Elliptic Curves
Elliptic Curve Cryptography (ECC) achieves the same security as RSA with much smaller key sizes. A 256-bit ECC key provides similar security to a 3072-bit RSA key!
Why Elliptic Curves? The discrete log problem on elliptic curves is even harder than in regular modular arithmetic. This allows for smaller, faster keys.
The Curve Equation
An elliptic curve over a prime field is defined by:
y² = x³ + ax + b (mod p)
Points on the curve form a group under a special "addition" operation.
Visualize the Curve
Points will appear here...
Point Addition
We can "add" two points on the curve to get a third point. Geometrically, draw a line through P and Q; it intersects the curve at a third point, then reflect over the x-axis.
Add Two Points
P = (
,
) +
Q = (
,
)
Result will appear here...
Scalar Multiplication
Adding a point to itself repeatedly: nP = P + P + ... + P (n times). This is the EC equivalent of exponentiation!
Compute nG
Result will appear here...
ECDH Key Exchange
Elliptic Curve Diffie-Hellman works just like regular DH, but uses point multiplication instead of exponentiation:
- Public: Curve parameters and generator point G
- Alice picks secret a, computes A = aG
- Bob picks secret b, computes B = bG
- Shared secret: Alice computes aB = a(bG) = abG
- Shared secret: Bob computes bA = b(aG) = abG
Why ECC is More Efficient
| Security Level | RSA Key Size | ECC Key Size | Ratio |
|---|---|---|---|
| 80-bit | 1024 bits | 160 bits | 6.4x |
| 128-bit | 3072 bits | 256 bits | 12x |
| 256-bit | 15360 bits | 512 bits | 30x |
Real-World Usage: Bitcoin uses the secp256k1 curve. TLS 1.3 primarily uses X25519 (an elliptic curve). Modern secure messaging apps rely heavily on ECC.