Analysis of possibility to use El Gamal algorithm with deterministic embedding for key encapsulation
DOI:
https://doi.org/10.30837/rt.2020.1.200.18Keywords:
key encapsulation algorithm, El Gamal algorithm, elliptic curveAbstract
Suppose some parties, A and B, use some symmetrical encryption algorithm (for example, AES) to encrypt their messages from A to B and from B to A. They get their secret keys from some Trusted Authority (ТА). TA generates keys and then delivers them to correspondent users. The simplest and, may be, the optimal way to deliver the secret key to user A is to encrypt it (using some asymmetrical encryption algorithm) with A’s public key and then to send it to A via public channel. Such procedure is called “key encapsulation”.
Key encapsulation algorithms are widely used in the modern cryptography and represented in national and ISO/IEC standards of key encapsulations. Building the key encapsulation algorithm, which may be used as a national standard, is an actual problem nowadays. Ukrainian cryptographers are also working on such standard. Modified Elliptic Curve Integrated Encryption Scheme (ECIES), included in the ANSI X9.63, ISO/IEC 18033-2, IEEE 1363a and SECG SEC1 standards, was used in the project of national standard for key encryption.
In this article we propose some alternative encryption algorithm on elliptic curve which also may be used for this purpose.
Generally speaking we can use arbitrary asymmetric encryption algorithm for key encapsulation. One of the simplest and preferable algorithms is El Gamal encryption algorithm. To use this algorithm on elliptic curve, we need algorithms for embedding key into point on elliptic curve and for retrieving it back. Several lines of work in both the number theory and cryptography literature have considered the problem of deterministically mapping field element to point on elliptic curve. However, only probabilistic algorithms of such embedding existed until 2016, when deterministic algorithm for hash embedding was proposed. But key embedding is much more complicated procedure than hash embedding, because the correspondent mapping must be bijection.
In what follows we describe how this algorithm for key embedding can be built and then discuss the problems that appear if we want to use it in key encapsulation.
References
СТБ 34.101.45-2013 Информационные технологии и безопасность. Алгоритм электронной цифровой подписи и транспорта ключа на основе эллиптических кривых. Available via https://apmi.bsu.by/resources/std.html/.
ISO/IEC 18033-2:2006 Information technology – Security techniques – Encryption algorithms / Part 2: Asymmetric ciphers.
Проект національного стандарту Інформаційні технології. Криптографічний захист інформації. Алго-ритм шифрування коротких повідомлень, що ґрунтується на скручених еліптичних кривих Едвардса. Available via http://crypton.ua/images/Проект_стандарту.pdf
V. Shoup. A Proposal for an ISO Standard for Public Key Encryption. Preprint, December 2001. Available via https://www.shoup.net/papers/iso-2.pdf
Wenbo Mao. Modern Cryptography: Theory and Practice. PrenticeHall, 2003. 707 p.
Wahby Riad S. and Dan Boneh. Fast and simple constant-time hashing to the BLS12-381 elliptic curve // IACR Cryptologye Print Archive. 2019. 403 p.
P. van Oorschot S. Vanstone, A. Menezes. Handbook of Applied Cryptography. CRC Press, 1996.
W. Diffie, M. Hellman. New directions in cryptography // IEEE Trans. Inform. Theory. 1976. Vol. IT-22. P. 472-492.
Neal Koblitz. Elliptic Curve Cryptosystems. January 1987. Vol. 48. Number 177. P. 203-209.
Downloads
How to Cite
Issue
Section
License
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).