Lines Matching refs:ECC
3012 /* make a 192-bit ECC key */
3043 /* make a 192-bit ECC key */
3602 The library provides a set of core ECC functions as well that are designed to be the Elliptic Curve analogy of all of the
3627 \index{Fixed Point ECC}
3629 As of v1.12 of LibTomCrypt, support for Fixed Point ECC point multiplication has been added. It is a generic optimization that is
3658 to 4096 bits (512 bytes) which is way more than what is required by ECC. At most, you need 1152 bits to accommodate ECC--521. If you're only using (say)
3659 ECC--256 you will only need 576 bits, which would reduce the memory usage by 700\%.
3663 LibTomCrypt uses a unique format for ECC public and private keys. While ANSI X9.63 partially specifies key formats, it does it in a less than ideally simple manner. \
3666 \index{ECC Key Format}
3692 \mysection{ECC Curve Parameters}
3694 extended ECC functions which allow the user to specify their own curves.
3726 \subsection{ECC Key Generation}
3727 There is a key structure called \textit{ecc\_key} used by the ECC functions. There is a function to make a key:
3728 \index{ecc\_make\_key()}
3745 \index{ecc\_make\_key\_ex()}
3754 This function generates a random ECC key over the curve specified by the parameters by \textit{dp}. The rest of the parameters are equivalent to
3757 \subsection{ECC Key Free}
3758 To free the memory allocated by a ecc\_make\_key(), ecc\_make\_key\_ex(), ecc\_import(), or ecc\_import\_ex() call use the following function:
3759 \index{ecc\_free()}
3764 \subsection{ECC Key Export}
3765 To export an ECC key using the LibTomCrypt format call the following function:
3766 \index{ecc\_export()}
3775 \subsection{ECC Key Import}
3776 The following function imports a LibTomCrypt format ECC key:
3777 \index{ecc\_import()}
3783 This will import the ECC key from \textit{in}, and store it in the ecc\_key structure pointed to by \textit{key}. If the operation fails it will free
3788 The following function imports a LibTomCrypt format ECC key using a specified set of curve parameters:
3789 \index{ecc\_import\_ex()}
3797 the ECC structure pointed to by \textit{key}. The curve is specified by the parameters pointed to by \textit{dp}. The function will free
3801 The following function exports an ECC public key in the ANSI X9.63 format:
3803 \index{ecc\_ansi\_x963\_export()}
3809 The ECC key pointed to by \textit{key} is exported in public fashion to the array pointed to by \textit{out}. The ANSI X9.63 format used is from
3813 The following function imports an ANSI X9.63 section 4.3.6 format public ECC key:
3815 \index{ecc\_ansi\_x963\_import()}
3821 This will import the key stored in the array pointed to by \textit{in} of length \textit{inlen} octets. The imported key is stored in the ECC key pointed to by
3825 The following function allows the importing of an ANSI x9.63 section 4.3.6 format public ECC key using user specified domain parameters:
3827 \index{ecc\_ansi\_x963\_import\_ex()}
3835 The imported key is stored in the ECC key pointed to by \textit{key}. The function will free any allocated memory upon error.
3837 \subsection{ECC Shared Secret}
3838 To construct a Diffie-Hellman shared secret with a private and public ECC key, use the following function:
3839 \index{ecc\_shared\_secret()}
3847 Note: this function stores only the $x$ co-ordinate of the shared elliptic point as described in ANSI X9.63 ECC--DH.
3849 \mysection{ECC Diffie-Hellman Encryption}
3850 ECC--DH Encryption is performed by producing a random key, hashing it, and XOR'ing the digest against the plaintext. It is not strictly ANSI X9.63 compliant
3854 \subsection{ECC-DH Encryption}
3855 \index{ecc\_encrypt\_key()}
3868 plaintext in the array pointed to by \textit{in} of length \textit{inlen} octets. It uses the public ECC key pointed to by \textit{key}, and
3872 The data is encrypted to the public ECC \textit{key} such that only the holder of the private key can decrypt the payload. To have multiple
3873 recipients multiple call to this function for each public ECC key is required.
3875 \subsection{ECC-DH Decryption}
3876 \index{ecc\_decrypt\_key()}
3889 \subsection{ECC Encryption Format}
3909 \index{ecc\_sign\_hash()}
3922 the ECC \textit{key} provided must be a private key.
3925 \index{ecc\_verify\_hash()}
3938 The ECC \textit{key} must be the public (or private) ECC key corresponding to the key that performed the signature.
3943 \mysection{ECC Keysizes}
3944 With ECC if you try to sign a hash that is bigger than your ECC key you can run into problems. The math will still work, and in effect the signature will still
3945 work. With ECC keys the strength of the signature is limited by the size of the hash, or the size of they key, whichever is smaller. For example, if you sign with
3946 SHA256 and an ECC-192 key, you in effect have 96--bits of security.
4106 As of version 1.07, the DSA keys can be used to encrypt and decrypt small payloads. It works similar to the ECC encryption where
4108 the ECC encryption format to the DSA algorithm.
4984 The work factor for ECC keys is much higher since the best attack is still fully exponential. Given a key of magnitude
4989 \hline ECC Key Size (bits) & Work Factor ($log_2$) \\
5001 \caption{ECC Key Strength}
5007 \hline Security Goal & RSA/DH Key Size (bits) & ECC Key Size (bits) \\
5026 pthreads based mutex locking in various routines such as the Yarrow and Fortuna PRNGs, the fixed point ECC multiplier, and other routines.
5322 When this has been defined the ECC point multiplier (built--in to the library) will use a timing resistant point multiplication
6288 /* ---- (optional) ecc point math ---- */
6290 /** ECC GF(p) point multiplication (from the NIST curves)
6305 /** ECC GF(p) point addition
6319 /** ECC GF(p) point double
6331 /** ECC mapping from projective to affine,
6408 \subsection{ECC Functions}
6409 The ECC system in LibTomCrypt is based off of the NIST recommended curves over $GF(p)$ and is used to implement EC-DSA and EC-DH. The ECC functions work with
6410 the \textbf{ecc\_point} structure and assume the points are stored in Jacobian projective format.
6413 /** A point on a ECC curve, stored in Jacobian format such
6425 All ECC functions must use this mapping system. The only exception is when you remap all ECC callbacks which will allow you to have more control
6426 over how the ECC math will be implemented. Out of the box you only have three parameters per point to use $(x, y, z)$ however, these are just void pointers. They
6443 roughly the time of one point multiplication. It is called from ecc\_verify\_hash() if an accelerator is not present. The acclerator function must allow the points to