diff options
author | Andreas Müller <andreas.mueller@ost.ch> | 2021-04-15 16:43:09 +0200 |
---|---|---|
committer | Andreas Müller <andreas.mueller@ost.ch> | 2021-04-15 16:43:09 +0200 |
commit | 91284841f585ad2e5bf5002ce10ee4f3baa93b95 (patch) | |
tree | 9b39f5a8d824114cd554a8c3bc5009dd7ca765cd /vorlesungen/slides | |
parent | more ec slides (diff) | |
download | SeminarMatrizen-91284841f585ad2e5bf5002ce10ee4f3baa93b95.tar.gz SeminarMatrizen-91284841f585ad2e5bf5002ce10ee4f3baa93b95.zip |
add oakley groups
Diffstat (limited to 'vorlesungen/slides')
-rw-r--r-- | vorlesungen/slides/a/Makefile.inc | 3 | ||||
-rw-r--r-- | vorlesungen/slides/a/chapter.tex | 3 | ||||
-rw-r--r-- | vorlesungen/slides/a/ecc/inverse.tex | 2 | ||||
-rw-r--r-- | vorlesungen/slides/a/ecc/oakley.tex | 85 | ||||
-rw-r--r-- | vorlesungen/slides/a/ecc/oakley1.txt | 14 | ||||
-rw-r--r-- | vorlesungen/slides/a/ecc/oakley2.txt | 16 | ||||
-rw-r--r-- | vorlesungen/slides/a/ecc/oakley3.txt | 17 | ||||
-rw-r--r-- | vorlesungen/slides/a/ecc/oakley4.txt | 17 | ||||
-rw-r--r-- | vorlesungen/slides/a/ecc/operation.tex | 68 | ||||
-rw-r--r-- | vorlesungen/slides/a/ecc/prime1.txt | 5 | ||||
-rw-r--r-- | vorlesungen/slides/a/ecc/prime2.txt | 8 | ||||
-rw-r--r-- | vorlesungen/slides/a/ecc/primes | 13 | ||||
-rw-r--r-- | vorlesungen/slides/a/ecc/quadrieren.tex | 59 | ||||
-rw-r--r-- | vorlesungen/slides/test.tex | 9 |
14 files changed, 314 insertions, 5 deletions
diff --git a/vorlesungen/slides/a/Makefile.inc b/vorlesungen/slides/a/Makefile.inc index 45e22fc..9dba93f 100644 --- a/vorlesungen/slides/a/Makefile.inc +++ b/vorlesungen/slides/a/Makefile.inc @@ -11,6 +11,9 @@ chaptera = \ ../slides/a/ecc/gruppendh.tex \ ../slides/a/ecc/kurve.tex \ ../slides/a/ecc/inverse.tex \ + ../slides/a/ecc/operation.tex \ + ../slides/a/ecc/quadrieren.tex \ + ../slides/a/ecc/oakley.tex \ \ ../slides/a/chapter.tex diff --git a/vorlesungen/slides/a/chapter.tex b/vorlesungen/slides/a/chapter.tex index 270aa0d..84ee609 100644 --- a/vorlesungen/slides/a/chapter.tex +++ b/vorlesungen/slides/a/chapter.tex @@ -11,4 +11,7 @@ \folie{a/ecc/gruppendh.tex} \folie{a/ecc/kurve.tex} \folie{a/ecc/inverse.tex} +\folie{a/ecc/operation.tex} +\folie{a/ecc/quadrieren.tex} +\folie{a/ecc/oakley.tex} diff --git a/vorlesungen/slides/a/ecc/inverse.tex b/vorlesungen/slides/a/ecc/inverse.tex index f66101d..c50f698 100644 --- a/vorlesungen/slides/a/ecc/inverse.tex +++ b/vorlesungen/slides/a/ecc/inverse.tex @@ -40,7 +40,7 @@ Y(Y+X) &= X^3 + aX + b} \\ \uncover<8->{&&\Rightarrow X+Y&\mapsto -Y} \end{align*} -Spezialfall $\mathbb{F}_2$: $Y\leftrightarrow X+Y$ +\uncover<9->{Spezialfall $\mathbb{F}_2$: $Y\leftrightarrow X+Y$} \end{block}} \end{column} \end{columns} diff --git a/vorlesungen/slides/a/ecc/oakley.tex b/vorlesungen/slides/a/ecc/oakley.tex new file mode 100644 index 0000000..6980c10 --- /dev/null +++ b/vorlesungen/slides/a/ecc/oakley.tex @@ -0,0 +1,85 @@ +% +% oakley.tex -- Oakley Gruppen +% +% (c) 2021 Prof Dr Andreas Müller, OST Ostschweizer Fachhochschule +% +\bgroup +\begin{frame}[t] +\setlength{\abovedisplayskip}{5pt} +\setlength{\belowdisplayskip}{5pt} +\frametitle{Oakley-Gruppen} +\only<1>{% +\small +\verbatiminput{../slides/a/ecc/oakley1.txt} +$\approx 1.55252\cdot 10^{231}$ +} +\only<2>{% +\begin{block}{$\mathbb{F}_p$} +Endlicher Körper mit $p = $ +\verbatiminput{../slides/a/ecc/prime1.txt} +\end{block} +} +\only<3>{% +\small +\verbatiminput{../slides/a/ecc/oakley2.txt} +} +\only<4>{% +\begin{block}{$\mathbb{F}_p$} +Endlicher Körper mit $p = $ +\verbatiminput{../slides/a/ecc/prime2.txt} +$\approx 1.7977\cdot 10^{308}$ +\end{block} +} +\only<5>{% +\small +\verbatiminput{../slides/a/ecc/oakley3.txt} +} +\only<6>{% +\begin{block}{Oakley Gruppe 3} +\begin{align*} +m(x) &= x^{155} + x^{62} + 1 +\\ +a &= 0 +\\ +b &= \texttt{0x07338f} +\\ +g_x &= 0x7b = x^6 + x^5 + x^4 + x^3 + x + 1 +\\ +&= +x^{18}+x^{17}+x^{16} ++ +x^{13}+x^{12} ++ +x^{9}+x^{8}+x^{7} ++ +x^{3}+x^{1}+x^{1}+1 +\\ +|G|&=45671926166590716193865565914344635196769237316 = 4.5672\cdot 10^{46} +\\ +\log_2|G|&=155\,\text{bit} +\end{align*} +\end{block}} +\only<7>{% +\small +\verbatiminput{../slides/a/ecc/oakley4.txt} +} +\only<8>{% +\begin{block}{Oakley Gruppe 4} +\begin{align*} +m(x) &= x^{185} + x^{69} + 1 +\\ +a &= 0 +\\ +b &= \texttt{0x1ee9} = x^{12} + x^{11}+x^{10}+x^9 + x^7+x^6+x^5 + x^3+1 +\\ +g_x &= \texttt{0x18} = x^4+x^3 +\\ +|G| &= 49039857307708443467467104857652682248052385001045053116 +\\ +&= 4.9040\cdot 10^{55} +\\ +\log_2|G| &= 185 +\end{align*} +\end{block}} +\end{frame} +\egroup diff --git a/vorlesungen/slides/a/ecc/oakley1.txt b/vorlesungen/slides/a/ecc/oakley1.txt new file mode 100644 index 0000000..4cc31ae --- /dev/null +++ b/vorlesungen/slides/a/ecc/oakley1.txt @@ -0,0 +1,14 @@ +6.1 First Oakley Default Group + + Oakley implementations MUST support a MODP group with the following + prime and generator. This group is assigned id 1 (one). + + The prime is: 2^768 - 2 ^704 - 1 + 2^64 * { [2^638 pi] + 149686 } + Its hexadecimal value is + + FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 + 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD + EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 + E485B576 625E7EC6 F44C42E9 A63A3620 FFFFFFFF FFFFFFFF + + The generator is: 2. diff --git a/vorlesungen/slides/a/ecc/oakley2.txt b/vorlesungen/slides/a/ecc/oakley2.txt new file mode 100644 index 0000000..ddb2d2a --- /dev/null +++ b/vorlesungen/slides/a/ecc/oakley2.txt @@ -0,0 +1,16 @@ +6.2 Second Oakley Group + + IKE implementations SHOULD support a MODP group with the following + prime and generator. This group is assigned id 2 (two). + + The prime is 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }. + Its hexadecimal value is + + FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 + 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD + EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 + E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED + EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 + FFFFFFFF FFFFFFFF + + The generator is 2 (decimal) diff --git a/vorlesungen/slides/a/ecc/oakley3.txt b/vorlesungen/slides/a/ecc/oakley3.txt new file mode 100644 index 0000000..ab2c78f --- /dev/null +++ b/vorlesungen/slides/a/ecc/oakley3.txt @@ -0,0 +1,17 @@ +6.3 Third Oakley Group + + IKE implementations SHOULD support a EC2N group with the following + characteristics. This group is assigned id 3 (three). The curve is + based on the Galois Field GF[2^155]. The field size is 155. The + irreducible polynomial for the field is: + u^155 + u^62 + 1. + The equation for the elliptic curve is: + y^2 + xy = x^3 + ax^2 + b. + + Field Size: 155 + Group Prime/Irreducible Polynomial: + 0x0800000000000000000000004000000000000001 + Group Generator One: 0x7b + Group Curve A: 0x0 + Group Curve B: 0x07338f + Group Order: 0X0800000000000000000057db5698537193aef944 diff --git a/vorlesungen/slides/a/ecc/oakley4.txt b/vorlesungen/slides/a/ecc/oakley4.txt new file mode 100644 index 0000000..3ec20cc --- /dev/null +++ b/vorlesungen/slides/a/ecc/oakley4.txt @@ -0,0 +1,17 @@ +6.4 Fourth Oakley Group + + IKE implementations SHOULD support a EC2N group with the following + characteristics. This group is assigned id 4 (four). The curve is + based on the Galois Field GF[2^185]. The field size is 185. The + irreducible polynomial for the field is: + u^185 + u^69 + 1. The + equation for the elliptic curve is: + y^2 + xy = x^3 + ax^2 + b. + + Field Size: 185 + Group Prime/Irreducible Polynomial: + 0x020000000000000000000000000000200000000000000001 + Group Generator One: 0x18 + Group Curve A: 0x0 + Group Curve B: 0x1ee9 + Group Order: 0X01ffffffffffffffffffffffdbf2f889b73e484175f94ebc diff --git a/vorlesungen/slides/a/ecc/operation.tex b/vorlesungen/slides/a/ecc/operation.tex new file mode 100644 index 0000000..61ef95d --- /dev/null +++ b/vorlesungen/slides/a/ecc/operation.tex @@ -0,0 +1,68 @@ +% +% operation.tex -- Gruppen-Operation auf einer elliptischen Kurve +% +% (c) 2021 Prof Dr Andreas Müller, OST Ostschweizer Fachhochschule +% +\bgroup +\begin{frame}[t] +\setlength{\abovedisplayskip}{5pt} +\setlength{\belowdisplayskip}{5pt} +\frametitle{Gruppenoperation} +\vspace{-20pt} +\begin{columns}[t,onlytextwidth] +\begin{column}{0.40\textwidth} +\begin{center} +\includegraphics[width=\textwidth]{../../buch/chapters/90-crypto/images/elliptic.pdf} +\end{center} +\vspace{-23pt} +\uncover<8->{% +\begin{block}{Verifizieren} +\begin{enumerate} +\item<9-> Assoziativ? +\item<10-> Neutrales Element $\mathstrut=\infty$ +\item<11-> Involution = Inverse? +\end{enumerate} +\end{block}} +\end{column} +\begin{column}{0.56\textwidth} +\begin{block}{Gerade} +$g_1,g_2\in G$, $t\in \Bbbk$ +\begin{align*} +g(t) +&= +tg_1+(1-t)g_2 +\\ +\uncover<2->{ +\begin{pmatrix}X(t)\\Y(t)\end{pmatrix} +&= +t\begin{pmatrix}x_1\\y_1\end{pmatrix} ++ +(1-t)\begin{pmatrix}x_2\\y_2\end{pmatrix} +\in\Bbbk^2 +} +\end{align*} +\end{block} +\vspace{-13pt} +\uncover<3->{% +\begin{block}{3. Schnittpunkt} +$g(t)$ einsetzen in die elliptische Kurve +\[ +p(t) += +Y(t)^2+X(t)Y(t)-X(t)^3-aX(t)-b=0 +\] +\vspace{-12pt} +\begin{enumerate} +\item<4-> +kubisches Polynom mit Nullstellen $t=0,1$ +\item<5-> +$p(t) $ ist durch $t(t-1)$ teilbar +\item<6-> +$p(t) = t(t-1)(Jt+K)=0 +\uncover<7->{\Rightarrow t=-K/J$} +\end{enumerate} +\end{block}} +\end{column} +\end{columns} +\end{frame} +\egroup diff --git a/vorlesungen/slides/a/ecc/prime1.txt b/vorlesungen/slides/a/ecc/prime1.txt new file mode 100644 index 0000000..eb4515d --- /dev/null +++ b/vorlesungen/slides/a/ecc/prime1.txt @@ -0,0 +1,5 @@ + 15 52518 09230 07089 35130 91813 12584 +81755 63133 40494 34514 31320 23511 94902 96623 99491 02107 +25866 94538 76591 64244 29100 07680 28886 42291 50803 71891 +80463 42632 72761 30312 82983 74438 08208 90196 28850 91706 +91316 59317 53674 69551 76311 98433 71637 22100 72105 77919 diff --git a/vorlesungen/slides/a/ecc/prime2.txt b/vorlesungen/slides/a/ecc/prime2.txt new file mode 100644 index 0000000..13458fb --- /dev/null +++ b/vorlesungen/slides/a/ecc/prime2.txt @@ -0,0 +1,8 @@ + 1797 69313 +48623 15907 70839 15679 37874 53197 86029 60487 56011 70644 +44236 84197 18021 61585 19368 94783 37958 64925 54150 21805 +65485 98050 36464 40548 19923 91000 50792 87700 33558 16639 +22955 31362 39076 50873 57599 14822 57486 25750 07425 30207 +74477 12589 55095 79377 78424 44242 66173 34727 62929 93876 +68709 20560 60502 70810 84290 76929 32019 12819 44676 27007 + diff --git a/vorlesungen/slides/a/ecc/primes b/vorlesungen/slides/a/ecc/primes new file mode 100644 index 0000000..3feea29 --- /dev/null +++ b/vorlesungen/slides/a/ecc/primes @@ -0,0 +1,13 @@ +#! /bin/bash +# +# primes +# +# (c) 2021 Prof Dr Andreas Müller, OST Ostschweizer Fachhochschule +# +bc <<EOF +ibase=16 +FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF + +FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF + +EOF diff --git a/vorlesungen/slides/a/ecc/quadrieren.tex b/vorlesungen/slides/a/ecc/quadrieren.tex new file mode 100644 index 0000000..942c73b --- /dev/null +++ b/vorlesungen/slides/a/ecc/quadrieren.tex @@ -0,0 +1,59 @@ +% +% quadrieren.tex -- Quadrieren +% +% (c) 2021 Prof Dr Andreas Müller, OST Ostschweizer Fachhochschule +% +\bgroup +\begin{frame}[t] +\setlength{\abovedisplayskip}{5pt} +\setlength{\belowdisplayskip}{5pt} +\frametitle{Quadrieren} +\vspace{-20pt} +\begin{columns}[t,onlytextwidth] +\begin{column}{0.40\textwidth} +\begin{block}{Problem} +\( g = g_1 = g_2 \) +$\Rightarrow$ +Tangente +\\ +\uncover<2->{{\color{red}ohne Analysis!}} +\end{block} +\begin{center} +\includegraphics[width=\textwidth]{../../buch/chapters/90-crypto/images/elliptic.pdf} +\end{center} +\end{column} +\begin{column}{0.56\textwidth} +\uncover<3->{% +\begin{block}{Lösung} +Finde $h\in G$ derart, dass +\begin{align*} +g(t) +&= +tg + (1-t)h +\\ +\uncover<4->{% +\begin{pmatrix}X(t)\\Y(t)\end{pmatrix} +&= +t\begin{pmatrix}x_g\\y_g\end{pmatrix} ++(1-t) \begin{pmatrix}x_h\\y_h\end{pmatrix} +} +\end{align*} +\uncover<5->{eingesetzt +\[ +p(t) += +Y(t)^2+X(t)Y(t)-X(t)^3-aX(t)-b += +0 +\]}% +\uncover<6->{% +Nullstellen $0$ (doppelt) und $1$ hat:} +\[ +\uncover<7->{p(t) = c(t^3-t)} +\] +\uncover<8->{Koeffizientenvergleich: einfachere Gleichungen für $x_h$ und $y_h$} +\end{block}} +\end{column} +\end{columns} +\end{frame} +\egroup diff --git a/vorlesungen/slides/test.tex b/vorlesungen/slides/test.tex index 8a7c0a7..bc1744b 100644 --- a/vorlesungen/slides/test.tex +++ b/vorlesungen/slides/test.tex @@ -9,10 +9,11 @@ %\folie{a/dc/beispiel.tex} %\folie{a/ecc/gruppendh.tex} -\folie{a/ecc/kurve.tex} -\folie{a/ecc/inverse.tex} -%\folie{a/ecc/operation.tex} -%\folie{a/ecc/quadrieren.tex} +%\folie{a/ecc/kurve.tex} +%\folie{a/ecc/inverse.tex} +\folie{a/ecc/operation.tex} +\folie{a/ecc/quadrieren.tex} +\folie{a/ecc/oakley.tex} %\folie{a/aes/bytes.tex} %\folie{a/aes/blockes.tex} |