An Interoperability Consideration in Selecting Domain Parameters for Elliptic Curve Cryptography

TITLE AND SUBTITLE:
An Interoperability Consideration in Selecting Domain Parameters for Elliptic Curve Cryptography

AUTHOR(S):
Wesley M. Eddy

REPORT DATE:
March 2005

FUNDING NUMBERS:
WBS-22-184-10-07
NAS3-03100

PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES):
RS Information Systems, Inc.
21000 Brookpark Road
Cleveland, Ohio 44135

PERFORMING ORGANIZATION REPORT NUMBER:
E-15045

SPONSORING/MONITORING AGENCY NAME(S) AND ADDRESS(ES):
National Aeronautics and Space Administration
Washington, DC 20546-0001

REPORT TYPE AND DATES COVERED:
Final Contractor Report

SPONSORING/MONITORING AGENCY REPORT NUMBER:
NASA CR-2005-213578

SUPPLEMENTARY NOTES:
Wesley M. Eddy, RS Information Systems, Inc., 21000 Brookpark Road, Cleveland Ohio, 44135, e-mail Wesley.M.Eddy@grc.nasa.gov, 216-433-6682. Project Manager, Will Ivancic, Satellite Networks and Architectures Branch, NASA Glenn Research Center, organization code RCN, 216-433-3494.

ABSTRACT:
Elliptic curve cryptography (ECC) will be an important technology for electronic privacy and authentication in the near future. There are many published specifications for elliptic curve cryptosystems, most of which contain detailed descriptions of the process for the selection of domain parameters. Selecting strong domain parameters ensures that the cryptosystem is robust to attacks. Due to a limitation in several published algorithms for doubling points on elliptic curves, some ECC implementations may produce incorrect, inconsistent, and incompatible results if domain parameters are not carefully chosen under a criterion that we describe. Few documents specify the addition or doubling of points in such a manner as to avoid this problematic situation. The safety criterion we present is not listed in any ECC specification we are aware of, although several other guidelines for domain selection are discussed in the literature. We provide a simple example of how a set of domain parameters not meeting this criterion can produce catastrophic results, and outline a simple means of testing curve parameters for interoperable safety over doubling.

SUBJECT TERMS:
Cryptography

NUMBER OF PAGES:
13

PDF AVAILABLE FROM URL:
2005/CR-2005-213578.pdf ( 212 KB )
This page contains an Adobe® Acrobat® Reader PDF file. The PDF documents have been created to show thumbnails of each page. If the thumbnails do not display properly, download the file to the hard drive and view through Acrobat® Reader. You can download Acrobat® Reader for free.

A service of the NASA Glenn Research Center Logistics and Technical Information Division

Suggestions or questions about this site can be directed to:

NASA official: Technical Publications Manager, Sue.E.Butts@nasa.gov

Web curator: Caroline.A.Rist@grc.nasa.gov

Privacy Policy and Important Notices