So What Does An Elliptic Curve Key Pair Look Like? PEM, DER and OpenSSH

Elliptic curve cryptography (ECC) saved cybersecurity a whole lot of processing. Without them, we would be implementing key exchange with large prime numbers of over 2K bits. With them, our key exchanges are small, with a private key of around 256 bits and a public key of 512 bits.

An elliptic curve can have the relationship of:

y²=x³+ax+b (mod p)

and for a defined prime number (p). Overall, NIST has defined a number of standard curves, and which relate to the size of their finite field. These are P256, P384 and P512. With P-256 we use: p=2²⁵⁶−2²²⁴+2¹⁹²+2⁹⁶−1, a=−3, b=41058363725152142129326129780047268409114441015993725554835256314039467401291.

In ECC, we have a private key of sk and which is a scalar value. The public key is then:

pk=sk.G

and where G is the base point on the curve, and pk is a public key point. If sk has 256 bits, then pk will have 512 bits, as it is an (x,y) point.

Now, the EITF has just published RFC 9500 [here] which defined test keys for RSA, DLP (Discrete Logarithm Problem) and…