Implementing Network Security Protocols based on Elliptic Curve Cryptography

Elliptic curve cryptography provides a methodology for obtaining high-speed, efficient, and scalable implementations of network security protocols. In this paper, we describe in detail three protocols based on elliptic curve cryptographic techniques, and the results of our implementation of the elliptic curve cryptography over the Galois field GF (2k), where k is a composite number. 1 Elliptic Curve Cryptography Elliptic curve cryptography [9, 5, 8, 6] provides a methodology for obtaining high-speed, efficient, and scalable implementations of network security protocols. The security of these protocols depends on the difficulty of computing elliptic curve discrete logarithm in the elliptic curve group. The group operations utilize the arithmetic of points which are elements of the set of solutions of an elliptic curve equation defined over a finite field. The arithmetic of elliptic curve operations depend on the arithmetic on the underlying finite field. The standards suggest the use of GF (p) and GF (2). Below, we define the nomenclature and then provide a general overview of security protocols based on elliptic curve cryptography. • Scalar: An element belonging to either one of the fields GF (p) or GF (2) is called a scalar. Scalars are named with lowercase letters: r, s, t, etc. • Scalar Addition: Two or more scalar can be added to obtain another scalar. In the GF (p) case, this is the ordinary integer addition modulo p. When GF (2) is used, this is equivalent to polynomial addition modulo an irreducible polynomial of degree k, generating the field GF (2). We will denote the scalar addition of r and s giving the result e by e = r + s. ∗This research was supported in part by Secured Information Technology, Inc. †Proceedings of the Fourth Symposium on Computer Networks, S. Oktuǧ, B. Örencik, and E. Harmancı, editors, pages 130–139, Istanbul, Turkey, May 20-21, 1999.