EC Cryptography Tutorials - Herong's Tutorial Examples - v1.02, by Dr. Herong Yang
Reduced Elliptic Curve Group - E97(-1,1)
This section provides an example of a reduced Elliptic Curve group E97(-1,1). Some example points on the curve are is also provided.
Let's take a look at our second reduced elliptic curve group, E97(-1,1), as discussed in "A (relatively easy to understand) primer on elliptic curve cryptography" by Nick Sullivan at arstechnica.com/information-technology/2013/10 /a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/2/.
Here is the elliptic curve in the real number space:
y2 = x3 - x + 1
Here is the reduced elliptic curve group using modular arithmetic of prime number 97, E97(-1,1):
y2 = x3 - x + 1 (mod 97)
Example points on the curve:
Verify (x,y) = (70,6) is on the curve: y2 = x3 - x + 1 (mod 97) 6*6 = 70*70*70 - 70 + 1 (mod 97) 36 = 342931 (mod 97) 36 = 36 Verify (x,y) = (76,48) is on the curve: y2 = x3 - x + 1 (mod 97) 48*48 = 76*76*76 - 76 + 1 (mod 97) 2304 = 438901 (mod 97) 73 = 73 Verify (x,y) = (82,6) is on the curve: y2 = x3 - x + 1 (mod 97) 6*6 = 82*82*82 - 82 + 1 (mod 97) 36 = 551287 (mod 97) 36 = 36 Verify (x,y) = (69,22) is on the curve: y2 = x3 - x + 1 (mod 97) 22*22 = 69*69*69 - 69 + 1 (mod 97) 484 = 328441 (mod 97) 96 = 96
An example of the addition operation using the rule of chord is also illustrated on the diagram presented above. But the straight line is wrapped around because of the modular arithmetic reduction:
Given two points on the curve: A = (17,12) 12*12 = 17*17*17 - 17 + 1 (mod 97) 144 = 4897 (mod 97) 47 = 47 B = (63,93) 93*93 = 63*63*63 - 63 + 1 (mod 97) 8649 = 249985 (mod 97) 16 = 16 Draw a straight line passing through A and B, And wrap the line around when it reaches the boundary of the region. It will reach another point -C on the curve. Take the symmetric point C of -C: C = A + B C = (4,35) 35*35 = 4*4*4 - 4 + 1 (mod 97) 1225 = 61 (mod 97) 61 = 61
However, when I tried to calculate C = A+B using algebraic equations given by the reduced elliptic curve group definition, I got C = (89,51):
For any two given points on the curve: A = (xP, yP) = (17,12) B = (xQ, yQ) = (63,93) C = A + B is a third point on the curve: C = (xR, yR) Where: xR = m2 - xP - xQ (mod p) (11) yR = m(xP - xR) - yP (mod p) (12) m(xP - xQ) = yP - yQ (mod p) (18) Calculation: m*(17-63) = 12-93 (mod 97) m*(-46) = -81 (mod 97) 51*m = 16 (mod 97) m = 16 * 1/51 (mod 97) m = 16 * 78 (mod 97) m = 1248 (mod 97) m = 84 xR = 84*84 - 17 - 63 = 6976 (mod 23) xR = 89 yR = 86*(17 - 89) - 12 = -6060 (mod 23) yR = 51 C = (89,51)
May be the illustration of C=A+B on the diagram is not accurate.
Table of Contents
Geometric Introduction to Elliptic Curves
Algebraic Introduction to Elliptic Curves
Abelian Group and Elliptic Curves
Discrete Logarithm Problem (DLP)
Generators and Cyclic Subgroups
►Reduced Elliptic Curve Groups
Converting Elliptic Curve Groups
Elliptic Curves in Integer Space
Python Program for Integer Elliptic Curves
Elliptic Curves Reduced by Modular Arithmetic
Python Program for Reduced Elliptic Curves
Point Pattern of Reduced Elliptic Curves
Integer Points of First Region as Element Set
Reduced Point Additive Operation
Modular Arithmetic Reduction on Rational Numbers
Reduced Point Additive Operation Improved
What Is Reduced Elliptic Curve Group
Reduced Elliptic Curve Group - E23(1,4)
►Reduced Elliptic Curve Group - E97(-1,1)
Reduced Elliptic Curve Group - E127(-1,3)
Reduced Elliptic Curve Group - E1931(443,1045)
Finite Elliptic Curve Group, Eq(a,b), q = p^n
tinyec - Python Library for ECC
ECDH (Elliptic Curve Diffie-Hellman) Key Exchange
ECDSA (Elliptic Curve Digital Signature Algorithm)