Reputation: 2571
Elliptic Curve Encryption
Please provide me an example using the Bouncycastle library showing how to add two points on an elliptic curve.
I tried the following code but i didn't get the same result that should happen theoretically.
X9ECParameters x9=NISTNamedCurves.getByName("P-224");
ECCurve curve=x9.getCurve();
ECFieldElement x1=new ECFieldElement.Fp(new BigInteger("10"), new BigInteger("8"));
ECFieldElement y1=new ECFieldElement.Fp(new BigInteger("10"), new BigInteger("9"));
ECPoint.Fp p1=new ECPoint.Fp(curve, x1, y1);
ECFieldElement x2=new ECFieldElement.Fp(new BigInteger("10"), new BigInteger("5"));
ECFieldElement y2=new ECFieldElement.Fp(new BigInteger("10"), new BigInteger("6"));
ECPoint.Fp p2=new ECPoint.Fp(curve, x2, y2);
p2=(ECPoint.Fp) p1.add(p2);
System.out.println(p2.getX().toBigInteger()+" "+p2.getY().toBigInteger());
And also I didn't understand what value is to provide for first BigInteger in ECFiledElement.
Upvotes: 0
Views: 2461
Answers (1)
Reputation: 42009
Your example makes no sense at all so it is hard to understand what you think the result should be. By using low-level classes like ECFieldElement you are taking full responsibility to provide sensible parameters. You have selected NIST curve P-224. This elliptic curve is defined over a specific field. You can retrieve the prime 'q' for this finite field and use it to create field elements by the following (departing from your example):
X9ECParameters x9 = NISTNamedCurves.getByName("P-224");
ECCurve.Fp curve = (Fp) x9.getCurve();
BigInteger q = curve.getQ();
ECFieldElement x1 = new ECFieldElement.Fp(q, new BigInteger("8"));
ECFieldElement y1 = new ECFieldElement.Fp(q, new BigInteger("9"));
The first argument of the ECFieldElement.Fp constructor is the prime that defines the field.
The second problem with your example is that not every pair (x,y) of integers is a point on the elliptic curve. The chance of a random (x,y) being on P-224 is incredibly small. Here again, by messing with the low-level EPoint classes Bouncycastle does not check this for you. So while you can make the machinery of the elliptic curve addition software run and give you answers, those answers are meaningless.
To make any more progress I have to ask first: what are you trying to do?
Finding a point on an Elliptic Curve
There are two basic ways to find a point on an elliptic curve.
- take an existing known point on the curve and scalar multiply by an integer. The result is another point on the curve.
- Pick an x-coordinate, say x1. Plug it into the right side of the elliptic curve formula to get y12 = E(x1). Then attempt to compute a square root in the field. If the square root exists, then you get two points (x1, y1) and (x1,-y1) that are on the curve. If the square root does not exists, then there is no point on the curve with x-coordinate x1.
You can get a point on your elliptic curve by ECPoint.Fp = (ECPoint.Fp)x9.getG(); You can multiply that point by an integer with the ECPoint.multiply(...).
Using method #2 is harder than it needs to be with Bouncycastle. All the methods are in the ECPoint and ECFieldElement classes. The ECFieldElement class contains a public square root method that you can use to attempt to compute the square root. If it returns null then the square root does not exist.
Upvotes: 7
Related Questions
- Elliptic Curve Private Key Length in Java
- BouncyCastle C#: How to Implement EllipticCurve Encryption/Decryption
- Encrypt AES secret key with Elliptic Curve ElGamal
- Elliptic curve point
- Encryption using BouncyCastle's Elliptic Curve Crypto API in Java
- Using BouncyCastle to encrypt with ECIES in Java
- EC ElGamal in Bouncy castle for Java
- Java 7 keytool Elliptic Curve Encryption
- Elliptic Curve with Digital Signature Algorithm (ECDSA) implementation on BouncyCastle
- Bouncycastle elliptic curve encryption on Android