efficient mapping methods for elliptic curve ...

O. Srinivasa Rao et. al. / International Journal of Engineering Science and Technology Vol. 2(8), 2010, 3651-3656

EFFICIENT MAPPING METHODS FOR ELLIPTIC CURVE CRYPTOSYSTEMS O.SRINIVASA RAO Dept. of CSE, JNTUK University College of Engineering, Vizianagaram, Andhra Pradesh, India – 535 003 [email protected]

Prof. S. Pallam Setty Dept. of CS&SE, Andhra University College of Engineering, Visakhapatnam, Andhra Pradesh, India – 530 003 [email protected]

Abstract : The generic name for collection of tools designed to protect data and thwart hackers is Computer Security. The major change that affected security was the introduction of distributed systems and the use of networks and communication facilities for carrying data between terminal user and computer and computer and computer. Network security measures are needed to protect data transmission. Suppose that we had a way of masking the contents of messages or other information traffic so that an attacker, even if he or she captured the message, would be unable to extract the information from the message. The common technique for doing masking is encryption. The encryption is done by using Symmetric key or public key Algorithms. The most commonly used public key algorithms are 1. Rivest Shamir Adelman(RSA) and 2 Elliptic Curve cryptography In this paper two different mapping methods of the alphanumeric characters on to the x-y co ordinate of the Elliptic curve defined over a finite field Zp is proposed. The methods are 1) Static (One-to-One) Mapping Method and 2) Dynamic (One-to-N) Mapping Method. Dynamic mapping method will increase the strength of the Elliptic Cryptosystem. The Results have been attached. The hardness of the elliptic curve discrete logarithm problem (ECDLP) is crucial for the security of elliptic curve cryptographic schemes. This report describes the state-of-the-art in mapping the alphanumerical characters on to the x-y coordinates of the elliptic curve points. Keywords: Elliptic curve cryptography; Discrete logarithm problem; mapping. 1. Introduction In 1985, Neal Koblitz [13] and Victor Miller [14] independently proposed using the group of points on an elliptic curve defined over a finite field in discrete logarithm cryptographic systems .The primary advantage that elliptic curve systems have over systems based on the multiplicative group of a finite field (and also over systems based on the intractability of integer factorization) is the absence of a sub exponential-time algorithm (such as those of “index-calculus” type) that could find discrete logarithms in these groups. Consequently, one can use an elliptic curve group that is smaller in size while maintaining the same level of security. The result is smaller key sizes, bandwidth savings, and faster implementations—features that are especially attractive for security applications where computational power and integrated circuit space is limited, such as smart cards, personal digital assistants, and wireless devices. Elliptic curve cryptographic protocols for digital signatures, public-key encryption, and key establishment have been standardized by numerous standards organizations including:  American National Standards Institute (ANSI X9.62 [2], ANSI X9.63 [8])  Institute of Electrical and Electronics Engineers (IEEE 1363-2000 [11])  International Standards Organization (ISO/IEC 15946-3 [10])  U.S. government’s National Institute for Standards and Technology (FIPS 186-2 [16])  Internet Engineering Task Force (IETF PKIX [7], IETF OAKLEY [12])  Standards for Efficient Cryptography Group (SECG [15]) The vast majority of the products and standards that use public-key cryptography for encryption and digital signatures use RSA[1]. As we have seen, the bit length for secure RSA use has increased over recent years, and this has put a heavier processing load on applications using RSA. This burden has ramifications, especially for

ISSN: 0975-5462

3651

O. Srinivasa Rao et. al. / International Journal of Engineering Science and Technology Vol. 2(8), 2010, 3651-3656 electronic commerce sites that conduct large numbers of secure transactions. Recently, a competing system that has emerged is elliptic curve cryptosystem (ECC)[8,9]. 2. Cryptography with Elliptic Curves The principal attraction of ECC compared to RSA is that it offers equal security for a far smaller key size, thereby reducing processing overhead. The addition operation in ECC is the counterpart of modular multiplication in RSA, and multiple additions are the counterpart of modular exponentiation. To form a cryptographic system using elliptic curves, we need to find a “hard problem”. All systems rely on the difficulty of a mathematical problem for their security [6]. To explain the concept of difficult mathematical problem, the notion of an algorithm is required. To analyze how long an algorithm takes, computer scientists introduced the idea of polynomial time algorithms and exponential time algorithms. An algorithm runs quickly if it is polynomial time algorithm, and slowly if it is exponential time algorithm. Therefore, easy problems equate with polynomial time algorithms, and difficult problems equate with exponential time algorithms. When looking for a mathematical problem on which to base a public key cryptographic system, cryptographers search for a problem for which the fastest algorithm takes exponential time. The longer it takes to compute the best algorithm for a problem, the more secure a public key cryptosystem based on that problem will be. Three types of systems [2] are considered secure and efficient: the Integer Factorization Systems (RSA), the Discrete Logarithm systems (DSA)[5], and the Elliptic Curve System (Elliptic Curve Discrete Logarithm System)[3,4]. In RSA, given an integer n which is the product of two large primes p and q such that n = pxq. 1. It is easy to calculate n given p and q but it is difficult to determine p and q given n for large values of n. The U.S. government’s Digital Signature Algorithm (DSA) is based on discrete logarithm problem modulo a prime p. Given an integer g between 0 & p-1, and y which is the result of exponentiation of g, we have y=gx (mod p) for some x. 2. The discrete logarithm problem modulo p is to determine the integer x for a given pair g and y. The Elliptic Curve Cryptosystem (ECC), where security rests on the discrete logarithm problem over the points on the elliptic curve. The main attraction of ECC over RSA and DSA is that the best known algorithm for solving the underlying hard mathematical problem in ECC (the elliptic curve discrete logarithm problem (ECDLP) takes full exponential time. RSA and DSA take sub-exponential time. This means that significantly smaller parameters can be used in ECC than in other systems such as RSA and DSA, but with equivalent levels of security. A typical example of the size in bits of the keys used in different public key systems, with a comparable level of security (against known attacks), is that a 160-bit ECC key is equivalent to RSA and DSA with a modulus of 1024 bits. The lack of a subexponential attack on ECC offers potential reductions in processing power and memory size. These advantages are especially important in applications on constrained devices. In practical terms, the performance of ECC depends mainly on the efficiency of finite field computations and fast algorithms for elliptic scalar multiplications. In addition to the numerous known algorithms for these computations, the performance of ECC can be increased by selecting particular underlying finite fields and/or elliptic curves. For ECC, we are concerned with a restricted form of elliptic curve that is defined over a finite field. Of particular interest for cryptography is what is referred to as the elliptic group mod p, where p is a prime number. This is defined as follows. Choose two nonnegative integers, a and b, less than p that satisfy: 4a3 + 27 b2 (mod p) ≠ 0 3. Then Ep(a, b) denotes the elliptic group mod p whose elements (x, y) are pairs of nonnegative integers less than p satisfying: y2mod p = (x3 + ax + b )mod p 4. Together with the point at infinity O. The elliptic curve discrete logarithm problem can be stated as follows. Fix a prime p and an elliptic curve Q= xP 5. Where xP represents the point P on elliptic curve added to it x times. Then the elliptic curve discrete logarithm problem is to determine x given P and Q. It is relatively easy to calculate Q given x and P, but it is very hard to determine x given Q and P

ISSN: 0975-5462

3652

O. Srinivasa Rao et. al. / International Journal of Engineering Science and Technology Vol. 2(8), 2010, 3651-3656 3. Elliptic Curves over Zp: For elliptic curves over Zp, we use a cubic equation in which the variables and coefficients all take on values in the set of integers from 0 through p-1, for some prime number p, and in which calculations are performed modulo p. y2 mod p = ( x3 + ax + b)mod p For the given a=1,b=1,and p=79,the points of the elliptic curve are (0,1),(0,78),(2,13)(2,66)(3,30)(3,49)(5,17)(5,62)(6,12)(6,67)(11,0)(14,28)(14,51)(15,28)(15,51)(16,20)(16,59) (18,20)(18,59)(20,11)(20,68)(21,35)(21,44)(23,5)(23,74)(25,3)(25,76)(26,12)(26,67)(27,35)(27,44)(28,16) (28,63)(29,18)(29,61)(30,31)(30,48)(31,35)(31,44)(43,36)(43,43)(44,38)(44,31)(46,22)(46,57)(51,29)(51,50) (53,20)(53,59)(56,0)(59,33)(59,46)(60,16)(60,63)(61,39)(61,40)(64,12)(64,67)(65,12)(65,67)(70,12)(70,67) (71,21)(71,58)(78,0) The above points can be mapped to the alpha-numerical characters in two ways which are defined in 5.1and 5.2 4. ECC Encryption and Decryption Several approaches to encryption/ decryption using elliptic curves have been analyzed. This paper describes one of them. The first task in this system is to encode the plaintext message m to be sent as an x-y point Pm. It is the point Pm that will be encrypted as a cipher text and subsequently decrypted. Note that we cannot simply encode the message as the x or y coordinate of a point, because not all such coordinates are in Ep(a, b). There are approaches to encoding. We developed a scheme that will be reported elsewhere. As with the key exchange system, an encryption/decryption system requires a point G and an elliptic group Ep(a, b) as parameters. Each user A selects a private key nA and generates a public key PA = nA x G. To encrypt and send a message Pm to B, A chooses a random positive integer x and produces the cipher text Cm consisting to the pair of points [7] Cm = {xG, Pm + xPB} Note that A has used B’s public key PB. To decrypt the cipher text, B multiplies the first point in the pair by B’s secret key and subtracts the result from the second point: Pm + xPB – nB(xG) = Pm + x(nBG) – nB(xG) = Pm A has masked the message Pm by adding xPB to it. Nobody but A knows the value of x, so even though PB is a public key, nobody can remove the mask xPB. However, A also includes a “clue,” which is enough to remove the mask if one knows the private key nB. For an attacker to recover the message, the attacker would have to compute x for given G and xG, which is hard. This is known as discrete logarithmic problem. 5. Mapping Methodology The alphanumeric characters are mapped on to the points of the elliptic curve in the following methods. 5.1. Static (one-to-one) Mapping Method From the cubic equation of Elliptic curve, for each given value of x, there are two values for y. One of these values of y and corresponding x will be used to map the any alphanumeric character. Like this, all numeric characters are mapped on to the different the x coordinates and their corresponding y coordinates of the given curve. Once the mapping of the all-alphanumeric characters onto the curve is completed, these points are encoded by using Elliptic curve Encryption techniques, which are transmitted through an insecure channel. The message is retrieved from the encoded data by using the Elliptic Curve decryption technique. Results of this mapping method is shown in Table1 and Table2 for the given two different strings 'JNTUVIZIANAGARAM' and 'JNTUANANTHPUR' and their graphical representation is shown in Fig.1 and Fig.2.The common letters J,N,T,U and A are mapped onto the same x-y coordinates of the curve and the encrypted points are also same as being transmitted through an insecure channel.

ISSN: 0975-5462

3653

O. Srinivasa Rao et. al. / International Journal of Engineering Science and Technology Vol. 2(8), 2010, 3651-3656 Table1

Table2

Fig. 1

Fig. 2

The main advantage of this mapping methodology is simple. But the disadvantage is that the same alphanumeric characters from the different words are always mapped onto the same x-y coordinates of the elliptic curve points. When these points are encrypted, again these encrypted points are also the same, which are being transmitted through the insecure channel. So, an intruder can easily interpret data with a trial and error method. Since the alpha numeric characters are mapped on to the curve on basis of one-to-one, it is also easy for him to guess which character is mapped to which coordinate of the curve. Therefore secrecy of data transmission by using this methodology is very low. 5.2. Dynamic (One-to-N) Mapping Methods In this method, alphanumerical characters are mapped on to the points of the Elliptic curve dynamically. For every transmission of the message from source to destination, the alpha-numeric characters mapping mechanism changed dynamically.

ISSN: 0975-5462

3654

O. Srinivasa Rao et. al. / International Journal of Engineering Science and Technology Vol. 2(8), 2010, 3651-3656 For the given string ‘JNTUVIZIANAGARAM’ the mapping, encrypted, decrypted points for three successive transmissions shown in the following table3 and the graphically representation of the above transmission are shown Fig.3 below. From the below table we observe that for the every transmission of the message the mapping, encrypted, decrypted points are different. For an intruder it would be very difficult to guess on which points the alpha-numeric characters are mapped. Further, it is also difficult to guess which particular character is mapped to which point on the Elliptic Curve. It is thus concluded that dynamic mapping method can strengthens the elliptic curve cryptosystem. Table 3

Fig 3

Conclusion Security is needed to protect data during their transmission, as there are many people hiding in the cyber space who have the inclination skills to steal from both individuals and corporations. Alphanumeric characters are mapped onto the points of the elliptic curve in two different ways. i.e., static and dynamic mapping. From the above observations, the dynamic mapping strengthens the cryptosystem, i.e., for an intruder it would be very difficult to guess on which points the alpha-numeric characters are mapped. Further, it is also difficult to guess which particular character is mapped to which point on the Elliptic Curve. It is thus concluded that dynamic mapping method can strengthens the elliptic curve cryptosystem. References [1] R.L. Rivest, A. Shamir, and L.M. Adleman, Method for Obtaining Digital Signatures and Public-key Cryptosystems “, Communications of the ACM,Volume 21, pages 120-126, February 1978. [2] Certicom Corp., “ An Introduction to Information Security”, Number 1, March 1997. [3] N. Koblitz, “ Elliptic Curve Cryptosystems “, Mathematics of Computation., Number 48,pages 203-209,1987. [4]Erden,S.S.,Yanik,T.Kog,G.K.:Fast finite Field multiplication In:C.K.Kog(ed).Cryptographic Engineering chapter 5.Springer(2009) [5]Longa.P.,Miri.A.: New Composite operations and pre computations scheme for Elliptic curve crypto systems over primr Fields.In:PKC 208.LNCS Vol 4930,pp-229-247,Springer,Heidelber(2008)

ISSN: 0975-5462

3655

O. Srinivasa Rao et. al. / International Journal of Engineering Science and Technology Vol. 2(8), 2010, 3651-3656 [6] J. Lopez and R. Dahab, “ An Overview of Elliptic Curve Cryptography”, Relatorio Tecnico IC-00-10,May 2000. [7] W. Stallings,“ Cryptography and Network Security”, Prentice Hall, Second Edition,1998. [8] ANSI X9.63, Public Key Cryptography for the Financial Services Industry: Elliptic CurveKey Agreement and Key Transport Protocols, ballot version, May 2001. [9] S. Arita, “Weil descent of elliptic curves over finite fields of characteristic three”, Advances in Cryptology–Asiacrypt 2000, Lecture Notes in Computer Science, 1976 (2000),Springer-Verlag, 248-259. [10] ISO/IEC 15946-3, Information Technology–Security Techniques–Cryptographic TechniquesBased on Elliptic Curves, Part 3, Final Draft International Standard (FDIS), February 2001 [11] Internet Engineering Task Force, The OAKLEY Key Determination Protocol, IETF RFC 2412, November 1998. [12] M. Jacobson, N. Koblitz, J. Silverman, A. Stein and E. Teske, “Analysis of the xedni calculus attack”, Designs, Codes and Cryptography, 20 (2000), 41-64. [13] N. Koblitz, “Elliptic curve cryptosystems”, Mathematics of Computation, 48 (1987), 203-209. [14] V. Miller, “Uses of elliptic curves in cryptography”, Advances in Cryptology–Crypto ’85,Lecture Notes in Computer Science, 218 (1986), Springer-Verlag, 417-426. [15] Standards for Efficient Cryptography Group, SEC 1: Elliptic Curve Cryptography, version1.0, 2000. Available at http://www.secg.org [16] National Institute of Standards and Technology, Digital Signature Standard, FIPS Publication186-2, 2000.

ISSN: 0975-5462

3656