Cryptography Reference
In-Depth Information
ECC security parameters. Any library should support elliptic curve parameters recom-
mended by NIST and SECG.
Versatility : A large set of available library functions should provide many possibilities
for writing ECC-based programs. The parameters should be flexibly configured, and
the code easily integrated into WSN applications to provide the building blocks for
standard ECC schemes (e.g., ECDSA, ECDH) and more advanced IBC protocols.
9.4 ECC Security Parameters
In general, the overall security of the system is dependent on multiple ECC parameters
(Paar 1999; Hankerson et al. 2000). Although key sizes have been an important factor,
there are other parameters that influence the security of the system—for instance, the
elliptic curve selected for cryptography, an appropriate finite field, and the right base
point. In addition, the representation used for the field elements, order of the finite
field, curve coefficients in the finite field that define the equation of the elliptic curve,
two field elements in finite field that define a finite point, the order of the base point,
and the finite field play crucial roles in elliptic curve cryptographic systems. The num-
ber of elements in the finite field ( #E ( K )) (Section 3.5.2) is an important factor to avoid
Pollard's attack and Pohlig-Hellman attack on ECDLP (Pollard 1978; Pohlig and
Hellman 1978). To avoid these attacks, # E ( K ) should be divisible by a sufficiently large
prime p . Additionally, choosing the proper elliptic curve (in cases in which the finite
field is fixed) helps improve the security of the elliptic curve cryptographic system. For
instance, the maximum resistance to Pollard's attack can be achieved by selecting
elliptic curve E such that #E ( K ) is prime or near prime. Furthermore, #E ( K ) should
not be equal to the order of the finite field to avoid any kind of isomorphic attacks.
Isomorphic attacks reduce ECDLP to a Discrete Log Problem in groups for which
subexponential time algorithms are known. It is presumed that for the special classes
of elliptic curves, isomorphic attacks are faster than Pollard's attack. However, select-
ing elliptic curves at random can help prevent such attacks, provided the condition in
which #E ( K ) is divisible by a large prime p is still met.
9.5 The Platform
An adequate understanding of hardware limitations and capabilities is crucial to imple-
ment security. Generally, the level of security achieved is directly proportional to the
processing power required. However, processing power together with memory is usu-
ally very limited on sensor devices. The processing time needed for cryptographic cal-
culations should be short due to the short battery lifetime. When comparing security
with usability, a sensor network would fail if it offers a high level of security but at the
same time depletes all of the node's energy in the matter of few hours. Hence, WSN
nodes require a lightweight cryptosystem.
Search WWH ::




Custom Search