Developer Reference for Intel® Integrated Performance Primitives Cryptography 2018
This section describes the Intel IPP functions that implement arithmetic operations with points of elliptic curves [EC]. The elliptic curve is defined by the following equation:
y2 = x3 + A ⋅ x + B
where
This document considers elliptic curves constructed over the finite field GF(p) (prime or its extension), therefore the arithmetic of elliptic curves is based on the arithmetic of the underlying finite field. In the equation above, A, B, x, and y belong to the underlying field GF(p).
You can use standard elliptic curves by calling GFpECInitStd or GFpECBindGxyTblStd. The following table contains the supported standard elliptic curves:
Name of the Curve |
Reference |
---|---|
secp128r1 |
[SEC2] |
secp128r2 |
[SEC2] |
secp160r1 |
[SEC2] |
secp160r2 |
[SEC2] |
secp192r1 |
[SEC2] |
secp224r1 |
[SEC2] |
secp256r1 |
[SEC2] |
secp384r1 |
[SEC2] |
secp521r1 |
[SEC2] |
SM2 |
[SM2] |
BN256 |
For more information on parameters of the standard elliptic curves, see [SEC2], [SM2], and [ISO/IEC 11889-4].
In this table, the name BN256 corresponds to the Barreto-Naehrig Prime 256-bit elliptic curve.
To provide minimum security of the elliptic curve cryptosystem over a prime finite field, the length of the underlying prime must be equal to or greater than 160 bits.