Information Technology Reference
In-Depth Information
INTRODUCTION TO ELLIPTIC
CURVE CRYPTOGRAPHY AND
IDENTITY-BASED ENCRYPTION
ECC and traditional public-key algorithms such
as RSA/DSA. This table shows that ECC can
provide an equivalent cryptanalysis complexity
as RSA but with considerably smaller key sizes.
A typical ECC encryption algorithm consists
of 3 main phases:
The Key Generation Phase: This phase is ex-
ecuted by the communicating entity or a trusted
third party and results in the generation of the
respective entity's public/private key pair. The
steps of this phase are as follows:
Elliptic curve cryptosystems (ECC) and identity-
based encryption (IBE) schemes have received
considerable attention in the field of designing
cryptographic protocols for securing wireless
sensor networks (WSNs) in general and BSNs in
particular. This is totally justifiable due to the as-
sortment of security features and advantages these
cryptographic systems and techniques provide on
limited-resource WSNs.
In this section we provide a brief introduction
to ECC and IBE concepts and features. This in-
troduction will lay the ground for understanding
the different BSN security protocols presented
in subsequent sections. The interested reader
may respectively refer to (Hankerson, Vanstone,
&Menezes, 2004; Boneh & Franklin, 2001) for
a comprehensive discussion on ECC and IBE
protocols and implementations.
ECC is a public-key cryptosystem similar
to ElGamal (ElGamal, 1985) and RSA (Rivest,
Shamir, & Adleman, 1978). It was proposed by
Miller and Kolblitz in 1985 and recently standard-
ized by NIST and IEEE. The arithmetic operations
in ECC, such as additions and multiplications, are
performed based on the algebraic properties of el-
liptic curves over the
GF(p)
or
GF(2
n
)
finite fields
(Stallings, 2003) (
p
is a big prime number and
n
is
the degree of the polynomial whose coefficients
are in
GF(2)
). What makes ECC an attractive
alternative to traditional public-key cryptosystems
for operation on mobile and wireless computing
devices is that it provides the same security levels
but with smaller-size key parameters. This results
in faster cryptographic data processing, enhanced
memory utilization, efficient power and energy
consumption, and higher bandwidth savings. All
these properties make ECC a suitable choice for
operation in limited BSN environments. Table
1 presents a comparison between the key sizes
needed to provide comparable security levels in
1. An elliptic curve structure is selected over
GF(p)
or
GF(2
n
)
.
2. A point
X
with coordinates
(a
1
, b
1
)
is chosen
on the elliptic curve.
3. The entity's private key
K
is selected and
used to calculate the point
Y
with coordinates
(a
2
, b
2
)
according to the following equations:
Y(a
2
, b
2
) = K ×X(a
1
, b
1
)
. The multiplication
operation is implemented by
K
additions
of the point
X(a
1
, b
1
)
. The details of point
addition on elliptic curves are presented
extensively in to (Hankerson, Vanstone, &
Menezes, 2004).
4. The elliptic curve structure together with the
points
X
and
Y
represent the entity's public
key. The key
K
selected in step 3 represents
the entity's private key.
The Encryption Phase: In this phase a com-
municating entity
A
constructs an encrypted mes-
sage to another entity
B
with known public key
Table 1. ECC versus RSA/DSA key sizes (Certi-
com, 1997)
ECC Key Size (bits)
RSA/DSA Key Size (bits)
112
512
160
1024
224
2048
256
3072
384
7680
512
15360
Search WWH ::
Custom Search