**Public-key cryptography**based on the concept of**elliptic curves**over**finite fields**.**Smaller key size**, relative to RSA.My

**PGP**software uses a**2048-bit RSA**(Rivest–Shamir–Adleman)**key**.To crack my

**PGP key**, an attacker needs to expend the same amount of energy as**bringing the Mediterranean sea to boil**.

My

**Ledger Nano X**uses a**256-bit ECC key**.To crack my

**Ledger Nano X key**, an attacker needs to expend the same amount of energy as**bringing all the water on Earth to boil**.

ECC offers 400 times more security with a key that is 8 times smaller.

Schematically, with the current knowledge.

Difficulty increases with larger curves.

Widely used for

**digital-signatures**and**key-exchange**.Secures HTTPs connections (on modern browsers).

**google.com**uses the**elliptic curve secp256r1**, with key-size of**256 bits**.**twitter.com**uses**RSA**, with key-size of**2048 bits**.

Bitcoin.

**Military-grade technology**®Cryptography was once part of the United State Munitions List (USML).

An elliptic curve follows the general equation of $y^2 = x^3 + ax + b$ .

The above general equation is only for a particular family of elliptic curves called **Weierstrass curves**. There are several other forms that are also elliptic, but outside the scope of our study.

**Turtle curve** is used in Bitcoin, Ethereum, and Zcash. **Starfish curve** is used in Tendermint, Stellar, and Monero.

The figures above present elliptic curves over real numbers Field (R). This is convenient to get a visual understanding of what an elliptic curve is, mathematically speaking. For several reasons, the elliptic curves used in the case of ECC are defined over Finite Fields. The figure below is a more accurate representation of the elliptic curve actually used for ECC.

For an elliptic curve to be used for meaningful cryptography, they should also have the following two properties:

**Non-singularity**→ should not have cusps or points of self-intersections. $4a^3 + 27b^2 \neq 0$**Projective**→ a line between two points will always intersect a third point.

**Supports 256-bit integer math.**Python simply regards everything as an unbounded number.

**Allows easy modular exponentiation.**`pow()`

is handy, and can also deal with negative exponents. No need to memorise Fermat's Little Theorem.New in Python 3.8

**Easy to read.**Cryptographic algorithms should be secure even if the attacker can read them. Security should not be by obscurity.

Good language to write reference implementations in. Ethereum's reference implementation is written in Python.

**Expressive.**Thanks to Python's magic methods, we can express finite field math using ordinary mathematical operators.

**I**❤**Python.**You can get a lot of people excited about traditionally opaque technology, just by

**thinking in Python**.

Lenstra, Arjen K., Thorsten Kleinjung, and Emmanuel Thomé. "Universal security." Number theory and cryptography. Springer, Berlin, Heidelberg, 2013. 121-124. https://eprint.iacr.org/2013/635.pdf

**Complete code samples for the rest of the workshop:**https://gist.github.com/onyb/cf795c819fdf8aa6015de2772fde24de