. Introduction
The use of small computer devices with wireless communication abilities is expected to
drive the future development of many Internet transactions. The number of people using small devices far exceeds that of Personal Computers. To tap this potential the security issues with
applications on these devices has to be addressed. Several approaches to enhance the security
are based on cryptographic primitives such as hash functions, message authentication codes, and
digital signatures. The limitations of providing a high level of security using these primitives
include: the memory needed for generating cryptographic keys; the storage needed for storing
the key generating algorithms as well as the keys; the bandwidth necessary to transmit keys; and
the CPU to generate keys.
Elliptic Curve Cryptography has emerged as an attractive public-key cryptosystem for use in
small wireless environments. Compared to the conventional cryptosystems like RSA, ECC
offers a higher level of security with small key sizes, resulting in faster computations, lower
power consumption, as well as memory and bandwidth savings. These properties make ECC
very useful on small mobile devices and smartcards which are typically limited in terms of their
CPU, power and network connectivity. Lenstra and Verheul have shown that -bit key
size RSA may provide a similar security as -bit key size elliptic curve cryptosystem.
The use of elliptic curve in cryptography was proposed by Miller and Koblitz with
an excellent follow-up work by Blake, Seroussi and Smart , Koblitz , , Koblitz,
Menezes and Vanstone , Menezes , and Menezes, van Oorschot and Vanstone . It
has been endorsed by the NIST. Among the initial implementations is that of elliptic curves
over by Agnew et. al. and other related security issues by Edoh et. al. . Devices
using applications running ECC include Cellular phones, Smart cards, Cisco firewalls, and E-
cash systems. Future applications are in ATMs, and Identification systems like passports and
driving license.
We implement the NIST recommended elliptic curves over binary fields , in Java on
HP iPAQ h5450 PocketPC with 400MHz Intel Scale processor, 64MB memory and 48MB
ROM. We use a 163-bit key which is known to provide security equivalent to 1024-bit RSA
[9, 15]. This level of security is sufficient for most electronic commerce applications as long
as there are no improvements in solving the elliptic curve discrete-log problem. The use of
Java in developing a wide range of Internet applications makes it an appropriate programming
language for implementing these programs. We have provided the speeds of some ECC
algorithms including the elliptic curve digital signature algorithm (ECDSA). These results are
intended to provide a basis of comparison for future algorithms. The enhanced algorithms will
then be included in the future versions of the Java Cryptographic Extensions (JCE) a
component of the Software Development Kit (SDK). We recommend the creation of a special
primitive Java datatype for handling ECC field elements. This will help speed up the
computation time.
In the next section we discuss the finite field , its element representation and
arithmetic. In section three is the definition of elliptic curves and algorithms for elliptic point
scalar multiplication. Section four is the numerical results using Koblitz curves, a special type
of elliptic curves, and in section five is the conclusion.
Download your Full Reports for Elliptical Curve Cryptography
Advertisement