Forum

Challenge "ECDH-Key Exchange for Beginners"

Challenge "ECDH-Key Exchange for Beginners"  

  By: admin on Feb. 24, 2012, 12:02 a.m.

Alice and Bob would like to agree upon a shared key. They use an Elliptic Curve Diffie-Hellman (ECDH) key-exchange protocol. Try to reproduce the steps that are necessary to calculate the key and to decrypt Bob's message.
Read more...

 Last edited by: admin on Oct. 31, 2021, 2:55 a.m., edited 1 time in total.

Re: Challenge  

  By: fretty on Feb. 28, 2012, 11:52 p.m.

This challenge can be done without even touching elliptic curves! It is just yet another affine substitution that can be broken by hand in a few mins.

It could have been made more interesting…

Re: Challenge  

  By: Veselovský on Feb. 29, 2012, 4:14 a.m.

As the title suggests, it was meant for beginners.
From such a point of view it is ideal for them and it is up to them if they want to learn something about ECC or they want to avoid it by some other means.
As always, any challenge can be solved many different ways and we are free to choose the one that suits us or that we like.
I started with similar simple examples when I began studying ECC.

I enjoyed this challenge. :-)

Re: Challenge  

  By: aurelie on Feb. 29, 2012, 4:05 p.m.

As the title suggests, it was meant for beginners.
From such a point of view it is ideal for them and it is up to them if they want to learn something about ECC or they want to avoid it by some other means.
As always, any challenge can be solved many different ways and we are free to choose the one that suits us or that we like.
I started with similar simple examples when I began studying ECC.

This is exactly the idea behind this challenge. I wanted to give beginners the opportunity (and a sweetener) to have a closer look at what ECC is about.

I can understand your point, fretty. This challenge illustrates how a securely established key should NOT be used. If you have any idea for a new challenge - either for beginners or for experts - feel free to submit it via [HTML_REMOVED]mtc3@cryptool.org[HTML_REMOVED]

Re: Challenge  

  By: fretty on March 2, 2012, 1:08 p.m.

Yes, I have no problem with making beginner challenges…just thought it defeated the point on making a challenge in ECC if really the ECC part is irrelevant.

Its like saying "I have n coins in my pocket, here are some facts about them…now which pocket are my house keys in?"

Re: Challenge  

  By: Veselovský on March 2, 2012, 3:28 p.m.

There is no way how to ensure both:

  1. simplicity of an example (i.e. using small numbers)
  2. that the example cannot be solved by any other means other than that of ECC.

Even if we can not use "affine substitution attack" we still can simply compute points on given elliptic curve modulo small prime by hand and we can solve the challenge again without "touching" theory of elliptic curves.

But it does not mean that it can not be solved like any other securely established system of ECC.
I solved it using adding points on elliptic curves for example.
And anybody who wants to learn something about ECC should do the same, i.e. take a look at the references given at the end of PDF and try to solve it this way.

It is same like for example with RSA.
Give me a toy example of RSA that can not be solved by any other method only the methods by which the standard securely established RSA systems are solved.
Such a example can not exist.
As a toy example of RSA we could take N=pq=4389. Anybody would be able to solve it even without knowing what Euler's totient function is.
If you use bigger primes then probably the attacker needs some knowledge of RSA but the example will no longer be a "toy example".

Re: Challenge  

  By: fretty on March 2, 2012, 5:29 p.m.

You misunderstand…what I am saying is why create a challenge about one cryptosystem that really isn't about that cryptosystem at all?

The challenge is supposed to be one about ECC…but really the actual challenge is about solving an affine substitution cipher (of which there are many others in the level 1 challenges). Yes, there is a bit of blurb before about ECC but that is not necessary to the solution of the challenge. If, however you miss out the affine bit and ask something about the ECC part for the challenge then it DOES become a challenge about ECC.

You have to ask, what is the purpose of a "challenge"…to be solved or to be learned from?

Re: Challenge  

  By: Veselovský on March 2, 2012, 5:52 p.m.

You have to ask, what is the purpose of a "challenge"…to be solved or to be learned from?

Well, I think both, especially for challenges in level 1.

Re: Challenge  

  By: fretty on March 2, 2012, 5:54 p.m.

Well a thing to be learned would be that in practice people look for the simplest solution. In creating an affine part to the challenge it has made the simplest solution be to ignore the ECC part.


Currently 17 guests and 0 members are online.
Powered by the CrypTool project
© 2009-2021 MysteryTwister team