PricingBlogAbout Us

A Discussion on the Security and Future of Elliptic Curve Cryptography

Verified

Added on  2022/11/10

|8
|1366
|283
Discussion Board Post
AI Summary
This discussion examines the security and future of Elliptic Curve Cryptography (ECC), particularly in light of the NSA's decision to move away from the Suite B cryptography standard due to concerns about quantum computing. It delves into the debate surrounding potential backdoors in ECC random number generators, the algorithm's vulnerabilities, and the reasons for its continued use despite these concerns. The discussion also covers key sizes of ECC and RSA in AES, market implementations of ECC, and the competitive position of ECC in public key infrastructure, highlighting its advantages in terms of key size and processing speed compared to RSA. The analysis references expert opinions and research to provide a comprehensive overview of ECC's current standing and future prospects. Desklib provides a range of study tools and solved assignments for students.
Document Page
Running head: ELLIPTIC CURVE CRYPTOGRAPHY
ELLIPTIC CURVE CRYPTOGRAPHY
Name of the Student
Name of the University
Author Note
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
1ELLIPTIC CURVE CRYPTOGRAPHY
Table of Contents
Section A.........................................................................................................................................2
How secure is Elliptic Curve Cryptography (ECC)?...................................................................2
Why to use ECC after it got compromised by NSA?..................................................................2
If ECC to be used then why?.......................................................................................................2
Reason for NSA giving up on ECC.............................................................................................3
Section B..........................................................................................................................................3
Key sizes of ECC and RSA in AES – 128, 192, 256...................................................................3
Market Implementation of ECC..................................................................................................3
ECC over RSA.............................................................................................................................4
Does ECC hold a competitive position?......................................................................................4
References........................................................................................................................................5
Document Page
2ELLIPTIC CURVE CRYPTOGRAPHY
Section A
How secure is Elliptic Curve Cryptography (ECC)?
There have been several researches that tried to reveal the possibility of backdoors in the
ECC random number generators, but the algorithm can be considered as secure in a fair priority.
Several vulnerabilities are found to be existing that could bypass the security system of ECC
algorithm, however, mitigation processes are available also. Besides, many attacks are not
widely spread even such as Quantum attacks (Cheng et al. 2017). However, the security cannot
be proved worthy until the algorithm is dropped into the reality from the papers. Large
organisations with teams failed to achieve the proposed goal and hence it is important to have its
implementation properly.
Why to use ECC after it got compromised by NSA?
The primary backdoor that was found for ECC, the Dual EC DRGB, was in fact debated
about it being a weakness or not. Some does not consider it as a backdoor or a weakness at all
(Bernstein, Lange and Niederhagen 2016). They consider as a faulty consideration of the
constant keys. However, use of ECC should be done as there is no such form of documentation
for the algorithm having a backdoor. Hence, usage of it should be done so as to implement ECC
in a proper form and find out the possible threats in reality.
If ECC to be used then why?
As mentioned in the above segment that there is no documented backdoor for the ECC
algorithm, hence it will be impossible to have the threats found out for a particular algorithm. It
will be risky enough to implement an algorithm without knowing its possible threats. However,

You're viewing a preview

Unlock full access by subscribing today!

Document Page
3ELLIPTIC CURVE CRYPTOGRAPHY
after proper test implementations the algorithm can be used due to complex nature of security
(Idrissi 2017).
Reason for NSA giving up on ECC
From a personal point of view, it can be said that the primary reason behind NSA giving
up on Elliptic Curve Cryptography could be the instance that what they found as a backdoor for
the ECC is not documented by them (Koblitz and Menezes 2016). Although they injected
backdoor, but according to many researchers it is debated over the fact that whether the injection
of the backdoor was done in a fabricated manner or not. Else, there was a deliberate
consideration that made the backdoor possible to be injected (Adsit 2016).
Section B
Key sizes of ECC and RSA in AES – 128, 192, 256
AES ECC Key size RSA Key Size
128 256 3072
192 384 7680
256 521 15360
(The data that are represented above are the NIST recommended key sizes)
(Source: Suárez-Albela et al. 2018)
Market Implementation of ECC
Due to small key size of ECC, its implementation is encouraged by many researchers.
Researches revealed that the successful application of ECC has been done over the following
areas:
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
4ELLIPTIC CURVE CRYPTOGRAPHY
Elliptic Curve Diffie-Hellman (ECDH) key exchange (Kumar, Iqbal and Kumar 2016)
Elliptic Curve Menezes-Qu-Vanstone (ECMQV) key exchange
Elliptic Curve Digital Signature Algorithm (ECDSA) (Pan et al. 2016)
Other implementations are also found to be there that are hardware oriented. Such as ECC with
FPGA, ECC with the Digital Signal Processors (DSP).
ECC over RSA
The basic parameter on which the performance gain could be measured is the size of the
keys that is available for ECC. Such as 256 bit key of ECC is equivalent as a 3072 bit RSA key
(Mahto, Khan and Yadav 2016). Hence, based on the key size only the performance gain could
be measured. Other than that there are no such significant changes that has been identified with
the use of ECC.
Does ECC hold a competitive position?
ECC does hold a suitable position due to significant small size of the key. In the
infrastructure of the public key, ECC holds a competitive position. The public keys are generally
dealt with the RSA algorithm, which takes longer time to process whereas, ECC algorithm will
be cheap as well as faster as compared to the RSA algorithm in the public key infrastructure
(Alam et al. 2016). The basic difference could be noticed in the key sizes of the two algorithms.
It is certain that one with longer key will take longer time to process. As well as the resources
that have to allocated will be more too. Hence, the algorithms with longer keys will be slow and
costlier as compared to the algorithm having smaller key size. ECC is therefore can be
considered as the better way to perform cryptography rather than the other forms of
Document Page
5ELLIPTIC CURVE CRYPTOGRAPHY
cryptographic functions such as RSA. ECC proves to be cheaper and faster and hence does hold
a competitive position in the market to be used as a form of cryptographic function.

You're viewing a preview

Unlock full access by subscribing today!

Document Page
6ELLIPTIC CURVE CRYPTOGRAPHY
References
Adsit, C., 2016. Should Elliptic Curve Cryptography Really Be Deprecated?.
Alam, M., Jahan, I., Rosario, L.J. and Jerin, I., 2016. A Comparative Study of RSA and ECC and
Implementation of ECC on Embedded Systems. algorithms, 1, p.2.
Bernstein, D.J., Lange, T. and Niederhagen, R., 2016. Dual EC: A standardized back door. In
The New Codebreakers (pp. 256-281). Springer, Berlin, Heidelberg.
Cheng, C., Lu, R., Petzoldt, A. and Takagi, T., 2017. Securing the Internet of Things in a
quantum world. IEEE Communications Magazine, 55(2), pp.116-120.
Idrissi, H., 2017. Anonymous ECC-Authentication and Intrusion Detection Based on Execution
Tracing for Mobile Agent Security. Wireless Personal Communications, 94(3), pp.1799-1824.
Koblitz, N. and Menezes, A., 2016. A riddle wrapped in an enigma. IEEE Security & Privacy,
14(6), pp.34-42.
Kumar, M., Iqbal, A. and Kumar, P., 2016. A new RGB image encryption algorithm based on
DNA encoding and elliptic curve Diffie–Hellman cryptography. Signal Processing, 125, pp.187-
202.
Mahto, D., Khan, D.A. and Yadav, D.K., 2016, June. Security analysis of elliptic curve
cryptography and RSA. In Proceedings of the World Congress on Engineering (Vol. 1, pp. 419-
422).
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
7ELLIPTIC CURVE CRYPTOGRAPHY
Pan, W., Zheng, F., Zhao, Y., Zhu, W.T. and Jing, J., 2016. An efficient elliptic curve
cryptography signature server with GPU acceleration. IEEE Transactions on Information
Forensics and Security, 12(1), pp.111-122.
Suárez-Albela, M., Fernández-Caramés, T.M., Fraga-Lamas, P. and Castedo, L., 2018, June. A
Practical Performance Comparison of ECC and RSA for Resource-Constrained IoT Devices. In
2018 Global Internet of Things Summit (GIoTS) (pp. 1-6). IEEE.
chevron_up_icon
1 out of 8
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

© 2024   |   Zucol Services PVT LTD   |   All rights reserved.