[HN Gopher] The Animated Elliptic Curve ___________________________________________________________________ The Animated Elliptic Curve Author : syncsynchalt Score : 114 points Date : 2023-07-03 16:01 UTC (6 hours ago) (HTM) web link (curves.xargs.org) (TXT) w3m dump (curves.xargs.org) | slavapestov wrote: | Elliptic curves over finite fields have immediate applications to | cryptography, but elliptic curves over the complex numbers are | cool too. Just like the sine and cosine parametrize the circle, | elliptic functions parametrize elliptic curves. | | Whereas trig functions are singly periodic with period 2pi, | elliptic functions are doubly periodic functions, meaning that | there are fixed complex numbers z and w such that f(x+z) = f(x+w) | = f(x). You can prove that for a given period lattice, the field | of such functions is generated by two such fundamental functions | ---the Weierstrass elliptic function and its derivative. The | addition law for elliptic curves over C can be derived from | something like the equivalent of the addition law for sine and | cosine. | | Elliptic functions have applications to physics and are also | interesting in their own right. This all leads to the study of | fractional linear transformations, modular forms and even | Fermat's Last Theorem. It's all quite lovely. | 1aqp wrote: | An important point to note, that is not very obvious from the | text, is that it is (very, very) difficult to retrieve ka from | A=ka.P and kb from B=kb.P. For an attacker who has A and B, it's | close to impossible to recover P and ka.kb.P | bembo wrote: | Isn't P always the same? Or is it shared before the exchange? | | Edit: just looked it up and the base point for curve25519 is | x=9 so no point in recovering it. | arcsincosin wrote: | This is wonderful. As part of a cryptography course in undergrad, | I spent a fair number of hours adding/multiplying points on small | curves by hand and eventually computationally, and seeing these | animations represents the "feel" of that process better than any | resource I have seen. | | It seems that elliptic curves are used quite shrewdly in public | key exchanges, used as a sort of off-the-shelf arithmetic system | that renders some benefits (harder to solve the elliptic curve | discrete log problem) and drawbacks (more expensive to compute, | because of these point ops) compared to key exchanges relying on | the integer discrete log problem. There is generally much energy | spent on explaining the point operations but not much on | explaining this context: this is an alternate arithmetic inserted | into the Diffie Helman scheme that is secure and not so hard to | work with. | | The finite fields in application (e.g. in X25519) are so large | compared to the toy examples that the technical details matter | more for understanding the performance of the algorithms than the | actual cryptographic method. Understanding (and convincing | yourself of) the core behavior of the key exchange itself is | perhaps best done with the number theory and group theory lens. | There was a discussion here on HN a couple days ago which largely | bashed the theoretical approach in favor of simply cargo culting | the tools, which was appalling. I hope they all enjoy this link! | | Anyhow, the application of elliptic curves to cryptography is | clever and I would recommend everyone with an interest (and a | little background in algebra) read Koblitz's paper[1] and | Miller's earlier description [2] if they are looking for more | context for OP's wonderful presentation. | | 1: Koblitz: Elliptic Curve Cryptosystems | https://www.ams.org/journals/mcom/1987-48-177/S0025-5718-198... | | 2: Miller: Use of Elliptic Curves in Cryptography | https://link.springer.com/chapter/10.1007/3-540-39799-X_31 ___________________________________________________________________ (page generated 2023-07-03 23:00 UTC)