# CSC312 - Computer Security and Cryptography

### Assignment ECC

## Name: Almotasem malik

### ID: 4211204

#### SubGroup: B1

--------------------------------------------------------------------------------

###### 1. Introduction to ECC: Provide a brief overview of Elliptic Curve Cryptography, explaining the underlying mathematics and its significance in modern cryptography 

### 2. Elliptic Curve Operations: Implement Python functions for the following ECC operations:
    
    a. Point Addition: Create a function add_points(P, Q, a, p) that takes two points P and Q on an elliptic curve with             parameters a and p and computes the sum P + Q.
    
    

In [56]:
import ecpy
from random import randint
# Global curve parameters
a = 1  
b = 3 
p = 223 # Elliptic curve modulus 

# Base point
G = (5, 7)


In [57]:
#P: A point on the elliptic curve as a tuple (x, y).
#Q: Another point on the elliptic curve as a tuple (x, y).
#a: The curve parameter "a".
#p: The prime field modulus.

def add_points(P, Q, a, p):
    x1, y1 = P
    x2, y2 = Q
    if P == Q:
        return double_point(P, a, p)
    elif x1 == x2 and (y1 + y2) % p == 0:
        return None  # Point at infinity
    else:
        m = (y2 - y1) * pow(x2 - x1, -1, p) % p
        x3 = (m**2 - x1 - x2) % p
        y3 = (m * (x1 - x3) - y1) % p
        return (x3, y3)


    b. Point Doubling: Create a function double_point(P, a, p) that takes a point P on an elliptic curve with parameters           a and p and computes the point doubling 2P.
  
   

In [58]:
# P (tuple): A point (x, y) on the elliptic curve. 
# a (int): Coefficient of the elliptic curve.
# p (int): Prime specifying the finite field.
# Doubles a point P on an elliptic curve y^2 = x^3 + ax + b over a finite field of prime order p.

def double_point(P, a, p):
    if P == 0: 
        return P
    
    x1, y1 = P

    lam = ((3 * (x1 ** 2)) + a) * pow(2 * y1, -1, p)
    x3 = (lam ** 2 - 2 * x1) % p
    y3 = (lam * (x1 - x3) - y1) % p

    return (x3, y3)


    c. Scalar Multiplication: Implement a function scalar_multiply(k, P, a, p) that computes the scalar multiplication kP on an elliptic curve with parameters a and p

In [59]:
# k (int): Scalar value to multiply.
# P (tuple): A point (x, y) on the elliptic curve.
# a (int): Coefficient of the elliptic curve. 
# p (int): Prime specifying the finite field.

def scalar_multiply(k, P, a, p):    
    R = 0
    for i in bin(k)[2:]: 
        R = double_point(R, a, p)  
        
        if i == "1":
            R = add_points(R, P, a, p)

    return R

    3. Key Generation: Implement a function generate_key_pair() that generates a public-private key pair using ECC. Display the generated keys.

In [60]:
def generate_key_pair():
    priv_key = random.randint(1, p-1) 
    pub_key = scalar_multiply(priv_key, G, a, p)
    print("Private key:", priv_key)
    print("Public key:", pub_key)
    return (priv_key, pub_key)

    4. Key Exchange: Implement a simple key exchange protocol using ECC. Create functions sender_key_exchange(private_key, base_point, a, p) and receiver_key_exchange(public_key, received_point, a, p) to demonstrate key exchange.

In [61]:
def sender_key_exchange(private_key, base_point, a, p):
    shared_secret = scalar_multiply(private_key, base_point, a, p)
    return shared_secret

def receiver_key_exchange(public_key, received_point, a, p):
    shared_secret = scalar_multiply(private_key, public_key, a, p) 
    return shared_secret

    5. Digital Signature: Implement a basic digital signature scheme using ECC. Create functions sign_message(message, private_key, base_point, a, p) and verify_signature(message, signature, public_key, base_point, a, p).

In [62]:
def sign_message(message, private_key, base_point, a, p):
    hash_val = int(hashlib.sha256(message.encode()).hexdigest(), 16)
    signature = scalar_multiply(private_key, base_point, a, p)
    return signature
    
def verify_signature(message, signature, public_key, base_point, a, p):
    hash_val = int(hashlib.sha256(message.encode()).hexdigest(), 16) 
    verified = scalar_multiply(hash_val, base_point, a, p)
    return verified == signature

    6. Testing: Write test cases to ensure the correctness of your ECC operations, key generation, key exchange, and digital signature functions

In [66]:
import unittest

class ECCTest(unittest.TestCase):

    def add_points(self):
        P = (1, 2)
        Q = (3, 4)
        R = (4, 5)
        sum = add_points(P, Q, a, p)
        self.assertEqual(sum, R)

        P = (100, 200) 
        Q = (100, 300) 
        R = O   
        sum = add_points(P, Q, a, p)
        self.assertEqual(sum, R)  

    def double_point(self):
        P = (2, 5)
        R = (112, 32)
        doubled = double_point(P, a, p)  
        self.assertEqual(doubled, R)

    def scalar_multiply(self):
        d = 123  
        P = (100, 300)
        expected = (13, 193)
        R = scalar_multiply(d, P, a, p)
        self.assertEqual(R, expected)

    def generate_key_pair(self):
        priv, pub = generate_key_pair()
        self.assertTrue(1 <= priv <= p-1) 
        res = scalar_multiply(priv, G, a, p)
        self.assertEqual(res, pub)

    # And so on for other functions
    
if __name__ == '__main__':
    unittest.main()

E
ERROR: C:\Users\user\AppData\Roaming\jupyter\runtime\kernel-d675acb0-bfd4-4406-bbb1-9121c46f9787 (unittest.loader._FailedTest.C:\Users\user\AppData\Roaming\jupyter\runtime\kernel-d675acb0-bfd4-4406-bbb1-9121c46f9787)
----------------------------------------------------------------------
AttributeError: module '__main__' has no attribute 'C:\Users\user\AppData\Roaming\jupyter\runtime\kernel-d675acb0-bfd4-4406-bbb1-9121c46f9787'

----------------------------------------------------------------------
Ran 1 test in 0.001s

FAILED (errors=1)


SystemExit: True

  warn("To exit: use 'exit', 'quit', or Ctrl-D.", stacklevel=1)


**8. Discussion:**
   
   a. Discuss the advantages of ECC over other cryptographic techniques.
   


### a. Advantages of ECC over Other Cryptographic Techniques:

1. **Key Size and Computational Efficiency:**
   - ECC offers the same level of security with much smaller key sizes compared to traditional cryptographic techniques like RSA. Smaller key sizes result in faster computations, reduced bandwidth usage, and less storage requirements.
   - This is particularly beneficial in resource-constrained environments such as mobile devices and IoT devices where computational resources are limited.

2. **Bandwidth and Storage Efficiency:**
   - Smaller key sizes in ECC lead to shorter cryptographic messages, making it more bandwidth-efficient. This is crucial for applications like secure communication over networks, where minimizing data transfer is desirable.

3. **Faster Encryption and Decryption:**
   - ECC operations, such as key generation, encryption, and decryption, generally require fewer computational resources compared to algorithms like RSA. This results in faster cryptographic operations.

4. **Secure for the Foreseeable Future:**
   - ECC provides the same level of security as traditional methods but with smaller key sizes, making it more resistant to certain types of attacks. As computational power increases, ECC remains a viable option for secure communications.

5. **Perfect Forward Secrecy:**
   - ECC supports Perfect Forward Secrecy (PFS), ensuring that even if a long-term private key is compromised, past communications remain secure. This is crucial for maintaining the confidentiality of historical data.

6. **Lower Resource Usage:**
   - ECC algorithms require fewer computational resources in terms of both processing power and memory. This is advantageous in scenarios where resources are limited, such as in embedded systems or devices with low power consumption requirements.


------------------------------------------

   b. Highlight the efficiency and security aspects of ECC, especially in comparison to traditional methods.


### b. Efficiency and Security Aspects of ECC:

1. **Computational Efficiency:**
   - ECC operations, including key generation, encryption, and decryption, are computationally more efficient than their counterparts in traditional cryptographic algorithms. This efficiency is crucial in real-time applications and environments with limited processing capabilities.

2. **Reduced Storage Requirements:**
   - Smaller key sizes in ECC result in reduced storage requirements for keys. This is particularly important in scenarios where storage capacity is at a premium, such as in embedded systems, smart cards, and mobile devices.

3. **Resistance to Quantum Attacks:**
   - ECC is believed to be more resistant to quantum attacks compared to certain traditional cryptographic algorithms. Quantum computers could potentially break widely-used algorithms like RSA, but ECC algorithms have shown resilience against quantum attacks with the use of appropriate key sizes and algorithms.

4. **Security Strength vs. Key Size:**
   - ECC allows achieving a high level of security with relatively smaller key sizes compared to traditional methods. This is significant in environments where both security and efficiency are paramount.

5. **Key Exchange in Secure Communication:**
   - ECC-based key exchange protocols, such as Elliptic Curve Diffie-Hellman (ECDH), provide a secure way for parties to agree on a shared secret without compromising the private keys. This is crucial for establishing secure communication channels.

6. **Global Standardization:**
   - ECC is widely standardized and used in various security protocols and standards. This global acceptance contributes to its reliability and interoperability in different applications and systems.

