Introduction
Elliptic Curve Cryptography is an exciting and promising method of encrypting data which achieves the same, or better, strength with far smaller key lengths than traditional encryption methods such as RSA. Elliptic Curves are themselves not rocket science, but the plethora of articles and mathematical background out there do leave it somewhat as "a non-trivial exercise to the causal reader" to actually see how the scheme can be implemented and used. Alas, I for one do not code for a living anymore and hence I always look for compact, to the point, implementations showing with code exactly how something works.
I hope that the source files you download with this article will provide one such source of compact, easy to understand, material to demystify and indeed realize how Elliptic Curves (notice the capitalization here...) can be coded in C++ and used to encrypt and decrypt messages between the ever present Alice and Bob...
Background
Yes, there is plenty of background. Firstly, you should understand the basics of Elliptic Curves, and I have found no better place to learn about them than here: Certicom's EC tutorial. It explains the math behind the ECs, and the important use of ECs over finite fields, i.e., over integers modulo some other integer (usually chosen to be a prime so that the period of any sequence of integers generated by multiplication or addition becomes "long enough").
Secondly, you should probably take some time to think relatively deeply about how finite fields actually work. Finding the inverse of a number in a finite field, for example, is not immediately trivial (unless you do this sort of thing for a living). And, since that is quite fundamental and used quite a lot in the code, I will outline this here:
Given a finite field Fp where p
is a prime number (or more specifically a prime power) and a
, b
are elements of Fp, a
is the multiplicative inverse of b
if (and only if):
(a * b) mod p == 1
Which makes sense, as (in "real speak") a
is the inverse of b if a
*b
== 1, i.e., a
= 1/b
.
To find a
, given b
and p
, requires the use of the "Greatest Common Divisor" (GCD) which returns the largest integer less than (or equal to) a
(or) and b
that divides a
and b
evenly.
If this integer is 1, then a
and b
are relative prime, since only 1 can divide them both evenly. Now, given a
and b
and p
, if b
(the inverse of which we are looking for) and p
are relative prime, then we can find an inverse. This also makes sense since since if b
and p
are relative prime, you can always write:
b*u + p*v == 1
since GCD(b,p) == 1 only if b
and p
have this relation. Now, if p
is an actual prime number, then b
always has an inverse modulo p
...
Since pretty much *all* modern encryption schemes use prime numbers and modulo arithmetic one way or the other, it is a Good Thing to learn the basics.
Using the code
I hope the code is pretty much self explanatory. It was developed using DevCpp, MinGW, and GCC version 3.4.2, but has not been tested on other compilers. Although I do like my C++, I have not gone overboard with anything that could cause "ANSI compliance" issues, but please let me know if you find anything.
To get started, go to look at int main(...
at the bottom of main.cpp. FiniteFieldElement.hpp is the header file implementing modular arithmetic using normal integers. Warning: I have had to adjust for the modulus of negative numbers, and I assume (since the ANSI standard doesn't explicitly state anything about it) that it could be different on other compilers. Just be forewarned that if something doesn't look right, that could be the reason!
Also: this is implemented using bog standard machine integers, no special big-integer support here.
The example encrypts a message from Alice which is "1972", so if everything is running alright, you should see that Bob's decrypted message reads just that.
Points of interest
Great fun to implement this, in particular when it worked. I encourage anybody to expand on Elliptic Curve implementations to ensure that the understanding and knowledge of these powerful mathematical entities is spread out as much as possible. Security can't be secure enough.
History
First version written over Christmas in the south of not-so-sunny France.