes 3.2 Point representation and the group law 3.2.1 Projective coordinates 3.2.2 The elliptic curve y2 = x3 +ax +b 3.2.3 The elliptic curve y2 +xy = x3 +ax2 +b 3.3 Point multiplication 3.3.1 Unknown point 3.3.2 Fixed point 3.3.3 Multiple point multiplication 3.4 Koblitz curves 3.4.1 The Frobenius map and the ring Z[ô] 3.4.2 Point multiplication 3.5 Curves with efficiently computable endomorphisms 3.6 Point multiplication using halving 3.6.1 Point halving 3.6.2 Performing point halving efficiently 3.6.3 Point multiplication 3.7 Point multiplication costs 3.8 Notes andfurther references 4 Cryptographic Protocols 4.1 The elliptic curve discrete logarithm problem 4.1.1 Pohlig-Hellmanattack 4.1.2 Pollard's rho attack 4.1.3 Index-calculus attacks 4.1.4 Isomorphism attacks 4.1.5 Related problems 4.2 Domain parameters 4.2.1 Domain parameter generation and validation 4.2.2 Generating elliptic curves verifiably at random 4.2.3 Determining the number of points on an elliptic curve 4.3 Keypairs 4.4 Signature schemes 4.4.1 ECDSA 4.4.2 EC-KCDSA 4.5 Public-key encryption 4.5.1 ECIES 4.5.2 PSEC 4.6 Keyestablishment 4.6.1 Station-to-station 4.6.2 ECMQV 4.7 Notes and further references 5 Implementation Issues 5.1 Software implementation 5.1.1 Integer arithmetic 5.1.2 Floating-point arithmetic 5.1.3 SIMD and field arithmetic 5.1.4 Platform miscellany 5.1.5 Timings 5.2 Hardware implementation 5.2.1 Design criteria 5.2.2 Field arithmetic processors 5.3 Secure implementation 5.3.1 Power analysis attacks 5.3.2 Electromagnetic analysis attacks 5.3.3 Error message analysis 5.3.4 Fault analysis attacks 5.3.5 Timing attacks 5.4 Notes and further references A Sample Parameters A.1 Irreducible polynomials A.2 Elliptic curves A.2.1 Random elliptic curves over Fp A.2.2 Random elliptic curves over F2m A.2.3 Koblitz elliptic curves over F2m B ECC Standards C Software Tools C.1 General-purpose tools C.2 Libraries Bibliography Index