ECC in OPEN SSL 1(background knowledge and data structure)

And still there is very little information on EC in OPEN SSL, I will explain more and give more code.

 

Firstly introduce ECC(Elliptic Curve Cryptography), from the math book:

 

In 1985, Elliptic Curve Cryptography (ECC) was proposed independently by cryptographers Victor Miller (IBM) and Neal Koblitz ( University of Washington ). ECC is based on the difficulty of solving the Elliptic Curve Discrete Logarithm Problem (ECDLP). Like the prime factorization problem, ECDLP is another "hard" problem that is deceptively simple to state: Given two points, P and Q, on an elliptic curve, find the integer n, if it exists, such that P = nQ.

 

Elliptic curves combine number theory and algebraic geometry. These curves can be defined over any field of numbers (i.e., real, integer, complex) although we generally see them used over finite fields for applications in cryptography. An elliptic curve consists of the set of real numbers (x, y) that satisfies the equation:

y² = x³ + ax + b

 

The set of all of the solutions to the equation forms the elliptic curve. Changing a and b changes the shape of the curve, and small changes in these parameters can result in major changes in the set of (x,y) solutions.

 

Elliptic curves have the interesting property that adding two points on the elliptic curve yields a third point on the curve. Therefore, adding two points, P1 and P2, gets us to point P3, also on the curve. Small changes in P1 or P2 can cause a large change in the position of P3.

 

So let's go back to the original problem statement from above. The point Q is calculated as a multiple of the starting point, P, or, Q = nP. An attacker might know P and Q but finding the integer, n, is a difficult problem to solve. Q is the public key, then, and n is the private key.

 

Since the ECC key sizes are so much shorter than comparable RSA keys, the length of the public key and private key is much shorter in elliptic curve cryptosystems. Presumably, this translates into faster processing, and lower demands on memory and bandwidth. In practice, the final results are not yet in; RSA, Inc. notes that ECC is faster than RSA for signing and decryption, but slower than RSA for signature verification and encryption.

 

Nevertheless, ECC is particularly useful in applications where memory, bandwidth, and/or computational power is limited (e.g., a smartcard) and it is in this area that ECC use is expected to grow.

 

And secondly the data structure in OPEN:

struct ec_key_st {     int version;       EC_GROUP *group; //其中记录了EC参数，如a，b。                      // and aslo the pub key EC_POINT //其中EC_METHOD中定义了曲线的各个回调函数。     EC_POINT *pub_key;     BIGNUM *priv_key;       unsigned int enc_flag;     point_conversion_form_t conv_form;       int    references;       EC_EXTRA_DATA *method_data; } /* EC_KEY */;   struct ec_point_st {     const EC_METHOD *meth;       /* All members except 'meth' are handled by the method functions,      * even if they appear generic */       BIGNUM X;     //这是真正的公钥信息     BIGNUM Y;     BIGNUM Z; /* Jacobian projective coordinates:                * (X, Y, Z)  represents  (X/Z^2, Y/Z^3)  if  Z != 0 */     int Z_is_one; /* enable optimized point arithmetics for special case */ } /* EC_POINT */;     struct ec_group_st {     const EC_METHOD *meth;       EC_POINT *generator; /* optional */     BIGNUM order, cofactor;       int curve_name;/* optional NID for named curve */     int asn1_flag; /* flag to control the asn1 encoding */     point_conversion_form_t asn1_form;       unsigned char *seed; /* optional seed for parameters (appears in ASN1) */     size_t seed_len;       EC_EXTRA_DATA *extra_data; /* linked list */       /* The following members are handled by the method functions,      * even if they appear generic */         BIGNUM field; /* Field specification.                    * For curves over GF(p), this is the modulus;                    * for curves over GF(2^m), this is the                    * irreducible polynomial defining the field.                    */       unsigned int poly[5]; /* Field specification for curves over GF(2^m).                            * The irreducible f(t) is then of the form:                            *     t^poly[0] + t^poly[1] + ... + t^poly[k]                            * where m = poly[0] > poly[1] > ... > poly[k] = 0.                            */       BIGNUM a, b; /* Curve coefficients.                   * (Here the assumption is that BIGNUMs can be used                   * or abused for all kinds of fields, not just GF(p).)                   * For characteristic  > 3,  the curve is defined                   * by a Weierstrass equation of the form                   *     y^2 = x^3 + a*x + b.                   * For characteristic  2,  the curve is defined by                   * an equation of the form                   *     y^2 + x*y = x^3 + a*x^2 + b.                   */       int a_is_minus3; /* enable optimized point arithmetics for special case */       void *field_data1; /* method-specific (e.g., Montgomery structure) */     void *field_data2; /* method-specific */     int (*field_mod_func)(BIGNUM *, const BIGNUM *, const BIGNUM *,    BN_CTX *); /* method-specific */ } /* EC_GROUP */;