Part 2 – Elliptic Curves Over Finite Fields

In the previous topic, we already know what is Elliptic Curves. Now, we go further with the Elliptic Curves Over Finite Fields.

Modulo

\( \text{When a number modulo a number we get the remainders are a finite cyclic group:}\) \(\\\) \( a \ mod \ p = y, \ 0 \leqslant y \leqslant p – 1 \)

Picture 1. Modulo

Refer to this link to get more about the Modulo operation.

Elliptic Curves Over Finite Fields

Elliptic Curves Over Finite Fields is define by \(F_{p}\):

\[F_{p} \ is \ y^2 = (x^3 + ax + b) \ mod \ p \]

\(\text{Where:} \) \(\\\) \(\bullet\) \(p > 3 \text{ is a prime number }\) \(\\\) \(\bullet\) \(a,b \in F_{p} ,\ 4a^{3} + 27b^{2} \neq 0 \ \text{and} \ F_{p} = \left \{0,1,…,(p-1) \right \} \) \(\\\) \(\bullet\) \( 0 \leqslant x, y \leqslant (p-1) \)

By mod an Elliptic Curve for a prime number we have the result y is a group of points that have the value inside the range 0 – (p-1). See the example below.

E.g.:

\[y^2 = (x^3 + x + 3) \ mod \ 23 \] \(\\\)

Picture 2. Elliptic Curves Over Finite Fields Example

Access this link to see more shapes of Elliptic Curves over Finite Fields (graui.de)

Now, we already know what the Elliptic Curves Over Finite Fields look like. Next, let see what is the change in point additions.

Point Addition and Point Doubling

\(x_{s} = s^2 – x_{q} – x_{p} \ mod \ p\) \(\\\) \(y_{s} = s(x_{q} – x_{s}) – y_{p} \ mod \ p\) \(\\\) \(\text{Point Addition,} \ P \neq Q\) \(\\\) \(s = \frac{y_{q} – y_{p}}{x_{q}-x_{p}} \ mod \ p\) \(\\\) \(\text{Point Doubling,} \ P = Q\) \(\\\) \(s = \frac{3x_{p}^2 + a}{2y_{p}} \ mod \ p \) \(\\\)

We see the point operations formula also added mod p.

Modular of a fraction

When calculating a fraction modulo m, we need to find the modular inverse of the denominator to multiply by the inverse instead of dividing. This is because the division is not directly defined in modular arithmetic. Instead, we use multiplication by the modular inverse to achieve the same result.

\(\text{For example, if we want to calculate } \frac{a}{b}mod \ m \text{. We find the modular inverse of b, denoted as } b^{-1}\) \(\text{and then compute } a * b^{-1} mod \ m.\)

E.g.: 9/5 mod 17

We find that 7 is the modular inverse of 5 modulo 17, because (5 * 7) mod 17 = 1.
Now, we can rewrite 9/5 as 9 * 7 mod 17, equivalent to 63 mod 17. Finally, the result is 12.

Below is the source code that helps us calculate the modular result.

Fraction Modular

def modular_inverse(a, m):
    # This function finds the modular inverse of a modulo m using the Extended Euclidean Algorithm
    # It returns the modular inverse if it exists, otherwise it returns None
    a = a % m
    for x in range(1, m):
        if (a * x) % m == 1:
            return x
    return None

def modular_division(numerator, denominator, modulus):
    # This function performs modular division of numerator by denominator modulo modulus
    inv_denominator = modular_inverse(denominator, modulus)
    if inv_denominator is None:
        raise ValueError(f"No modular inverse for {denominator} modulo {modulus}")
    return (numerator * inv_denominator) % modulus

# Example usage:
modulus = 17
numerator = 9
denominator = 5

result = modular_division(numerator, denominator, modulus)
print(f"The result of {numerator}/{denominator} mod {modulus} is {result}")

Example

\(\text{Given an ECOFF:} \ y^2 = (x^3 + x + 3) \ mod \ 23 \text{ and Point P:} \ P= \left \{ 0,7 \right \}. \text{ Find 2P and 3P.}\) \(\\\)

\(\text{To calculate 2P = P*P we need s}, \) \(\\\) \(s = \frac{3x_{p}^2 + a}{2y_{p}} \ mod \ p\ = \frac{3*0^2 + 1}{2*7} \ mod \ 23 = \frac{1}{14} \ mod \ 23 = 5\)

\(x_{s} = s^2 – x_{q} – x_{p} \ mod \ p = 5^2 – 0 – 0 \ mod \ 23 = 2\) \(\\\) \(y_{s} = s(x_{q} – x_{s}) – y_{p} \ mod \ p = 5*(0 – 2) – 7 \ mod \ 23 = 6\) \(\\\) \(So, \ 2P =\left \{ 2, 6 \right \}\)

\(Next, \ 3P = 2P+P, \text{we also calculate s first,} \) \(\\\) \(s = \frac{y_{q} – y_{p}}{x_{q}-x_{p}} \ mod \ p = \frac{6 – 7}{2-0} \ mod \ 23 = -\frac{1}{2} \ mod \ 23 = 11\) \(\\\)

\(x_{s} = s^2 – x_{q} – x_{p} \ mod \ p = 11^2 – 0 – 2 \ mod \ 23 = 4\) \(\\\) \(y_{s} = s(x_{q} – x_{s}) – y_{p} \ mod \ p = 11*(0 – 4) – 7 \ mod \ 23 = 18\) \(\\\) \(So, \ 3P = \left \{ 4,18 \right \}\)

To verify the results of the Point Addition and Point Doubling, please access Elliptic Curve scalar multiplication (𝔽ₚ) (corbellini.name)

The calculation method above is trouble when we calculate many points nP. It takes a lot of time and is very complicated.

For example, given a P find nP. Normally, we find 2P=P*P, 3P=2P+P, …, nP=(n-1)P+P.

Double-and-Add Algorithm

To understand what is Double-and-Add Algorithm, we take an example: find 30P.

30 = 11110

Ignore the first MSB bit. with 1 we do Doubling and Addition, with 0 we only do Doubling. We have:

Bit order	Value	Operation	Result
4	1	Ignore	P
3	1	Doubling Addition	3P
2	1	Doubling Addition	7P
1	1	Doubling Addition	15P
0	0	Doubling	30P

Following the table above, we need only 5 steps to calculate 30P.

In the next topic, we will see how the Elliptic Curves In Finite Field are used in TLS handshake. This also is the purpose of this series. Thanks for reading!

Part 2 – Elliptic Curves Over Finite Fields

By Minh Nguyen

Related Post

You Missed

CAN Flexible Data-rate – CAN FD

Controller Area Network – CAN Bus

How AES Encrypts/Decrypts A Long Message

Advanced Encryption Standard (AES)

About

Categories

Tags

Recent Post

CAN Flexible Data-rate – CAN FD

Controller Area Network – CAN Bus