nettle: Elliptic curves
1
1 6.7.3 Elliptic curves
1 ---------------------
1
1 For cryptographic purposes, an elliptic curve is a mathematical group of
1 points, and computing logarithms in this group is computationally
1 difficult problem. Nettle uses additive notation for elliptic curve
1 groups. If P and Q are two points, and k is an integer, the point sum,
1 P + Q, and the multiple k P can be computed efficiently, but given only
1 two points P and Q, finding an integer k such that Q = k P is the
1 elliptic curve discrete logarithm problem.
1
1 Nettle supports standard curves which are all of the form y^2 = x^3 -
1 3 x + b (mod p), i.e., the points have coordinates (x,y), both
1 considered as integers modulo a specified prime p. Curves are
1 represented as a ‘struct ecc_curve’. It also supports curve25519, which
1 uses a different form of curve. Supported curves are declared in
1 ‘<nettle/ecc-curve.h>’, e.g., call ‘nettle_get_secp_256r1’ for a
1 standardized curve using the 256-bit prime p = 2^{256} - 2^{224} +
1 2^{192} + 2^{96} - 1. The contents of these structs is not visible to
1 nettle users. The “bitsize of the curve” is used as a shorthand for the
1 bitsize of the curve’s prime p, e.g., 256 bits for the SECP 256R1 curve.
1
Menu