The use of small computer devices with wireless communication abilities is expected to drive the future development of many Internet transactions. The number of people using small devices far exceeds that of Personal Computers. To tap this potential the security issues with applications on these devices has to be addressed. Several approaches to enhance the security are based on cryptographic primitives such as hash functions, message authentication codes, and
digital signatures. The limitations of providing a high level of security using these primitives include: the memory needed for generating cryptographic keys; the storage needed for storing the key generating algorithms as well as the keys; the bandwidth necessary to transmit keys; and the CPU to generate keys.
Elliptic Curve Cryptography has emerged as an attractive public-key cryptosystem for use in
small wireless environments. Compared to the conventional cryptosystems like RSA, ECC
offers a higher level of security with small key sizes, resulting in faster computations, lower
power consumption, as well as memory and bandwidth savings. These properties make ECC
very useful on small mobile devices and smartcards which are typically limited in terms of their
CPU, power and network connectivity. Lenstra and Verheul have shown that -bit key
size RSA may provide a similar security as -bit key size elliptic curve cryptosystem.
The use of elliptic curve in cryptography was proposed by Miller and Koblitz with
an excellent follow-up work by Blake, Seroussi and Smart , Koblitz , , Koblitz,
Menezes and Vanstone , Menezes , and Menezes, van Oorschot and Vanstone . It has been endorsed by the NIST. Among the initial implementations is that of elliptic curves over by Agnew et. al. and other related security issues by Edoh et. al. . Devices using applications running ECC include Cellular phones, Smart cards, Cisco firewalls, and E-
cash systems. Future applications are in ATMs, and Identification systems like passports and driving license.
We implement the NIST recommended elliptic curves over binary fields , in Java on HP iPAQ h5450 PocketPC with 400MHz Intel Scale processor, 64MB memory and 48MB ROM. We use a 163-bit key which is known to provide security equivalent to 1024-bit RSA [9, 15]. This level of security is sufficient for most electronic commerce applications as long as there are no improvements in solving the elliptic curve discrete-log problem. The use of Java in developing a wide range of Internet applications makes it an appropriate programming language for implementing these programs. We have provided the speeds of some ECC algorithms including the elliptic curve digital signature algorithm (ECDSA). These results are intended to provide a basis of comparison for future algorithms. The enhanced algorithms will then be included in the future versions of the Java Cryptographic Extensions (JCE) a component of the Software Development Kit (SDK). We recommend the creation of a special primitive Java datatype for handling ECC field elements. This will help speed up the computation time.
In the next section we discuss the finite field , its element representation and arithmetic. In section three is the definition of elliptic curves and algorithms for elliptic point scalar multiplication. Section four is the numerical results using Koblitz curves, a special type of elliptic curves, and in section five is the conclusion.
Download your Full Reports for Elliptical Curve Cryptography