Elliptic Curve Cryptography
VerifiedAdded on 2022/11/10
|8
|1366
|283
AI Summary
This article discusses the security of Elliptic Curve Cryptography (ECC), its key sizes, market implementation, and competitive position. It also explores the reasons behind the NSA giving up on ECC and why ECC should still be used despite being compromised. The article concludes that ECC holds a competitive position in the market due to its small key size, making it faster and cheaper than other cryptographic functions such as RSA.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: ELLIPTIC CURVE CRYPTOGRAPHY
ELLIPTIC CURVE CRYPTOGRAPHY
Name of the Student
Name of the University
Author Note
ELLIPTIC CURVE CRYPTOGRAPHY
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1ELLIPTIC CURVE CRYPTOGRAPHY
Table of Contents
Section A.........................................................................................................................................2
How secure is Elliptic Curve Cryptography (ECC)?...................................................................2
Why to use ECC after it got compromised by NSA?..................................................................2
If ECC to be used then why?.......................................................................................................2
Reason for NSA giving up on ECC.............................................................................................3
Section B..........................................................................................................................................3
Key sizes of ECC and RSA in AES – 128, 192, 256...................................................................3
Market Implementation of ECC..................................................................................................3
ECC over RSA.............................................................................................................................4
Does ECC hold a competitive position?......................................................................................4
References........................................................................................................................................5
Table of Contents
Section A.........................................................................................................................................2
How secure is Elliptic Curve Cryptography (ECC)?...................................................................2
Why to use ECC after it got compromised by NSA?..................................................................2
If ECC to be used then why?.......................................................................................................2
Reason for NSA giving up on ECC.............................................................................................3
Section B..........................................................................................................................................3
Key sizes of ECC and RSA in AES – 128, 192, 256...................................................................3
Market Implementation of ECC..................................................................................................3
ECC over RSA.............................................................................................................................4
Does ECC hold a competitive position?......................................................................................4
References........................................................................................................................................5
2ELLIPTIC CURVE CRYPTOGRAPHY
Section A
How secure is Elliptic Curve Cryptography (ECC)?
There have been several researches that tried to reveal the possibility of backdoors in the
ECC random number generators, but the algorithm can be considered as secure in a fair priority.
Several vulnerabilities are found to be existing that could bypass the security system of ECC
algorithm, however, mitigation processes are available also. Besides, many attacks are not
widely spread even such as Quantum attacks (Cheng et al. 2017). However, the security cannot
be proved worthy until the algorithm is dropped into the reality from the papers. Large
organisations with teams failed to achieve the proposed goal and hence it is important to have its
implementation properly.
Why to use ECC after it got compromised by NSA?
The primary backdoor that was found for ECC, the Dual EC DRGB, was in fact debated
about it being a weakness or not. Some does not consider it as a backdoor or a weakness at all
(Bernstein, Lange and Niederhagen 2016). They consider as a faulty consideration of the
constant keys. However, use of ECC should be done as there is no such form of documentation
for the algorithm having a backdoor. Hence, usage of it should be done so as to implement ECC
in a proper form and find out the possible threats in reality.
If ECC to be used then why?
As mentioned in the above segment that there is no documented backdoor for the ECC
algorithm, hence it will be impossible to have the threats found out for a particular algorithm. It
will be risky enough to implement an algorithm without knowing its possible threats. However,
Section A
How secure is Elliptic Curve Cryptography (ECC)?
There have been several researches that tried to reveal the possibility of backdoors in the
ECC random number generators, but the algorithm can be considered as secure in a fair priority.
Several vulnerabilities are found to be existing that could bypass the security system of ECC
algorithm, however, mitigation processes are available also. Besides, many attacks are not
widely spread even such as Quantum attacks (Cheng et al. 2017). However, the security cannot
be proved worthy until the algorithm is dropped into the reality from the papers. Large
organisations with teams failed to achieve the proposed goal and hence it is important to have its
implementation properly.
Why to use ECC after it got compromised by NSA?
The primary backdoor that was found for ECC, the Dual EC DRGB, was in fact debated
about it being a weakness or not. Some does not consider it as a backdoor or a weakness at all
(Bernstein, Lange and Niederhagen 2016). They consider as a faulty consideration of the
constant keys. However, use of ECC should be done as there is no such form of documentation
for the algorithm having a backdoor. Hence, usage of it should be done so as to implement ECC
in a proper form and find out the possible threats in reality.
If ECC to be used then why?
As mentioned in the above segment that there is no documented backdoor for the ECC
algorithm, hence it will be impossible to have the threats found out for a particular algorithm. It
will be risky enough to implement an algorithm without knowing its possible threats. However,
3ELLIPTIC CURVE CRYPTOGRAPHY
after proper test implementations the algorithm can be used due to complex nature of security
(Idrissi 2017).
Reason for NSA giving up on ECC
From a personal point of view, it can be said that the primary reason behind NSA giving
up on Elliptic Curve Cryptography could be the instance that what they found as a backdoor for
the ECC is not documented by them (Koblitz and Menezes 2016). Although they injected
backdoor, but according to many researchers it is debated over the fact that whether the injection
of the backdoor was done in a fabricated manner or not. Else, there was a deliberate
consideration that made the backdoor possible to be injected (Adsit 2016).
Section B
Key sizes of ECC and RSA in AES – 128, 192, 256
AES ECC Key size RSA Key Size
128 256 3072
192 384 7680
256 521 15360
(The data that are represented above are the NIST recommended key sizes)
(Source: Suárez-Albela et al. 2018)
Market Implementation of ECC
Due to small key size of ECC, its implementation is encouraged by many researchers.
Researches revealed that the successful application of ECC has been done over the following
areas:
after proper test implementations the algorithm can be used due to complex nature of security
(Idrissi 2017).
Reason for NSA giving up on ECC
From a personal point of view, it can be said that the primary reason behind NSA giving
up on Elliptic Curve Cryptography could be the instance that what they found as a backdoor for
the ECC is not documented by them (Koblitz and Menezes 2016). Although they injected
backdoor, but according to many researchers it is debated over the fact that whether the injection
of the backdoor was done in a fabricated manner or not. Else, there was a deliberate
consideration that made the backdoor possible to be injected (Adsit 2016).
Section B
Key sizes of ECC and RSA in AES – 128, 192, 256
AES ECC Key size RSA Key Size
128 256 3072
192 384 7680
256 521 15360
(The data that are represented above are the NIST recommended key sizes)
(Source: Suárez-Albela et al. 2018)
Market Implementation of ECC
Due to small key size of ECC, its implementation is encouraged by many researchers.
Researches revealed that the successful application of ECC has been done over the following
areas:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4ELLIPTIC CURVE CRYPTOGRAPHY
Elliptic Curve Diffie-Hellman (ECDH) key exchange (Kumar, Iqbal and Kumar 2016)
Elliptic Curve Menezes-Qu-Vanstone (ECMQV) key exchange
Elliptic Curve Digital Signature Algorithm (ECDSA) (Pan et al. 2016)
Other implementations are also found to be there that are hardware oriented. Such as ECC with
FPGA, ECC with the Digital Signal Processors (DSP).
ECC over RSA
The basic parameter on which the performance gain could be measured is the size of the
keys that is available for ECC. Such as 256 bit key of ECC is equivalent as a 3072 bit RSA key
(Mahto, Khan and Yadav 2016). Hence, based on the key size only the performance gain could
be measured. Other than that there are no such significant changes that has been identified with
the use of ECC.
Does ECC hold a competitive position?
ECC does hold a suitable position due to significant small size of the key. In the
infrastructure of the public key, ECC holds a competitive position. The public keys are generally
dealt with the RSA algorithm, which takes longer time to process whereas, ECC algorithm will
be cheap as well as faster as compared to the RSA algorithm in the public key infrastructure
(Alam et al. 2016). The basic difference could be noticed in the key sizes of the two algorithms.
It is certain that one with longer key will take longer time to process. As well as the resources
that have to allocated will be more too. Hence, the algorithms with longer keys will be slow and
costlier as compared to the algorithm having smaller key size. ECC is therefore can be
considered as the better way to perform cryptography rather than the other forms of
Elliptic Curve Diffie-Hellman (ECDH) key exchange (Kumar, Iqbal and Kumar 2016)
Elliptic Curve Menezes-Qu-Vanstone (ECMQV) key exchange
Elliptic Curve Digital Signature Algorithm (ECDSA) (Pan et al. 2016)
Other implementations are also found to be there that are hardware oriented. Such as ECC with
FPGA, ECC with the Digital Signal Processors (DSP).
ECC over RSA
The basic parameter on which the performance gain could be measured is the size of the
keys that is available for ECC. Such as 256 bit key of ECC is equivalent as a 3072 bit RSA key
(Mahto, Khan and Yadav 2016). Hence, based on the key size only the performance gain could
be measured. Other than that there are no such significant changes that has been identified with
the use of ECC.
Does ECC hold a competitive position?
ECC does hold a suitable position due to significant small size of the key. In the
infrastructure of the public key, ECC holds a competitive position. The public keys are generally
dealt with the RSA algorithm, which takes longer time to process whereas, ECC algorithm will
be cheap as well as faster as compared to the RSA algorithm in the public key infrastructure
(Alam et al. 2016). The basic difference could be noticed in the key sizes of the two algorithms.
It is certain that one with longer key will take longer time to process. As well as the resources
that have to allocated will be more too. Hence, the algorithms with longer keys will be slow and
costlier as compared to the algorithm having smaller key size. ECC is therefore can be
considered as the better way to perform cryptography rather than the other forms of
5ELLIPTIC CURVE CRYPTOGRAPHY
cryptographic functions such as RSA. ECC proves to be cheaper and faster and hence does hold
a competitive position in the market to be used as a form of cryptographic function.
cryptographic functions such as RSA. ECC proves to be cheaper and faster and hence does hold
a competitive position in the market to be used as a form of cryptographic function.
6ELLIPTIC CURVE CRYPTOGRAPHY
References
Adsit, C., 2016. Should Elliptic Curve Cryptography Really Be Deprecated?.
Alam, M., Jahan, I., Rosario, L.J. and Jerin, I., 2016. A Comparative Study of RSA and ECC and
Implementation of ECC on Embedded Systems. algorithms, 1, p.2.
Bernstein, D.J., Lange, T. and Niederhagen, R., 2016. Dual EC: A standardized back door. In
The New Codebreakers (pp. 256-281). Springer, Berlin, Heidelberg.
Cheng, C., Lu, R., Petzoldt, A. and Takagi, T., 2017. Securing the Internet of Things in a
quantum world. IEEE Communications Magazine, 55(2), pp.116-120.
Idrissi, H., 2017. Anonymous ECC-Authentication and Intrusion Detection Based on Execution
Tracing for Mobile Agent Security. Wireless Personal Communications, 94(3), pp.1799-1824.
Koblitz, N. and Menezes, A., 2016. A riddle wrapped in an enigma. IEEE Security & Privacy,
14(6), pp.34-42.
Kumar, M., Iqbal, A. and Kumar, P., 2016. A new RGB image encryption algorithm based on
DNA encoding and elliptic curve Diffie–Hellman cryptography. Signal Processing, 125, pp.187-
202.
Mahto, D., Khan, D.A. and Yadav, D.K., 2016, June. Security analysis of elliptic curve
cryptography and RSA. In Proceedings of the World Congress on Engineering (Vol. 1, pp. 419-
422).
References
Adsit, C., 2016. Should Elliptic Curve Cryptography Really Be Deprecated?.
Alam, M., Jahan, I., Rosario, L.J. and Jerin, I., 2016. A Comparative Study of RSA and ECC and
Implementation of ECC on Embedded Systems. algorithms, 1, p.2.
Bernstein, D.J., Lange, T. and Niederhagen, R., 2016. Dual EC: A standardized back door. In
The New Codebreakers (pp. 256-281). Springer, Berlin, Heidelberg.
Cheng, C., Lu, R., Petzoldt, A. and Takagi, T., 2017. Securing the Internet of Things in a
quantum world. IEEE Communications Magazine, 55(2), pp.116-120.
Idrissi, H., 2017. Anonymous ECC-Authentication and Intrusion Detection Based on Execution
Tracing for Mobile Agent Security. Wireless Personal Communications, 94(3), pp.1799-1824.
Koblitz, N. and Menezes, A., 2016. A riddle wrapped in an enigma. IEEE Security & Privacy,
14(6), pp.34-42.
Kumar, M., Iqbal, A. and Kumar, P., 2016. A new RGB image encryption algorithm based on
DNA encoding and elliptic curve Diffie–Hellman cryptography. Signal Processing, 125, pp.187-
202.
Mahto, D., Khan, D.A. and Yadav, D.K., 2016, June. Security analysis of elliptic curve
cryptography and RSA. In Proceedings of the World Congress on Engineering (Vol. 1, pp. 419-
422).
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7ELLIPTIC CURVE CRYPTOGRAPHY
Pan, W., Zheng, F., Zhao, Y., Zhu, W.T. and Jing, J., 2016. An efficient elliptic curve
cryptography signature server with GPU acceleration. IEEE Transactions on Information
Forensics and Security, 12(1), pp.111-122.
Suárez-Albela, M., Fernández-Caramés, T.M., Fraga-Lamas, P. and Castedo, L., 2018, June. A
Practical Performance Comparison of ECC and RSA for Resource-Constrained IoT Devices. In
2018 Global Internet of Things Summit (GIoTS) (pp. 1-6). IEEE.
Pan, W., Zheng, F., Zhao, Y., Zhu, W.T. and Jing, J., 2016. An efficient elliptic curve
cryptography signature server with GPU acceleration. IEEE Transactions on Information
Forensics and Security, 12(1), pp.111-122.
Suárez-Albela, M., Fernández-Caramés, T.M., Fraga-Lamas, P. and Castedo, L., 2018, June. A
Practical Performance Comparison of ECC and RSA for Resource-Constrained IoT Devices. In
2018 Global Internet of Things Summit (GIoTS) (pp. 1-6). IEEE.
1 out of 8
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.