|
| slavapestov wrote:
| Elliptic curves over finite fields have immediate applications to
| cryptography, but elliptic curves over the complex numbers are
| cool too. Just like the sine and cosine parametrize the circle,
| elliptic functions parametrize elliptic curves.
|
| Whereas trig functions are singly periodic with period 2pi,
| elliptic functions are doubly periodic functions, meaning that
| there are fixed complex numbers z and w such that f(x+z) = f(x+w)
| = f(x). You can prove that for a given period lattice, the field
| of such functions is generated by two such fundamental functions
| ---the Weierstrass elliptic function and its derivative. The
| addition law for elliptic curves over C can be derived from
| something like the equivalent of the addition law for sine and
| cosine.
|
| Elliptic functions have applications to physics and are also
| interesting in their own right. This all leads to the study of
| fractional linear transformations, modular forms and even
| Fermat's Last Theorem. It's all quite lovely.
| 1aqp wrote:
| An important point to note, that is not very obvious from the
| text, is that it is (very, very) difficult to retrieve ka from
| A=ka.P and kb from B=kb.P. For an attacker who has A and B, it's
| close to impossible to recover P and ka.kb.P
| bembo wrote:
| Isn't P always the same? Or is it shared before the exchange?
|
| Edit: just looked it up and the base point for curve25519 is
| x=9 so no point in recovering it.
| arcsincosin wrote:
| This is wonderful. As part of a cryptography course in undergrad,
| I spent a fair number of hours adding/multiplying points on small
| curves by hand and eventually computationally, and seeing these
| animations represents the "feel" of that process better than any
| resource I have seen.
|
| It seems that elliptic curves are used quite shrewdly in public
| key exchanges, used as a sort of off-the-shelf arithmetic system
| that renders some benefits (harder to solve the elliptic curve
| discrete log problem) and drawbacks (more expensive to compute,
| because of these point ops) compared to key exchanges relying on
| the integer discrete log problem. There is generally much energy
| spent on explaining the point operations but not much on
| explaining this context: this is an alternate arithmetic inserted
| into the Diffie Helman scheme that is secure and not so hard to
| work with.
|
| The finite fields in application (e.g. in X25519) are so large
| compared to the toy examples that the technical details matter
| more for understanding the performance of the algorithms than the
| actual cryptographic method. Understanding (and convincing
| yourself of) the core behavior of the key exchange itself is
| perhaps best done with the number theory and group theory lens.
| There was a discussion here on HN a couple days ago which largely
| bashed the theoretical approach in favor of simply cargo culting
| the tools, which was appalling. I hope they all enjoy this link!
|
| Anyhow, the application of elliptic curves to cryptography is
| clever and I would recommend everyone with an interest (and a
| little background in algebra) read Koblitz's paper[1] and
| Miller's earlier description [2] if they are looking for more
| context for OP's wonderful presentation.
|
| 1: Koblitz: Elliptic Curve Cryptosystems
| https://www.ams.org/journals/mcom/1987-48-177/S0025-5718-198...
|
| 2: Miller: Use of Elliptic Curves in Cryptography
| https://link.springer.com/chapter/10.1007/3-540-39799-X_31
___________________________________________________________________
(page generated 2023-07-03 23:00 UTC) |