Have you heard of elliptic curves before? They are used extensively in number theory and cryptography. The reason elliptic curve cryptography is gaining popularity is because it’s fundamentally much stronger than the RSA algorithm, the algorithm that we all love and adore. If you don’t know what elliptic curves are, just google it and see what they look like. You are reading this sentence without googling it, aren’t you? Okay I’m going to assume that you know what elliptic curves look like. Do they look anything like ellipses? No! So why are they called “elliptic” curves? Continue reading

# Category Archives: Security

# HTTP vs HTTPS: Latency Comparison

I recently came across the issue of latency differences between HTTP and HTTPS. It got me curious and I started looking into it. To give a quick introduction to those who are new to this, HTTP stands for Hypertext Transfer Protocol and it’s a protocol for communication over the internet. Whenever somebody types something into the address bar on their browser, the browser understands the address and displays the appropriate thing. When you look at the address bar, you usually won’t see the address beginning with “http” because modern web browsers hide it. If you copy that address and paste it into a text file, you will see the full address starting with “http”. The problem with HTTP is that it is susceptible to wiretapping and other kinds of attacks. So people came with a solution and introduced HTTPS. HTTPS stands for Hypertext Transfer Protocol Secure. As the name suggests, it is secure! It’s the same HTTP protocol layered with a security protocol. Now that brings us to the main question. Will this affect the internet speed in any way? Will this be an issue when we are dealing with large amounts of traffic on the internet? Continue reading

# Why Do We Need Two-Factor Authentication?

In the last couple of years, we have encountered quite a few security breaches. A lot of internet companies are being targeted with these kinds of attacks. One of the most common forms of online transactions is that you have an account that’s protected with a password. So whenever you want to access your account, you just enter your username along with the password. But the problem is that this is breakable! As in, people can technically break into these accounts. So people started thinking about different ways in which this could be prevented. Of course, choosing better passwords would help, but we need to way to fundamentally improve the security. How exactly do we do it? Do we just choose bigger and better passwords or is there something new we can do? Continue reading

# Elliptic Curve Cryptography: Part 4/4 – How Do We Use Elliptic Curves?

In the previous blog post, we discussed about elliptic curves and saw what they look like. We also looked at some of their special properties that enable it to be a good trapdoor function. But this is still very mathematical, right? The curves are great to look at and we understand general concept of elliptic curves, but how do we use them in real life? The curves denoted by those equations don’t represent the curves that are used in cryptography. In the real world, things are digitized. We need to convert things into bits and move them around quickly. So how do we do it? Continue reading

# Elliptic Curve Cryptography: Part 3/4 – What Is An Elliptic Curve?

In the previous blog post, we discussed why RSA will not be sufficient anymore. We looked at how machines are getting stronger, and that we cannot rely on factorization as our primary mathematical foundation. We also talked a bit about what we are looking for in our new system, and then said a quick hello to elliptic curves. In this blog post, we will see what elliptic curves are. As always, we will keep the equations to a minimum, and instead, try to understand the underlying concept. Let’s go ahead, shall we? Continue reading

# Elliptic Curve Cryptography: Part 2/4 – Why Do We Need It?

In our previous blog post, we discussed public key cryptography and how it works in general. The RSA is so powerful because it comes with rigorous mathematical proofs of security. The authors basically proved that breaking the system is equivalent to solving a very difficult mathematical problem. When we say “difficult”, what it means is that it would take trillions of years to break it even if all the supercomputers in the world were to work in parallel. By the way, this is just one encoded message! The problem in question here is prime number factorization. It is a very well-known problem and has been studied for a very long time. So if it’s such a difficult problem, why do we need something new? What’s the problem here? Continue reading

# Elliptic Curve Cryptography: Part 1/4 – Why Should We Talk About It?

Elliptic curve cryptography is one of the most powerful techniques used in the field of modern cryptography. Just to be clear, elliptic curves have nothing to do with ellipses. I agree that the name can be slightly misleading, but once we discuss what elliptic curves are, it will become much clearer. So as you may have already guessed, elliptic curve cryptography (ECC) is based on the properties of elliptic curves. ECC is very useful in internet security and it is being deemed as the successor to the almighty RSA crypto system. If that didn’t make sense to you, don’t worry! We are going to discuss everything in detail. A lot of of websites are increasingly using ECC to secure everything like customer data, connections, passing data between data centers, etc. So what makes ECC so special? Is it strong enough to take over the world? Continue reading