Can replace finite fields, i.e. they work in any algorithm that just needs a Commutative Group

We learned about asymmetric cryptography over integers mod $P$ but in fact most asymmetric cryptography works over any commutative group.

Motivation

Diffie-Hellman Key Exchange DHKCE hardness relies on DLP, and the most performant attack on DLP is Index Calculus, which only works in $\mathbb{Z}/p$ so the motivation for finding another group we can work in is strong.

%%🖋 Edit in Excalidraw%%

There is no relation/compatibility between the curve and the field it is defined in.

Addition

$R_x = m^2 - P_x - Q_x$ $R_y = P_y + m(R_x - P_x)$ If doubling a point, then no gradient, so use tangent at the point: $m = \frac{3 P_x^2+a}{2 P_y}$

DLP In ECC

%%🖋 Edit in Excalidraw%%