By: Farhin Tabassum Indian Institute of Technology, Kharagpur, India Email: tabassumfarhin390@kgpian.iitkgp.ac.in
Abstract:
This article explores Elliptic Curve Cryptography (ECC), a robust cryptographic system that uses the mathematical properties of elliptic curves for secure communication and encryption. ECC is distinguished by its efficient key generation and smaller key sizes, which are advantageous in various applications ranging from digital signatures to secure communication protocols. The mathematical complexity underlying ECC provides a strong foundation for cryptographic operations, making it a powerful tool in modern cybersecurity.
Introduction:
Elliptic Curve Cryptography (ECC), introduced by Koblitz and Miller in 1985, has gained popularity due to its ability to provide the same level of security as traditional systems but with shorter key lengths. This efficiency in key generation makes ECC particularly suitable for low-computation devices. Additionally, ECC offers advantages in terms of encryption and decryption speed, computational efficiency, and resource occupation.
ECC leverages the mathematical properties of elliptic curves for secure communication and encryption. Its efficiency in key generation and smaller key sizes make it a robust choice for enhancing security in various applications, from digital signatures to secure communication protocols [1]. The underlying mathematical complexity provides a strong foundation for cryptographic operations, making ECC a powerful tool in modern cybersecurity [2].
- It is asymmetric/public key cryptosystem.
- It makes use of Elliptic curves.
Elliptic curves are defined by some mathematical function
- Symmetric to x-axis.
- If we draw a line, it will touch a maximum of 3 points of the curve.
- Let be the elliptic curve consider the equation , where are points on curve and (n is boundary of curve).
If K and P are given, it should be easy to find Q but if we know Qand P, it should extremely be difficult to find k. This is called the discreate logarithm problem for elliptic curves. That means it is a one-way function.
Global Public Elements
: elliptic curve with parameters and (prime number or an integer of form 2m.
G: point on the curve whose order is large value of n.
User A key Generation
Calculate private key
User B key Generation
Select private key
Calculate private key
Calculation of decrypt key by user A and B
Encryption
- let the message be M.
- 1st encode this massage M into a point on elliptic curve, let the point be Pm now the point be encrypted.
- For encryption choose a random positive integer K.
The cipher point will be (for encryption public key of B used)
This point will be sent to receiver.
Decryption
- 1st multiply 1st point in the pair with receiver’s secret key, i.e. KG * nB (for the decryption private key of B used)
- Then subtract it from 2nd pair, i.e. So, receiver get the same point.
- Mathematical Foundation: The security of ECC is based on the difficulty of the elliptic curve discrete logarithm problem. Finding the private key from the public key is computationally infeasible, even for powerful computers [4].
- Security Strength: ECC provides a high level of security with shorter key lengths compared to traditional methods like RSA. This is advantageous for resource-constrained environments, such as mobile devices or IoT devices.
- Efficiency: ECC operations, such as key generation, encryption, and digital signatures, are computationally more efficient than equivalent operations in other asymmetric encryption algorithms.
- Applications: ECC is widely used in various security protocols and applications, including TLS for securing internet communication, digital signatures for authentication, and key exchange in secure communication protocols.
- Size Advantage: ECC key sizes are significantly smaller than those required by traditional algorithms, making it more efficient in terms of bandwidth and storage. This is particularly valuable in scenarios where resources are limited.
- Resistance to Quantum Attacks: ECC is more resistant to quantum attacks compared to traditional cryptographic algorithms like RSA.
Overall, ECC’s combination of strong security, computational efficiency, and suitability for resource-constrained environments has made it a popular choice in modern cryptographic systems [5].
Elliptic Curve Cryptography vs. Traditional Cryptography
Traditional cryptosystems like RSA rely on larger key sizes to achieve the same level of security as ECC. For instance, the operand lengths in RSA are relatively longer compared to ECC [6]. This difference in key lengths is significant as shorter keys in ECC lead to faster encryption and decryption processes, making it more suitable for resource-constrained environments [7-10]. Moreover, ECC has been widely adopted in various technologies due to its smaller key size and robust security features.
Furthermore, ECC has been utilized in various applications such as image encryption, authentication protocols, and secure communication schemes . Its effectiveness in generating strong encryption with shorter keys has made it a preferred choice in scenarios like wireless sensor networks and cloud storage systems. ECC’s ability to optimize parallel execution of encryption and decryption processes further enhances its suitability for modern cryptographic applications.
On the other hand, traditional cryptosystems face challenges related to key management, computational complexity, and efficiency. For instance, the calculation time for encryption and decryption algorithms in traditional asymmetric cryptosystems is significantly higher compared to symmetric systems. In contrast, ECC offers a more efficient alternative with lower calculation times, making it a favorable choice for scenarios where speed and resource utilization are critical factors.
Conclusion:
The article concludes that ECC stands out for its strong security, computational efficiency, and suitability for resource-constrained environments. It offers a higher level of security with shorter key lengths compared to traditional methods like RSA, making it ideal for mobile devices or IoT devices. Additionally, ECC is resistant to quantum attacks, making it a popular choice in cryptographic systems. Its application in various security protocols underscores its importance in the realm of cybersecurity.
Reference:
- S. Baccouri, H. Farhat, T. Azzabi, and R. Attia, “Lightweight authentication scheme based on Elliptic Curve El Gamal,” Journal of Information and Telecommunication, vol. 0, no. 0, pp. 1–31, 2023, doi: 10.1080/24751839.2023.2281143.
- M. Rahaman, C.-Y. Lin, and M. Moslehpour, “SAPD: Secure Authentication Protocol Development for Smart Healthcare Management Using IoT,” in 2023 IEEE 12th Global Conference on Consumer Electronics (GCCE), Oct. 2023, pp. 1014–1018. doi: 10.1109/GCCE59613.2023.10315475.
- “What is Elliptic Curve Cryptography? Definition & FAQs,” Avi Networks. Accessed: Feb. 29, 2024. [Online]. Available: https://avinetworks.wpengine.com/glossary/elliptic-curve-cryptography/
- S. Ullah, J. Zheng, N. Din, M. T. Hussain, F. Ullah, and M. Yousaf, “Elliptic Curve Cryptography; Applications, challenges, recent advances, and future trends: A comprehensive survey,” Computer Science Review, vol. 47, p. 100530, Feb. 2023, doi: 10.1016/j.cosrev.2022.100530.
- M. Rahaman, B. Chappu, N. Anwar, and P. K. Hadi, “Analysis of attacks on private cloud computing services that implicate denial of services (DOS),” Cyber Security Insights Magazine, vol. 4, 2022, Accessed: Feb. 29, 2024. [Online]. Available: https://insights2techinfo.com/wp-content/uploads/2023/01/Analysis-of-Attacks-on-Private-Cloud-Computing-Services-that-Implicate-Denial-of-Services-DoS.pdf
- Khan, M., Ullah, I., Nisar, S., Noor, F., Qureshi, I., Khanzada, F., … & Amin, N. (2020). An efficient and provably secure certificateless key-encapsulated signcryption scheme for flying ad-hoc network. Ieee Access, 8, 36807-36828. https://doi.org/10.1109/access.2020.2974381
- Awaludin, A., Park, J., Wardhani, R., & Kim, H. (2022). A high-performance ecc processor over curve448 based on a novel variant of the karatsuba formula for asymmetric digit multiplier. Ieee Access, 10, 67470-67481. https://doi.org/10.1109/access.2022.3184786
- MISHRA A, MISHRA K (2023) Data Privacy with Elliptic Curve Cryptography, Insights2Techinfo, pp.1. https://insights2techinfo.com/data-privacy-with-elliptic-curve-cryptography/
- Tewari, A., & Gupta, B. B. (2018, January). A mutual authentication protocol for IoT devices using elliptic curve cryptography. In 2018 8th International Conference on Cloud Computing, Data Science & Engineering (Confluence) (pp. 716-720). IEEE.
- Tewari, A., & Gupta, B. B. (2017). A lightweight mutual authentication protocol based on elliptic curve cryptography for IoT devices. International Journal of Advanced Intelligence Paradigms, 9(2-3), 111-121.
Cite As
Tabassum F (2024) Elliptic Curve Cryptography: A Pure Mathematical Approach to Enhancing Security, Insights2Techifo, pp.1