Point compression

In Elliptic Curve Cryptography (ECC), public keys are points on elliptic curves. An elliptic curve point is a point in a two-dimensional space.

Standards such as FIPS 186-2 (identical to ANSI X9.62) and IEEE 1363-2000 define the following three different representations (each in byte array format) of elliptic curve points:

  • Uncompressed
  • Hybrid
  • Compressed

The uncompressed point representation uses the usual ordered-pair representation specifying both x and y coordinates.

The hybrid point representation uses ordered-pair representation with an extra bit that's used to specify the sign.

The compressed point representation requires only the x coordinate and a sign bit. Under this representation, the size of a public key is compressed to nearly half the size of the uncompressed representation, saving memory and bandwidth.

The default behavior of Security Builder Crypto is to express public keys using the compressed point representation whenever it outputs a public key value. Any of the three elliptic curve point representations are accepted for public key input.

Changing the input policy and output format

You can change the default mode and policy for ECC public key representation for each parameter object.

The setting of the mode determines both the output format and acceptable input format of ECC public keys. The policy settings determine whether to accept ECC public keys in any representation, or to reject representations other than the one that's specified for the input/output mode.

For example, assuming an appropriate ECC parameter object, params, has been created, the following function call means that ECC public keys are output in uncompressed format and that any representation is accepted for input:

Not applicable

hu_ECCParamsModeSet( SB_ECC_COMPRESSION_OFF,
                     SB_ECC_POINT_INPUT_ACCEPT, 
                     params, 
                     globalCtx );                           
            
hu_ECCParamsModeSet( SB_ECC_COMPRESSION_OFF,
                     SB_ECC_POINT_INPUT_ACCEPT, 
                     params, 
                     globalCtx );
            

The following function call means that ECC public keys are output in compressed format and that only compressed points are accepted for input:

Not applicable

hu_ECCParamsModeSet( SB_ECC_COMPRESSION_ON,
                     SB_ECC_POINT_INPUT_REJECT, 
                     params, 
                     globalCtx );                           
            
hu_ECCParamsModeSet( SB_ECC_COMPRESSION_ON,
                     SB_ECC_POINT_INPUT_REJECT, 
                     params, 
                     globalCtx );
            

Last modified: 2015-07-24



Got questions about leaving a comment? Get answers from our Disqus FAQ.

comments powered by Disqus