(Very) Basic Eliptic Curve Cryptography
blockchain.works-hub.comI'm not really following the trapdoor reasoning. Both RSA and elliptic curves are based on having a system where 'exponentiation' commutes and the 'logarithm' is computationally difficult. RSA only needs the two generator primes to make finding the 'inverse' of the e exponent computationally tractable, once that is done the 'trapdoor' isn't used any more. There isn't an equivalent of that in elliptic curves in my understanding of them.
> A 256 bit key in ECC offers about the same security as 3072 bit key using RSA.
> This means that in systems with limited resources such as smartphones, embedded computers, cryptocurrency networks, it uses less than 10% of the hard disk space and bandwidth required using RSA.
What?
I could possibly understand CPU usage being significantly lower for an equivalent level of security, but how could disk space and bandwidth be affected to any significant measure?
In this example, an EC private key is made up of 256 bits of "randomness". Nearly every 256-bit number is a valid ECDSA private key.
However, an RSA private key is made of up specific numbers like a modulus, private exponent, etc that contribute to its length. In principle this is all you need. But usually other generation parameters are included that speed up calculations for the Chinese Remainder Theorem.
When it comes to network bandwidth, the number one concern relates to the symmetric algorithm used for message encryption and Message Authentication Coding (MAC) for integrity checking (this is unrelated to the choice of RSA versus ECC). Smaller embedded systems may start sessions more frequently, or the asymmetric authentication may be a larger percentage of the overall traffic and the size of the keys and signatures can make a difference. At the 128-bit security level, public keys and signatures are six-times larger for RSA than for ECC. Private keys are 12-times larger for RSA compared to ECC at the 128-bit security level. The key size generally has no impact on performance, but size matters when it comes to the cost of secure storage of the keys.