## ECC: Elliptic-Curve Cryptography

In contrast to Symmetric Key schemes such as AES (Advanced Encryption Standard), the asymmetric key scheme contains a key pair, the public key, and the private key. This is also known as public key cryptography.

**Asymmetric Key**

Complex mathematical problems underpin the asymmetric key construction, which allows the private key to derive a corresponding public key easily while keeping reverse computation infeasible. Several popular cryptographic schemes have been constructed using the mathematical relation between the public and private keys, such as a digital signature or a key agreement.

**ECC Standards**

The elliptic curve cryptography (ECC) is an asymmetric key tool based on the elliptic curve discrete logarithm problem (ECDLP). SEC 1 presents the ECC-based signature scheme, encryption and key transport scheme, and key agreements scheme. To assist others with adopting the ECC, SEC 2 proposed 15 domain parameters categorized into five security levels: 80-bit, 112-bit, 128-bit, 192-bit, and 256-bit.

**Classical Public key Cryptography**

RSA and Diffie-Hellman-Merkle are the first two public key constructions. RSA is based on the integer factorization problem, and Diffie-Hellman-Merkle is based on the finite field discrete logarithm problem (DLP). Due to the existence of sub-exponential time algorithms solving these problems, the key size of these two public key systems is longer than the ECC key size. The ECC cryptography therefore is considered a natural modern successor of RSA and Diffie-Hellman-Merkle, due to the smaller keys and signatures producing the same level of security, while also providing faster key generation, key agreement, and signatures.

**SM2**

SM2 is a bunch of ECC standards proposed by China. It defines an ECC-based digital signature scheme, an encryption scheme, and a Key exchange scheme. In addition, it also presents its own domain parameters of security level 128-bit, which is different from those in SEC 2.

**PUFcc-provided ECC Functions**

PUFcc Crypto Coprocessors implements the big number arithmetic computation as the building block for ECC-based cryptographic operations. Additionally, the private key blinding technique can be introduced to the ECC operations to resist a side-channel attack on private key related calculations. Based on the underlying mathematical computation, PUFcc also supports the generation of an ECC private key and public key, the validation of a public key, the elliptic curve digital signature algorithm (ECDSA) elliptic curve Diffie-Hellman (ECDH), and SM2-related functions. These implementations are all certified by NIST CAVP and the office of the state commercial cryptography administration (OSCCA).