Contemporary cryptography is based on the use of public key cryptosystems. These cryptosystems greatly simplify the problem of establishing secure communication between any two users of the network without the necessity of exchanging secret keys between them in advance. Solving the problem of key distribution, together with the support of the digital signatures for strong authentication of messages, makes public key cryptosystems an irreplaceable component for implementation of security services in today's computer networks, particularly in systems for an electronic commerce and banking.

The RSA (Rivest, Shamir, Adelman) cryptosystem and a family of Elliptic Curve Cryptosystems (ECC) are two competing technologies for public key encryption. RSA is much better established (known for almost 20 years), but ECC, although much more recent, has already gained the recognition of standard organizations such as IEEE, ANSI and ISO. The recent progress in the factorization algorithms for RSA forced the significant increase in the key size for this algorithm. The large key size implies that software implementations of RSA are too slow for certain applications (e.g., pagers), and hardware ASIC implementations require large area and therefore are expensive and not very well suited for realization on the smart cards.

Elliptic Curve Cryptosystems is an emerging class of cryptosystems that offers more security per key bit than any other known public key scheme. For example, in ECC the same security is obtained using an almost ten times smaller key than for RSA. This leads to fast software implementations and fast and area-efficient hardware implementations. Additionally, ECC is not a single algorithm but rather a family of algorithms. The user can choose a particular transformation from this family as a tradeoff between the speed and the security of the cipher.

The direct result of this research will be a set of recommendations regarding the standardization of a particular algorithm, depending on the requirements of a communication protocol and implementation medium. The long term result will be creating methodology for the correct choice of the system and key parameters, supporting efficient implementations of Elliptic Curve Cryptosystems in hardware and software.

Specific problems to be solved include:

• optimization of algorithms for basic component operations of the cryptosystem (operations in the group of points on the elliptic curve and in the underlying finite field)
• optimal choice of the curve and the underlying field in order to speed up software and hardware implementations
• implementation of ECC using programmable gate arrays in a way permitting reconfiguration of the architecture depending on the selected type of the elliptic curve
• hardware support for computing the number of points on the curve necessary to estimate the resistance of the cipher based on the given curve for cryptanalysis;
• comparison of the resistance of the RSA and ECC implementations against timing attacks, i.e., attacks based on reconstructing the secret key through the analysis of the cryptoalgorithm execution times for various inputs.