A Study of the ECC, RSA and the DiffieHellman Algorithms in Network Security

(1)

Proceeding of 2018 IEEE International Conference on Current Trends toward Converging Technologies, Coimbatore, India

A Study of the ECC, RSA and the Diffie- Hellman Algorithms in Network Security

Chaitanya Varma

Department of Computer Science and Engineering Manipal Institute of Technology, Manipal Email : [email protected] Abstract—Elliptic curve cryptography (ECC) is

essentially a public key crypto-system similar to RSA with the fundamental difference of faster evolving capacity while yielding a variety of different approaches to the solution of the cryptographic algorithm. RSA furnishes a security level which can be observed in ECCs, but ECCs have the advantage of achieving the same level of security while using simpler keys while providing high level of security at high speeds and low bandwidth. Through this paper, we will present the role of these algorithms in network security and their applications.

Keywords - Public Key Cryptography, Network and Information Security, Cryptanalysis

I. INTRODUCTION

The development of asymmetric cryptography has led to a variety of applications ranging from business to educational use. Asymmetric cryptography has an integral role and advantages as compared to the opportunities provided by symmetric cryptographic protocols like DES or AES.

A. Current Issues in Symmetric Systems

While symmetric systems do offer simplicity in comprehending for a tyro in network security and can provide reasonable security as well, a long-standing question is - What is the safest method for two parties wishing to communicate share their secret key ? This confusing dilemma lacks adequate approaches, leading to the communicating entities to decide on the key prior to exchange of information, which is not safe in cases where the information is highly valuable and may be of use to a third party. Also, this poses a lot of difficulty for the time required to process requests as a large number of users are wishing to exchange data privately. A fully meshed connection consisting of ’x’ parties, resolving dissimilar symmetric keys for all parties shall result in (x*x-1)/2 keys. For example, for a network consisting of 500 entities, it results in a difference between managing 500 key pairs or 125000 key pairs, which is a huge difference with regards to performance.

B. Symmetric versus Asymmetric Cryptography Systems When studying about asymmetric cryptography at a granular level, we see that it depends on a mathematical function, in which the latter step is easier to compute as compared to the inverse step(Fig.1).The most significant advantage afforded here is, with the pullulation of key size the forward step’s difficulty appears to rise not as quickly, whereas, the inverse steps complexity rises in an exponential fashion. This effectively provides tremendous expansion in computational capabilities, but systems are unable to use this. As an illustration, using a computer having 15 times more computation capability in comparison to the fastest system currently, attempting to break through RSA would be futile. Thus security can be established: Taking Moores Law into account which states: resulting from computational improvements, a common computers computational capability become twofold approximately every twenty four months, and then applying keys of appropriate size so that we can obviate the need of replacing the keys every 2 years.

Fig. 1. Variation of difficulty with key length

As shown, the main issues with such systems are sharing and transfer of the private key.This is where asymmetric cryptography proves beneficial and can reduce this quantity to only x key pairs.

(2)

2 II. ELLIPTIC CURVE CRYPTOGRAPHY

Elliptical curve cryptography (ECC) [1] with its tenets on the elliptic curve theory is a general key encryption method for making quicker, shorter,therefore hence more effective keys. Other than usual methods of creating keys as product of very large prime numbers, the generation of keys in ECC are from the nuances of the curve equation.

This idea is employed with numerous key encryption processes, as seen in RSA, along with Diffie Hellman.

Elliptical curve cryptography is now being employed for mobile environments due to its advantage in producing similar secure processes at a reduced computational expense.

A. The Elliptic curve

The elliptic curve is employed to determine the entites of the group and how they are measured in addition to the various operations between the members which defines the rules and properties of the group. Fig. 2 depicts a standard elliptic curve with the plot showing the nature of the elliptic curve across the x axes and the y axes.

Fig. 2. An Elliptic Curve B. Security of Elliptic Curve Cryptography

Security is the vital characteristic of ECC. RSA, DSA and the Diffie-Hellman key change algorithm consist of a lesser amount of computational efficiency compared to elliptic curve cryptosystems [2]. Fig.3 gives estimated similar key lengths for ECC and RSA algorithm. In fig.3, evidence for ECC providing equivalent secure processes as compared to RSA although using shorter key provisions. For each and every level, ECC has reduction in key sizes with RSA or DSA/DH in as shown in the figure. Therefore, ECC is better than both equally RSA or DSA/DH in common processes even though there are similar amounts of security because of smaller key size.

The reason being ECC provides higher efficiency is due to computing overhead. During use, the above personal reductions mean increased data transfer ability, while reduced power usage.

C. Performance of ECC

In today’s day and age, with the increase in availability and reduction in costs of processing power, coupled with the increasing demand for security requirements, ECC is the way to go [3]. With a shorter key offering secure provisions as other asymmetric techniques employing huge keys. The gap between ECC in comparison to others with regards to key length to emulate needed minimum secure provisons is more beneficial as the security needed increases.

Fig.4 depicts the key size strength as the comparison between ECC and RSA with respect to the time in MIPS years required to break the key to the key size.

Fig. 3. Key length Comparison with ECC along with RSA

Fig. 4. Key Length Strength (Suggested by NIST) D. Performance Comparison of ECC, RSA and Diffie- Hellman Algorithms

Fig. 5.A Comparison between ECC and RSA

(3)

3 Fig.5 indicates that ECC is definitely much more efficient

than RSA in all respects other than decryption [6].

While ECC does have its perceived benefits, not being able to comprehend for beginners is a common problem.

Now-a-days, explaining cryptographic schemes to project leads for projects needing to employ cryptography to produce secure projects, it is frequently challenging for a nonprofessional to comprehend using mathematical techniques like ECC and curve equations and their following advantages. The advan-tages of ECC make up for this apparent drawback. At its core, cryptography depends on key lengths to provide a certain degree of protection [5]. A simple approach for understanding messages encrypted with RSA known as the Index Calculus technique which shifts these issue involving producing factors of quantities in addition to prodcuing a quantity of equivalent logarithms to processes concerning these high and large bit-sizes. But on the other hand, ECC has the distinct advantage is due to the provison involving the Index Calculus techique which can just be used with entities with the particular formation with Zn and therefore is unable for be applying in this particular case.

Also as can be seen in Pollard’s rho attack in cryptographic schemes such as ECC, is highly well perceived these days and produces proper results in line with certain elliptic curve groups, but is incapable of producing sub-exponential bounds that can be applied on a wide variety of elliptic curve entities. Moreover, isolation of the explicit entities which can be superficially exposed through perceived attacks can be done easily for checking and it is because of this very reason that greater entity lengths shall be needed to invoke the required similar level security in RSA algorithm which can be inferred from the table in fig.5 which has a comparison of the two schemes.

III.APPLICATIONS OF ELLIPTIC CURVE CRYPTOGRAPHY

A. Blockchain

The widely known crypto currency, Bitcoin, is essentially a distributed entity-to-entity digital form of currency having the provisons for online amounts of currency to be transferred explicitly originating from one entity to a different entity obviating the requirement to travel under the supervision of a finance association. Therefore, this Bitcoin block chain essentially results in a ledger of each and every transaction that has been completed. Each entity as a part of the ledger has a SHA-256 hash of the preceeding block, resulting in a chain formation of the respective entities simultaneously beginning from the aptly named phrase, the genesis block. Thereofre, in blockchain, an Elliptic Curve Digital Signature Algorithm private key has the function of serving as the respective blockchain account.

Elliptic Curve Digital Signature Algorithm (ECDSA):

Elliptic Curve Digital Signature Algorithm Key Prodcution [4] : The following 3 steps result in the key production: 1. Choice of a arbitrary integer f [2, m 2] 2.

Calculation of X = f.Y 3. Therefore the resulting public and hence private keys of the user A are (E, Y, m, X) and f as seen. Elliptic Curve Digital Signature Algorithm Signature Gen-eration: The following three steps result in the signature generation : 1. Choice of arbitrary integer a [2, m 2] 2. Calculate a.d = (x1, y1) and j = x1 mod m. If x1 GF (2a), and it can be taken for granted that x1 is in a form of a binary numeral. If j = 0 proceed to step 1 3.

Calculate a1 mod m 4. Calculate k = a1(H(m) dr) mod m.

In this case, H is the part of the secure hash algorithm SHA. If k = 0, proceed to step 1. 5. The signature for this particular message m results in the pair of integers (j, k) Elliptic Curve Digital Signature Algorithm Signature Gen-eration Signature Verification : The user User2 verifies User1s signature (r, s) with respective message m through application of the subsequent steps: 1. Calculate z

= s1 mod n and H(m) 2. Calculate u1 = H(m)z mod n and u2 = rz mod n 3. Calculate u1.P + u2.Q = (x0, y0) and v = x0 mod n 4. Proceed to agree to the signature if v = r B. Secure Shell (SSH)

ECC has three distinct uses for application to the SSH protocols.Taking the example of SSH-2, equivalent keys can be calculated through the Diffie-Hellman key exchanging algorithm. A host key is provided to each and every server that has the facility to let the server authenticate with the respective client and this can be achieved by sending of its host key to the client during the key exchange, and the user checks for the respective fingerprint whether it has a match with the respective stored value. Then the server shall authenticate itself through production of a signature of the transcript that shall note the key exchanges and the key produced can be an Elliptic Curve Digital Signature Algorithm public key.

Finally, the respective client could employ the Elliptic Curve Digital Signature Algorithm public keys to authenticate the other clients.

C. Transport Layer Security (TLS)

Elliptic curves can be used in various applications for usage of the TLS protocol. All of the checksum packages specified in the RFC 4492 employ the usage of the Diffie- Hellman key exchange which is based on the elliptic curve. The ECDH keys are of two distinct types - either a long-term type,in which case different key exchanges can be reused, or short-lived -where each and every key exchange results in the generation of new keys. A public key is also contained in TLS certificates which the server uses to authenticate itself.

(4)

4 IV. CONCLUSION

Although ECC can pose moderate difficultly for beginners to fathom, it nevertheless is a significant tool with much power for expansion in the years to come.

With lesser bits being used to provide essentially similar levels of security features, ECC has been viewed favourably when it comes to comparison to either of the algorithms - RSA or Diffie-Hellman as we have shown.

We have also explored the elliptic curve cryptography and its most useful applications in the industry through examination of its ubiquity in Bitcoin, Secure Shell along with Transport Layer Security. Due to its advantages over similar algorithms, it can certainly provide high security at low costs for cryptographic usage.

REFERENCES

[1]. Abhishek Parakh, Oblivious Transfer using Elliptic CurvesDepartment of Electrical and Computer Engineering,2006,Proceedings of the 15th International Conferences on Computing

[2]. Eugen Petac About a method for Distribution keys of a computer network using elliptic curves Department of mathematics and Computer Science,1997

[3]. ”Elliptic Curve Cryptography in Practice” Joppe W. Bos, J. Alex Hal-derman,Nadia Heninger , Jonathan Moore, Michael Naehrig, and Eric Wustrow

[4]. ”Research Issues on Elliptic Curve Cryptography and Its applications ” Dr.R.Shanmugalakshmi and M.Prabu [5]. ”Prospective Utilization of Elliptic Curve Cryptography

for Security: Authentication, Encryption and Decryption” Shabnoor Qureshi, Prof. Somesh Dewangan [6]. ”Performance Based Comparison Study of RSA and Elliptic Curve Cryptography ” Rounak Sinha, Hemant Kumar Srivastava, Sumita Gupta