Escolar Documentos
Profissional Documentos
Cultura Documentos
Abstract - The proliferation of technology has created a third party to recover data, the stronger is the encryption.
mobile society consisting of millions of telecommuters, Cryptography is used in many applications such as the
field workers, traveling sales personnel and home-office security of ATM cards, computer passwords, and
workers all together connected. The increasing threat to electronic commerce. Before the modern era,
security in these systems marks the importance of cryptography was concerned solely with message
Network Security and protection from hackers. Lot of confidentiality that deals with conversion of messages
Symmetric and Public Key Cryptography Systems are from a comprehensible form into an incomprehensible
available to serve this purpose. Public Key Cryptography one, and back again at the other end, rendering it
is efficient since it uses pair of keys to provide security. unreadable by interceptors without secret knowledge. In
Among them, RSA was popular and widely used for its recent decades, the field has expanded beyond
enhanced security features. But in recent days, it is confidentiality concerns to include techniques for
vulnerable to attacks such as Prime Factorization, Timing authentication of message integrity, digital signatures,
Attacks and so on. Elliptic Curve Cryptography (ECC), interactive proofs, and secure computation. Modern
on the other hand provides Stronger Security than RSA Cryptosystems includes the technique of Symmetric Key
with less key size comparatively. In this paper, we have Cryptography and Public Key Cryptography. All
discussed the Elliptic Curve Cryptography, its Cryptographic Systems prior to Public Key Cryptography
mathematical background and its advantages. It also were based on tools of Substitution and Permutation.
briefs the implementation details of ECC where a Public Key Cryptography provides a change to this type
character in the Plain text is considered as a point and of Cryptosystem. They are based on Mathematical
manipulated to obtain cipher text character by character. functions and are asymmetric involving the use of two
It offers Security at each character level and hence more separate keys. This is in contrast to Symmetric Encryption
secure cryptosystem. We have implemented this proposal which uses one key. The use of two keys helps in
in Java and found it to be much efficient. confidentiality, key distribution and authentication. Early
public key systems, such as the RSA algorithm, used
Keywords: products of two large prime numbers as the puzzle. The
Elliptic Curve, RSA, Discrete Logarithm, Quadratic difficulty of factoring ensures that no one else can derive
sieves. the private key (i.e., the two prime factors) from the
public one. However, due to recent progress in factoring,
1. Introduction RSA public keys must now be thousands of bits long to
provide adequate security. Hence Elliptic Curve
Cryptography comes into picture which is stronger than
Security is an important issue in this period of
RSA with less key size comparatively. This made several
Universal electronic connectivity where there are lot of
Organizations to turn its attention towards Elliptic Curve
viruses and hackers involved in electronic eavesdropping
Cryptography.
and electronic fraud. The primary goal of cryptography is
to conceal data to protect it against unauthorized third-
2. Need for ECC
party access by applying encryption. The more theoretical
or mathematical effort is required for an unauthorized
1
The RSA Cryptosystem was invented by Ron RSA-640 was accomplished using a prime factorization
Rivest, Adi Shamir and Len Adleman in August 1977 algorithm known as the general number field sieve [2].
issue of Scientific American. The important Sieving was done on 80 2.2-GHz Opteron CPUs and took
Computational aspects of RSA are the Key Generation 3 months. The matrix step was performed on a cluster of
and Encryption/Decryption. Three possible Approaches 80 2.2-GHz Opterons connected via a Gigabit network
may attack the RSA Algorithm. Brute Force Encompasses and took about 1.5 months.
in trying all possible private keys. This attack is
computationally infeasible and not possible since it 2.2. Timing Attacks
requires huge Computation power. The Defense against
Brute Force is same for RSA as for other cryptosystems is Another Possible Threat to RSA is the timing
by using large key space. The second possible attack is attack which is performed by determining the private key
Mathematical Attack that focuses primarily on factoring with the track record of how long a computer takes to
the product of two primes. The next possible attack is decipher messages.
Timing attacks that depends on the running time of the Attacker gains information from the
decryption algorithm. implementation of the cryptosystem such as the timing,
electro magnetic emanations and power consumption.
2.1. Prime Factoring Problem Computations performed by the cryptographic algorithm
take different amounts of time depending on the input and
Considering the Prime Factoring Problem, it value of the secret parameter. Such Statistical analysis can
uses the RSA Public Key <N, e>. Given the Factorization be used to recover secret key if the RSA private key
of N, an attacker can easily construct φ (N), from which operations can be timed accurately [3]. For Example,
the decryption exponent d = e-1 mod φ (N) can be found. Brumley and Boneh devised a timing attack against
There is no algorithm that exists to factorize a large OpenSSL, an open source cryptographic library used in
number to the product of two primes of the same size in web servers and other SSL applications [4], and
polynomial time. But there are algorithms that execute in successfully extracted a factor of the RSA modulus N and
the order of o(ab) for any a greater than 1.The general therefore, the private key d [5]. Hence RSA proves to be
number Field sieve algorithm is widely known[1], where vulnerable to security attacks and a better mechanism
for a b-bit number n, the asymptotic running time is should be employed to overcome the threats to RSA and
to provide better Security. Thus the Cryptosystem such as
Elliptic Curve Cryptography gains its importance in the
- (1) long run.
The Shor’s Algorithm was first run on 7-qubit quantum
computer in 2001 and it factored the number 15. 3. Elliptic Curve Cryptography and its
Moreover, the decision problem of whether the given Mathematical Background
number is composite or prime can be solved in
polynomial time with the AKS primality test. The easiness Elliptic Curve Cryptography is an approach to
of primality testing is a crucial part of the RSA algorithm. public key Cryptography based on the algebraic structure
There are also various Special Purpose and General of Elliptic Curves over Finite Fields. It was proposed in
Purpose Factoring Algorithms used for Prime 1985 independently by Neal Koblitz from the University
Factorization. A general-purpose factoring algorithm's of Washington, and Victor Miller, who was then at IBM,
running time depends on the size of the integer to be Yorktown Heights. Many cryptosystems often require the
factored. This is the type of algorithm used to factor RSA use of algebraic groups and Elliptic curves may be used to
numbers. Some of them are Dixon's algorithm, Continued form elliptic curve groups. A group is a set of elements
fraction factorization, Quadratic sieve, General number with custom-defined arithmetic operations on those
field sieve and Shanks' square forms factorization. The elements. For elliptic curve groups, these specific
Challenge proposed by RSA Cryptosystem creators to operations are defined geometrically. The major
cryptanalysis the 129-digit number (RSA-129) with the advantage of choosing prime numbers for computing
reward of $100. It was factored in 1994 using distributed Elliptic Curves is that the number of points on the curve
Computation which performed the multiple polynomial can be computed easily. An elliptic curve is the set of
quadratic sieves. This marked the beginning to explore the solutions (x,y) to an equation of the form y^2 = x^3 + Ax
drawbacks of RSA Cryptosystem. The challenge numbers + B, together with an extra point O which is called the
RSA-130, RSA-140, RSA-150, RSA-155, RSA-160, point at infinity (identity element). The set of points on an
RSA-200, and RSA-576 were also subsequently factored elliptic curve forms a group under a certain addition rule.
between 1996 and May of 2005. The factorization of Given a point P=(x,y) and a positive integer n, [n]P = P +
2
P + ... + P (n times). The order of a point P=(x,y) is the modulo p. Hence the Equation would be (y ^ 2 ) mod p=
smallest positive integer n such that [n]P = O. < P > (x^3 + Ax + B) mod p. Also the set Ep (a, b) consisting of
denotes the group generated by P. In other words < P > = all pairs of integers (x,y) that satisfy the Equation are
{O, P, P+P, P+P+P,}. P + Q = R is the additive property calculated. The negative of the point P = (x P, yP) is the
defined geometrically. The negative of a point P = (xP point -P = (xP, -yP mod p). There are some mathematical
,yP) is its reflection in the x-axis: the point -P is (xP,-yP). formulae used to calculate the sum of two points on the
For each point P on an elliptic curve, the point -P is also curve say P and Q. Let P + Q = R where R has
on the curve. coordinates (xR,yR). Then
To add two distinct points say P and Q which are on the s = (yP - yQ) / (xP - xQ) mod p
Elliptic Curve, a line is drawn through the two points. If P=Q then s = (3xP2 + a) / (2yP ) mod p
This line will intersect the elliptic curve, let it be –R. The xR = s2 - xP - xQ mod p and yR = -yP + s(xP - xR) mod p
point -R is reflected in the x-axis to the point R. The law where s is the slope of the line through P and Q. A finite
for addition in an elliptic curve group is P + Q = R. For Abelian Group can be defined based on the set Ep(a,b)
example: [9] provided that (x^3+ax+b) mod p has no repeated factors.
This is equivalent to the condition (4a3+27b2) mod p ≠ 0
mod p. For determining the security of various elliptic
curve ciphers, the number of points in a finite abelian
group is to be known. In case of finite group Ep (a, b), the
number of points N is bounded by P+1-2√p ≤ N ≤
p+1+2√p so that for large p, the number of points in E p (a,
b) is approximately equal to the number of elements in Zp.
3
requires primality testing (both probabilistic and simple
primality) to determine if a number is indeed prime. Table 3: Integer Factorization using the
Considering Bandwidth, Certicom claims that, when general number field sieve
generating a digital signature, ECC is between 20 and 80
times faster than RSA’s BSAFE crypto engine [9]. Key Size MIPS-Years
For these and other reasons, major North American 512 3*10^4
corporations are now integrating ECC into their products.
768 2*10^8
Also Microsoft has implemented the Suite-B algorithms in
Vista Client and Longhorn Server where the Elliptic 1024 3*10^11
Curve Cryptography is included in Suite-B. IBM has also 1280 1*10^14
turned its attention towards security using ECC [8].
Jyri Virkki performed the comparison of RSA and ECC 1536 3*10^16
using the Sun Java System Web Server 7 and validated 2048 3*10^20
the results. The following table shows the equivalent
strength between RSA and ECC as reported by him [10].
4
1. To perform the encryption User ‘A’ should know 1. To perform the encryption User ‘A’ should know
the User ‘B’s Public key PB. the User ‘B’s Public key PB.
2. User ‘A’ can encrypt the given points by using 2. Get the File name from the user that wants to
Cm = {KG, Pm+KPB} and store it in a particular encrypt and read character by character from the
file .So that the single point can be encrypted as a file.
pair of points. 3. Get the ASCII value (V) for each and every
character which is available in the file want to
5.1.3. Decryption Phase. encrypt.
1. Decrypt the pair of points by using Pm+KPB-nB 4. Perform the computation V*K to get Pm. So that
(KG).So that we get a single point Pm and write it the given text can be converted into points
into another file. character by character. The point obtained by
2. So that the user B will get the original text from V*K is also available in the elliptic curve
the particular file.
5. User ‘A’ can encrypt the given points by using
Cm = {KG,Pm+KPB} and store it in a particular
5.2 .Our Proposal file .So that the single point can be encrypted as a
pair of points.
Based on the conventional approach, we will
implement some additional features. Key generation phase 5.2.3. Decryption Phase.
is similar to the conventional approach. The difference is
at encryption and decryption phase.
1. Decrypt the pair of points by using Pm+KPB-nB
Our Implementation of Elliptic Curve (KG).So that we get a single point Pm.
Cryptography also involves in three phases. They are: 2. Compute the ASCII value (V) by using Pm=V*K
1. Key Generation Phase. as said in step12 in reverse manner.
2. Encryption Phase. 3. ASCII value will be changed to character and
3. Decryption Phase. write it into another file.
4. So that the user B will get the original text.
5.2.1. Key Generation Phase.
1. Get the prime number (p) from the user either by The implementation was done using JAVA language .
directly getting from him and check it or by
getting the range from him and generate by us. 6. Conclusion
2. Get the value of ‘a’ and ’b’ that are available in
the cubic equation which satisfies the equation Hence Elliptic Curve Cryptography provides
(4a3+27b2) mod p is not equals to zero. much Security than other algorithms such as RSA. It is
3. Generate the set of points by using the prime (p) said to be ideal for resource constrained systems because
and ‘a’, ‘b’ value which satisfies the cubic it provides more security per bit than other types of
equation and all the points are available on the asymmetric Cryptography. It offers greater security for a
elliptic curve. given key size. This makes possible compact
4. Choose the first point from the above generated implementations with faster cryptographic operations. Our
set as base point ‘G’. Proposal considers every text in given text file, represents
5. Calculate the ‘n’ value such that n*G=”Point at them as a point and encodes it using the Private Key to
infinity” (O). obtain another point which is also on the curve.
To enhance this methodology, a table can be maintained
6. User ‘A’ selects the private key (nA) such that
such that each point generated gets maps to a alphabet or
nA<n.
special characters. This table can be made public so as to
7. Calculate the public key (PA) for user ‘A’ by facilitate decryption. The Hacking of such system is
PA=nA*G. difficult since the reverse operation is the discrete
8. User ‘B’ selects the private key (nB) such that logarithm problem that is hard to solve. Hence this results
nB<n. in implementation of the Cryptographic System with
9. Calculate the public key (PB) for user ‘B’ by greater Security compared to other mechanisms.
PB=nB*G.
10. User ‘A’ and User ‘B’ generates the secret key 7. Acknowledgement
by using K=nA*PB and K=nB*PA respectively.
We sincerely thank our beloved Head of the
5.2.2. Encryption Phase. Department, Dr.R.Rajaram for his enthusiastic guidance.
5
8. References