A New Secure and Efficient Elliptic. Curve Cryptosystem

Transcription

1 Applied Mathematical Sciences, Vol. 6, 2012, no. 112, A New Secure and Efficient Elliptic Curve Cryptosystem E. S. Ismail School of Mathematical Sciences, Faculty of Science and Technology Universiti Kebangsaan Malaysia, UKM Bangi, Selangor, Malaysia esbi@ukm.my E. Sakib Institute of Engineering Mathematics Universiti Malaysia Perlis, Kuala Perlis, Perlis, Malaysia elyana@unimap.edu.my Abstract The design of new elliptic curve cryptosystem is still an interest to community of cryptographers. In this article, we propose a new secure and efficient elliptic curve cryptosystem. The scheme requires a single public and private keys and needs 59 and 30 for encryption and decryption algorithm respectively. The communication costs is given by 2. The estimated computational speed for the encryption is 49.35% and for the decryption is 97.07%. Mathematics Subject Classification: 94A60 Keywords: Cryptography; Cryptosystem; Elliptic curve cryptosystem; Elliptic curve discrete logarithm problem 1 Introduction Most of the developed cryptographic systems [1-2, 4, 11, 16-17] are based on two famous number-theoretic problems namely factoring [11] or discrete logarithms [16]. Although these schemes are secure but they are very slow and

2 5574 E. S. Ismail and E. Sakib inefficient. To overcome this problem, an alternative problem called elliptic curve discrete logarithms is introduced [10, 18]. Owing to the fact that this problem provides the scheme with smaller key size and faster computation, such schemes therefore been developed and rapidly gained popularity [5-8, 14-15, 20]. For more details on theory of elliptic curve, one may refer to [3, 9, 12, 19]. Our new scheme requires a single public and private keys and needs 59 and 30 for encryption and decryption algorithm respectively. The communication costs is given by 2. The estimated computational speed for the encryption is 49.35% and for the decryption is 97.07%. 2 A new elliptic curve cryptosystem We will review our new cryptosystem based on elliptic curve discrete logarithm problem (ECDLP). The implementation of the developed scheme involves the system initialization phase, the key generation phase, the encryption phase and the decryption phase, as follows. 2.1 System initialization phase In the system initialization phase, the following commonly required parameters over the elliptic curve domain are generated to initialize the scheme. a) A field size, where either in case that is an odd prime (the common practice), or 2 in case that is a prime power. b) Two parameters, to define the elliptic curve equation over : mod in case that 3, where mod. should be divisible by a large prime number with regard to the security issue raised by Pohlig and Hellman [13]. c) A finite point whose order is a large prime number in, where ( denotes the point at infinity) such that the order of is. 2.2 Key generation phase In key generation phase, the sender generates his public key, as follows. a) Randomly select an integer from the interval 1, 1 as the secret key. b) Compute the corresponding public key to, as follows.,. 2.3 Encryption generation phase Sender encrypts the message, by executing the following steps: a) Randomly select a number from 1, 1. b) Compute, and over. c) Convert the message to and solve mod for. d) Send,, to the receiver. 2.4 Decryption generation phase The receiver recovers the original message, as follows. a) Compute following,.

3 A new secure and efficient elliptic curve cryptosystem 5575 b) Determine following mod. c) Accept the value as the original message if and only if. 3 Security analysis and performance evaluation 3.1 Correctness The correctness of the scheme is shown as below: Theorem 1. If the above encryption generation runs smoothly, then the receiver can recover the original message,. Proof: Upon receiving the encrypted message,,, the receiver obtains from the first component of a number derived as follows;,. Using the public data and, the verifier recovers the original message by. 3.2 Security considerations The difficulties associated with the attacks are based on the solution of the elliptic curve discrete logarithm problem (ECDLP), and the security resulted from such problems is still sufficient under that reasonable computational complexity. Some possible attacks by which an adversary (Adv) may try to take down the new elliptic curve cryptosystem will be analyzed as follows. The case when the Adv intends to derive the secret key from the public key. Since ECDLP is hard then the signer is unable to derive from. Further, if it happens that, then 1. Since the choice of 1 is unacceptable, then would happen in negligible probability. If the sender chooses a same integer, to encrypt two different messages and then the Adv knows that mod and mod. Adv next can recover if he knows by solving the above two equation simultaneously. 3.3 Performance evaluation We investigate the performance our new cryptosystem in terms of the number of keys (secret key, SK and public key, PK), the computational complexity in both encryption and decryption and the communication cost. To describe the computational complexity, we need Table 1 which defines the various notations and Table 2 that shows the conversion of various operation units to the time complexity for executing the modular multiplication based on the reference [9].

4 5576 E. S. Ismail and E. Sakib Table 1: Definition of given notations Notations Definition Time complexity for executing the modular multiplication Time complexity for executing the modular exponentiation Time complexity for executing the modular addition Time complexity for executing the elliptic curve multiplication Time complexity for executing the elliptic curve addition Time complexity for executing the hash-function Table 2: Conversion of various operations units to. is negligible The following Table 3 summarizes the performance of our scheme. Table 3: Performance of evaluation of our scheme Items Time complexity of our scheme Complexity in of our scheme Encryption 2 59 Decryption 30 Number of public keys Number of secret keys Communication costs n We also can estimate the speedup of the scheme by neglecting the time complexity of the hash-function. Note that, the minimum requirement of time complexity for any ECDL problem-like signature scheme is or equivalent to in both for encryption and decryption algorithms. To do this, we use the following formulas: Speedup 100% Time complexity of our scheme in Time complexity of our scheme in 100% Hence the speedup of signature generation and verification phases respectively can be calculated as below: For signature generation; Speedup 100%. 100% 49.35% and for signature verification; Speedup 100%. 100% 97.07%. From the above estimation, it is clear that our scheme raises the acceptable efficiency of encryption and decryption algorithms.

5 A new secure and efficient elliptic curve cryptosystem Conclusions In this article, we have proposed a new cryptosystem based on the problem of finding a solution of elliptic curve discrete logarithm. The security of the newly developed cryptosystem is equivalent to ECDLP problem. We have also demonstrated that, our scheme required 59 for encryption and 30 for decryption. Next our scheme needed only one public key and one secret key and 2 n for the communication costs. Acknowledgement: We acknowledge the financial support received from Universiti Kebangsaan Malaysia under the Research Grant UKM-DLP References [1] A. Fiat, A. Shamir, How to prove yourself: practical solutions to identification and signature problems, Advances in Cryptology- Proceedings of Crypto 86, LNCS, vol. 263 (1987), Springer, [2] A. M. Allam, I. I. Ibrahim, I. A. Ali, A. E. H. Elsawy, Efficient zero-knowledge identification scheme with secret key exchange, Proceedings of the 46 th IEEE International Midwest Symposium on Circuits and Systems, vol. 1 (2003), [3] C. Lawrence, Elliptic curves number theory and cryptography, CRC Press, Washington. [4] C. P. Schnorr, Efficient signature generation by smart cards, Journal of Cryptology 4(3), 1999, [5] C. Popescu, An identification scheme based on the elliptic curve discrete logarithm, The 4 th International Conference on High- Performance Computing in the Asia-Pacific Region, vol. 2 (2000), [6] D. H. Nyang, J. S. Song, Knowledge-proof based versatile smart card verification protocol, AMC SIGCOMM Computer Communication Review, 30(3), 2000,

6 5578 E. S. Ismail and E. Sakib [7] D. Johnson, A. Menezes, S. Vanstone, The elliptic curve digital signature algorithm (ECDSA), International Journal of Information Security, vol. 1 (2001), Springer, [8] K. Rabah, Elliptic curve elgamal encryption and signature schemes. Inform. Technol. J., 4(3), 2005, [9] N. Koblizt, A. Menezes, S. Vanstone, The state of elliptic curve cryptography, Design, Codes and Cryptography 19 (2000), [10] N. Koblizt, Elliptic curve cryptosystem, Mathematics of Computation 48(177), 1987, [11] R. Rivest, A. Shamir, and L. Adleman, A method for obtaining digital signature and public-key cryptosystem. Communication of the ACM, 21(2), 1978, [12] S. A. Vanstone, Elliptic curve cryptosystem-the answer to strong, fast public-key cryptography for securing constrained environments, Inform. Security Tech. Rep., 12(2), 1997, [13] S. C. Pohlig, M. E. Hellman, An improved algorithm for computing logarithms over GF(p) and its cryptographic significance, IEEE Transactions on Information Theory 24(1), 1978, [14] S. F. Tzeng, M. S. Hwang, Digital signature with message recovery and its variants based on elliptic curve discrete logarithm problem, Comput. Standards and Interfaces 26(2), 2004, [15] S. J. Hwang, H. C. Liao, Security of Tzeng-Hwang s authenticated encryption scheme based on elliptic curve discrete logarithm problems, Applied Math. Comput., 186(1), 2005, [16] T. ElGamal, A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transaction on Information Theory, IT-31(4), 1985, [17] T. Okamoto, Provably secure and practical identification schemes and corresponding signature schemes, Advances in Cryptology- Proceedings of Crypto 92, LNCS, vol. 740 (1992), Springer,

7 A new secure and efficient elliptic curve cryptosystem 5579 [18] V. S. Miller, Use of elliptic curves in cryptography, Advances in Cryptology-Proceedings of Crypto 85, LNCS, vol. 218 (1986), Springer, [19] W. J. Caelli, E. P. Dawson, S. A. Rea, Elliptic curve cryptography and digital signatures, Comput. Security 18(1), 1999, [20] Y. F. Chung, K. H. Huang, F. Lai, T. S. Chen, ID-based digital signature scheme on the elliptic curve cryptosystem, Computer Standards and Interfaces 29 (2007), Received: May, 2012