Learning about 521-bit elliptic-curve Diffie-Hellman cryptography, or 521-bit ECC for short, is best done by learning what it was built upon. ECC encryption is very complicated math, and it’s easier if we start at the beginning of how cryptography started.
If you already have a good handle on encryption, skip ahead to the part on 521-bit ECC right now. If not, take the time to learn about how encryption started in a very basic way, to its evolution during World War II, to what it had to become thanks to modern computing power. This will help you better understand encryption in general before examining ECC.
The basics of cryptography
The earliest known use of any type of encryption was used by Julius Caesar, hence why it is known as the Caesar Cypher. It is what is called a substitution cipher as everything is written in plain text but with the letters all shifted in one direction. Here’s a very basic example:
While it is indeed that old, it is still the very basis of all cryptography as everything is some sort of substitution cipher. A cipher this easy, however, is pretty easy to break because of how the English language is built. Patterns quickly emerge with simple shifts like the Caesar Cipher. Here is some text I will encrypt so that you can see the weakness for yourself:
I will attack the bad guys at noon.
Here is that same message with a Caesar Cipher shift of four, this text is known as “ciphertext”:
m ampp exxego xli feh kycw ex rssr.
The first problem is the double letters are easy to see and know to try the only double letter combinations in the English language. In this case you could find that “pp” is “ll”, “xx” is “tt”, and “ss” is “oo”, thus defeating this cipher rather quickly as any cryptographer would know to shift the rest of the letters by four and break the code.
For longer messages, there is also the frequency problem with the letter “e”. It appears so often any decent cryptographer can easily figure out a message from finding where the letter “e” is by simply counting how often letters show up and assuming that the one which is most often is “e”. Once they know how “e” is being handled they know how the rest of the letters are being handled.
The next step in cryptography
With this form of encryption being so easy to beat by hand, a new system was needed. It took a major war for this to happen, and the worst one of all at that: World War II brought about the ‘unbreakable’ Enigma machine of Nazi Germany.
The next step was to make it so the ciphertext had a different shift for each letter. This was done by the Nazis using a series of three rotating rotors which changed for each letter, as well as a switchboard that swapped pairs. Here’s an explanation:
This machine was capable of an astronomical number of combinations that you’d have to try to break the code manually. To be exact, there were:
158,962,555,217,826,360,000 combinations
It wasn’t unbreakable thanks to the work of Alan Turing and Gordon Welchman, but it certainly will not work with the advent of modern computers. 158 trillion + combinations is a nightmare for a human to manually figure out, but AI was recently used to break an Enigma message in 13 minutes at a cost of $7. With encryption being used to store everything from passwords and banking details, to our very basic communications, another step needed to be taken.
How modern encryption works
Above we looked at turning a simple message into an encrypted form:
I will attack the bad guys at noon.
Became this with a four letter Caesar Cipher shift:
m ampp exxego xli feh kycw ex rssr.
Now let’s see what happens to the unencrypted text when we apply modern AES 256 bit encryption to this message:
9T5v3IPGKYpy2E/VDqyUkUeqHNA1oON3GXBmIS6IYrDHzK30QUAqRjb7J9LVkzsV
It’s not even the same number of letters, and there are now numbers in it…hey, where did all of the spaces go?!? Modern encryption has to encrypt everything, and that means everything. Any pattern could be figured out by the right software being written, so spaces are encrypted along with the letters and numbers to further obscure what is being encrypted.
There are no known ways to break AES encryption. It is solid, and the only real hope anyone could have of breaking it is with a brute force hack which guesses the encryption key repeatedly until the right one is found. Here’s an all-new message encrypted with AES 256:
/qnSZb/VfHYFYp+em8bnoHl6eGExDEeFI3yZnZQ+eIA=
Try to guess that message using the same principles as the Caesar Cipher, or even the Enigma. It could take you centuries even with the most modern computers, and even then all you’d get is the encrypted catchphrase of a certain Marvel hero!
Try it for yourself using this tool’s decryption and my settings, which are the ‘key’ to unlocking this:
- Input: Base64
- Mode: ECB
- Key size: 256
- Secret key: 12345678912345678912345678956789
Put those setting in here and you will get the message which is revealed at the end of this article. It looks like a jumbled meaningless mess right now—and that’s the point—but you can decrypt it and see the secret message.
Modern encryption practices
Now that we’ve worked up to the era of computers we need to start thinking about how the key is shared. The Nazis had a schedule they followed daily on ‘key’ sheets issued every month on how to set up their Enigma for that day, and these sheets would be captured on occasion. The threat of the ‘key’ being captured is an even bigger issue in an online context as the key will be shared along with the message, leading to more key thefts.
Encryption has two basic forms of key sharing in the computing era. The first is symmetric encryption, and it works like this:
- A sender puts a message in a box.
- The box is locked with a key and sent through normal channels.
- The box is received by the intended recipient.
- The receiver uses the same key as the sender to open the box.
This is the most popular type of encryption, with many encryption algorithms using this method. AES is probably the most well known, and Sky uses AES 256 bit to encrypt metadata on Sky ECC. Here’s a diagram which visually explains symmetric encryption:
The Nazis used a monthly schedule of how to set up the Enigma machine as it changed from day to day. This is also an example of a symmetric key. If you look at symmetric encryption logically you know that there’s a flaw in it—the sharing of the key and how it could be intercepted. This lead to the next development in encryption algorithms.
Asymmetric encryption
The development of a new model was needed for enhanced security in today’s modern age. This model is called asymmetric encryption:
- The receiver sends an open box to the sender.
- The receiver keeps the key to the open box.
- The sender places their message in the open box and locks it.
- The box is sent to the receiver who opens it back up with the key they kept.
The difference here is that the complete key never has to be sent with the message. This has become a very popular type of encryption, most notable in the SSL/TLS encryption standard which powers most browser traffic, but also in ECC which we use to encrypt messages on our Sky ECC phones.
Here’s a slightly more complicated look at how asymmetric encryption works with the ‘open box’ replaced by the idea of private and public keys. Anyone can see the public key, but only those who know the private key can decrypt it. Who has the private key? The receiver who sent the ‘box’.
In an online context, not using encryption of any kind is like walking around with a sign above your head with your information written on it. This ‘sign’ in the virtual world could include your name, address, credit card data, banking information, passwords, and any other data you would rather keep secure. Encryption, either symmetric or asymmetric, protects this data.
521-bit elliptic-curve Diffie-Hellman cryptography
All of the above was included because 521-bit elliptic-curve cryptography with Diffie-Hellman key exchange (ECDH) uses all of the above principles in some manner. This is the next step in the chain of encryption’s growth, and understanding what came before helps you understand what’s going on now with elliptic-curve cryptography (ECC).
The first thing to learn about ECC is this:
- It is an asymmetric form of key exchange.
- ECC offers the same strength of key size as other system with much smaller key sizes.
- Smaller key sizes allow for faster encryption.
- 521-bit ECC offers the same strength as 15,360 RSA, while 2048 RSA is the current standard.
Next is that it uses the properties of how a line passes through an elliptical curve for the basis of its encryption algorithm. Here’s an example of what an elliptic curve looks like:
To get more complicated, going on a point of A -> B on an elliptic curve is very easy for computers, going the opposite way B -> A is very hard. This forms the basics of why ECC is powerful for cryptography as it’s very fast to do one way, but very difficult to do the other way. Reading back, this is the basis of encryption since the very first example.
Discrete Logarithm Problem
This difficulty above means that messages are very hard to decrypt without the right key. To be technical, this is called the Discrete Logarithm Problem. It exists because multiplication is very fast, but ‘division’ (logarithm being a word which roughly means division) is very slow.
This can be easily explained by the following video:
It’s easy to combine two colours to get a third colour, and that can be intercepted by a third-party, but it’s very hard to turn that combined colour back into its original two colours. It’s easy to go from A -> B, but difficult to go from B -> A.
ECC is used for Sky ECC phones as it’s been around long enough to be studied and known as secure, uses asymmetric key exchange for higher security, has small key sizes for faster processing, and computers can do it easily but not ‘un-do’ it easily.
Comparing 521-bit ECC to RSA
The current standard used across the internet is RSA. The standard bit length used for RSA at this time is 2048, but this shifts as our need for stronger encryption increases. Both ECC and RSA are asymmetric algorithms, but they differ greatly in key sizes. Here’s a comparison table:
As you can see, ECC’s smaller key sizes are far superior to AES-256, while still being as strong or stronger.
521-bit ECC is future-proofed against coming cryptographic changes, as they’ve came along for centuries as we’ve seen above, and can protect you for decades to come. Why 521-bit ECC is used for Sky ECC is that ECC is a much faster type of cryptography for larger key sizes than anything else currently used. This has a number of benefits for Sky ECC:
- Speed: Considering that Sky ECC is a mobile app, speed is of the essence. Chat responses would be slower with a key size that takes security to the level which our users deserve…much slower.
- Security: Being fast is easy, but being fast and secure is very hard. Given the small size of the keys which ECC generates, and the quick speed at which these large and difficult keys are decrypted by those with the key, it can be said that it is magnitudes more secure than that which is standard for online banking.
How many magnitudes more secure? What a great question. Let’s look at what banking uses and how it compares to ECC:
- RSA 2048-bit keys are secure enough for online banking.
- RSA 2048-bit keys are equivalent to 224-bit ECC keys.
- 521-bit ECC keys are the same strength as RSA 15,360-bit keys.
521 bit ECC uses key sizes 7.5 times smaller than the RSA standard while offering encryption that is magnitudes more secure. An RSA 2048-bit key is secure enough for online banking, but a 521-bit ECC key is the equivalent of a 15,360-bit RSA key.
Messages being sent over Sky ECC are more secure, and much faster, than their equivalent in RSA. Let’s list the other ways ECC is superior to RSA:
- Faster key generation
- Keys, ciphertext, and signatures are all smaller
- Encryption and decryption is faster
- US government better supports ECC
- Much lower latency than inverse throughput thanks to two-stage signature computation
This all adds up to Sky ECC customers being more secure with less computational power needed, which is vital for secure communications on a mobile phone.
ECC is the future of encryption
ECC is the future of encryptionECC is the encryption standard of the future, and you don’t have to take our word for it as the NSA stated in their paper “The Case for Elliptic Curve Cryptography” in 2005:
“The best assured group of new public key techniques is built on the arithmetic of elliptic curves. This paper will outline a case for moving to elliptic curves as a foundation for future Internet security.”
This was stated over 14 years ago and it still holds true today as experts see higher-level ECC lasting until well beyond 2030.
We’ve come a long way since Caesar’s Cipher, to the Enigma machine, to today’s most innovative forms of encryption. Now, with the coming of advanced hacking and computational power, 521-bit ECC is the surest way to stay safe today and into the future.