This section is on Elliptic Curve cryptography. It continues in the "do other cryptosystems, but substitute in 'multiply mod n' with 'add points on the curve'" mindset. We discussed one of the sections in class last time.
1. Difficult. The part that gave me the most thought was in 16.5.3, ElGamal Digital Signatures. Alice chooses a prime p, a curve E, point A on E, and then it says "we assume that the number of points on E has been calculated". I thought the whole security of this was that it was hard to count out the points on E. I guess there is a difference between knowing how many points there are, and having a list of what they are.
Oh right, we talked about E(Z_(p^n)) = p^n + 1 - (alpha^n + beta^n). So it is possible to know how many points without knowing the points exactly, at least in the power of a prime case.
2. Reflective. I find it interesting that they had to verify that k^(-1)kA = A. I guess it makes sense, as we only know how to multiply integers times points on the curve (vs. integers mod n times points). Thus, we need to be careful when we know $k^(-1)k \equiv 1$, but $k^(-1)k \ne 1$, as it is in this case. It turns out it all works like you'd expect, but it was a point I'd probably have forgotten about. This is why we need to know $n$ in the first place, hm?
Finally, I'll be doing the student ratings soon, but I'm tired right now.
No comments:
Post a Comment