Elliptic Curve

ECC provides the same level of cryptographic security as older systems like RSA but with significantly smaller key sizes. This is due to the greater difficulty of solving the Elliptic Curve Discrete Logarithm Problem (ECDLP) compared to factoring large integers.

• A 256-bit ECC key offers security comparable to a 3072-bit RSA key.
• This results in smaller signatures, faster computations, and reduced storage and bandwidth requirements, making it ideal for constrained environments like blockchain and mobile devices.

The security of ECC relies on the computational hardness of the Elliptic Curve Discrete Logarithm Problem. Given two points P and Q on an elliptic curve, where Q = k * P (point multiplication), it is computationally infeasible to derive the private scalar k knowing only the public points P and Q.

This one-way function is the cornerstone of ECC security, enabling secure key generation, digital signatures (ECDSA), and key exchange protocols (ECDH).

A single private key (a random integer) can generate a virtually unlimited number of public keys through deterministic key derivation. This is achieved by adding a derivation index or using hierarchical deterministic (HD) wallet structures defined in standards like BIP-32.

• The master private key m generates child keys: child_private_key = m + hash(m, index).
• The corresponding public keys are derived via point multiplication on the curve, enabling organized key management for wallets and accounts without storing every key.

The Elliptic Curve Digital Signature Algorithm (ECDSA) is the most common signing mechanism in blockchains (Bitcoin, Ethereum). It creates a compact signature from a message hash and a private key, which can be verified using the corresponding public key.

• Signing: Produces a signature pair (r, s) derived from the private key and message hash.
• Verification: Uses the public key to check the signature's validity without revealing the private key.
• This provides non-repudiation and data integrity with minimal computational overhead.

ECC implementations use standardized, well-vetted elliptic curves defined by specific domain parameters. These parameters include the curve equation coefficients, the base point G, the field order, and the curve order n.

Common standardized curves include:

• secp256k1: Used by Bitcoin and Ethereum.
• P-256 (secp256r1): A NIST standard used in TLS and government systems.
• Ed25519: A twisted Edwards curve used in modern protocols for its performance and security properties. Using standard curves ensures interoperability and avoids security pitfalls from poorly chosen parameters.

The Elliptic Curve Diffie-Hellman (ECDH) protocol allows two parties to establish a shared secret over an insecure channel. Each party combines their own private key with the other party's public key using elliptic curve point multiplication.

• Process: Alice computes shared_secret = a * B (her private key a times Bob's public key B). Bob computes shared_secret = b * A. Due to the properties of point multiplication, both calculations yield the same point on the curve.
• This shared secret can then be used to derive a symmetric key for encrypted communication, forming the basis for secure session establishment.

The Elliptic Curve Digital Signature Algorithm (ECDSA) is the standard for signing transactions on major blockchains like Bitcoin and Ethereum. It allows a user to prove ownership of a private key without revealing it, enabling secure authorization of asset transfers. The process involves:

• Signing: Creating a unique signature for a transaction using a private key.
• Verification: Using the corresponding public key and signature to confirm the transaction's authenticity. This mechanism is fundamental to blockchain's trustless security model.

ECDSA is the cryptographic algorithm that uses elliptic curves to generate digital signatures, which are essential for authorizing blockchain transactions. It provides a way to prove ownership of a private key without revealing it.

• How it works: A signature is generated from the transaction hash and the signer's private key, and can be verified by anyone using the corresponding public key.
• Blockchain use: This is the standard for signing transactions on Bitcoin, Ethereum (pre-merge), and many other networks.

Public Key Cryptography (or asymmetric cryptography) is a system that uses pairs of keys: a public key, which can be shared openly, and a private key, which is kept secret. ECC is a highly efficient form of this system.

• Key Pair Relationship: The public key is mathematically derived from the private key, but the reverse calculation is computationally infeasible.
• Core Functions: Enables digital signatures (authentication) and key exchange (secure channel setup) with smaller key sizes than older systems like RSA.

secp256k1 is the specific set of elliptic curve parameters standardized for use in cryptocurrencies. It defines the exact mathematical curve used to generate key pairs.

• Notable Adoption: This is the curve used by Bitcoin, Ethereum (pre-merge), and many other blockchain protocols.
• Efficiency: Chosen for its security properties and performance in digital signature generation and verification.

The Discrete Logarithm Problem is the computational hardness assumption that underpins the security of ECC. It states that, given a public key Q (where Q = d * G), it is infeasible to calculate the private key d.

• Foundation of Security: The difficulty of solving the ECC variant of the DLP (the Elliptic Curve Discrete Logarithm Problem or ECDLP) is what protects private keys from being derived from public keys.
• Comparison: Solving ECDLP is believed to be exponentially harder than factoring large integers (the problem securing RSA) for equivalent key sizes.

Elliptic Curve Pairings are a more advanced cryptographic construction that takes points on elliptic curves and maps them to elements in a finite field. This enables novel cryptographic protocols.

• Key Applications: Essential for zk-SNARKs (the proving system behind Zcash and early Ethereum privacy tools) and BLS signatures.
• BLS Signatures: Allow for signature aggregation, where multiple signatures can be combined into one, a critical feature for scaling blockchains (e.g., Ethereum 2.0 consensus).

A Key Derivation Function is an algorithm used to derive one or more secret keys from a master secret, such as a passphrase or another key. In the context of ECC, it's often used alongside key agreement protocols.

• Common Use Case: After two parties use an Elliptic Curve Diffie-Hellman (ECDH) exchange to establish a shared secret, a KDF is applied to that secret to generate a symmetric encryption key for secure communication.
• Security Role: KDFs 'stretch' the input key material, making it more resistant to brute-force attacks.