Analysis of possibility to use El Gamal algorithm with deterministic embedding for key encapsulation

Authors

  • O.V. Tsygankova

DOI:

https://doi.org/10.30837/rt.2020.1.200.18

Keywords:

key encapsulation algorithm, El Gamal algorithm, elliptic curve

Abstract

Suppose some parties, A and B, use some symmetrical encryption algorithm (for example, AES) to encrypt their messages from A to B and from B to A. They get their secret keys from some Trusted Authority (ТА). TA generates keys and then delivers them to correspondent users. The simplest and, may be, the optimal way to deliver the secret key to user A is to encrypt it (using some asymmetrical encryption algorithm) with A’s public key and then to send it to A via public channel. Such procedure is called “key encapsulation”.
Key encapsulation algorithms are widely used in the modern cryptography and represented in national and ISO/IEC standards of key encapsulations. Building the key encapsulation algorithm, which may be used as a national standard, is an actual problem nowadays. Ukrainian cryptographers are also working on such standard. Modified Elliptic Curve Integrated Encryption Scheme (ECIES), included in the ANSI X9.63, ISO/IEC 18033-2, IEEE 1363a and SECG SEC1 standards, was used in the project of national standard for key encryption.
In this article we propose some alternative encryption algorithm on elliptic curve which also may be used for this purpose.
Generally speaking we can use arbitrary asymmetric encryption algorithm for key encapsulation. One of the simplest and preferable algorithms is El Gamal encryption algorithm. To use this algorithm on elliptic curve, we need algorithms for embedding key into point on elliptic curve and for retrieving it back. Several lines of work in both the number theory and cryptography literature have considered the problem of deterministically mapping field element to point on elliptic curve. However, only probabilistic algorithms of such embedding existed until 2016, when deterministic algorithm for hash embedding was proposed. But key embedding is much more complicated procedure than hash embedding, because the correspondent mapping must be bijection.
In what follows we describe how this algorithm for key embedding can be built and then discuss the problems that appear if we want to use it in key encapsulation.

References

СТБ 34.101.45-2013 Информационные технологии и безопасность. Алгоритм электронной цифровой подписи и транспорта ключа на основе эллиптических кривых. Available via https://apmi.bsu.by/resources/std.html/.

ISO/IEC 18033-2:2006 Information technology – Security techniques – Encryption algorithms / Part 2: Asymmetric ciphers.

Проект національного стандарту Інформаційні технології. Криптографічний захист інформації. Алго-ритм шифрування коротких повідомлень, що ґрунтується на скручених еліптичних кривих Едвардса. Available via http://crypton.ua/images/Проект_стандарту.pdf

V. Shoup. A Proposal for an ISO Standard for Public Key Encryption. Preprint, December 2001. Available via https://www.shoup.net/papers/iso-2.pdf

Wenbo Mao. Modern Cryptography: Theory and Practice. PrenticeHall, 2003. 707 p.

Wahby Riad S. and Dan Boneh. Fast and simple constant-time hashing to the BLS12-381 elliptic curve // IACR Cryptologye Print Archive. 2019. 403 p.

P. van Oorschot S. Vanstone, A. Menezes. Handbook of Applied Cryptography. CRC Press, 1996.

W. Diffie, M. Hellman. New directions in cryptography // IEEE Trans. Inform. Theory. 1976. Vol. IT-22. P. 472-492.

Neal Koblitz. Elliptic Curve Cryptosystems. January 1987. Vol. 48. Number 177. P. 203-209.

Downloads

How to Cite

Tsygankova, O. (2020). Analysis of possibility to use El Gamal algorithm with deterministic embedding for key encapsulation. Radiotekhnika, 1(200), 201–205. https://doi.org/10.30837/rt.2020.1.200.18

Issue

Section

Articles