implementation secure authentication using elliptic curve cryptography

International Journal of Innovative Research in Advanced Engineering (IJIRAE) Volume 1 Issue 1 (March 2014)

_______________________________________________________________________________________________________________ ISSN: 2278-2311 IJIRAE | http://Ijirae.com © 2014, IJIRAE All Rights Reserved Page - 41

Implementation Secure Authentication Using Elliptic Curve Cryptography

N.Thangarasu [email protected]

Abstract- Elliptic curve cryptography is the most efficient public key encryption scheme based on the elliptic curve concepts that can be used to create faster, smaller, and efficient cryptographic keys. As a use of network increase for critical transaction, so huge damages are caused by intrusion attacks hence there is the need of computer network security. To protect network against various active and passive attack, various technique have been suggested. Mobile devices have many differences in their capabilities, computational powers and security requirements. The security of mobile communication has stopped the list of concerns for mobile phone users. Confidentiality, Authentication, Integrity and Non-repudiation are required security services for mobile communication. Keywords: - critical transaction, Intrusion attacks, Autonomous Security, Mobile communication security, Public key cryptography, Authentication, Integrity and non-repudiation.

I. INTRODUCTION

Rapid development on electronic technology secure communication in particular is in demand for any kind of communication network. The main components of secure communications software stack includes key exchange and signature which is required for public key algorithms like RSA, DSA and elliptic curve cryptography [1][2]. Elliptic curve system is applied to cryptography were first proposed in 1985 independently by Neal Koblitz and Victor Miller. The discrete logarithm problem on public curve groups is believed to be more difficult than the corresponding problem in the underlying finite field [3][4][5]. Public key cryptography is effective security solution to provide secure mobile communication [6]. ECC is the most efficient public key encryption scheme based on elliptic curve concepts that can be used to create faster, smaller, and efficient cryptographic key.ECC can be used with public key encryptions methods, such as RSA, and Diffie-Hellman key exchange communication privacy through encryption, authentication of sender and digital signature to ensure message integrity[7]. ECC can helps to establish equivalent security with lower computing power and battery resource usage. Public key Cryptography algorithms provide the way to achieve security requirements viz; confidentiality and authentication [8].Network attack detection is the very challenging task for the network operator in today’s Internet. It is begin challenging task because network attack are moving targets, they are not steady. Attacker may launch every time new attack. The need of detection system that will be able to detect various attacks of different range and with variety of characteristic [9].Commercial detection systems there are two different approaches namely Signature based detection and anomaly detection for detection of attack. Signature based detection can be used for pattern of unauthorized behaviour. Anomaly detection can be used for abnormal pattern behaviour.

II. CRYPTOGRAPHIC TERMINOLOGY

A security protocol formally specifies a set of steps to be followed by communicating parties, so that the mutually desired security objectives are satisfied. The four main security objectives include: Confidentiality: This means that the secrecy of the data being exchanged by the communicating partied is maintained, i.e., no one

other than the legitimate parties should know the content of the data being exchanged. Authentication: It should be possible for the receiver to ensure that the sender of the message is who he claims to be, and the

message was sent by him. Integrity: It provides a means for the receiver of a message to verify that the message was not altered in transit. It checks

originality of message. Non-repudiation: The sender of a message should not be able to falsely deny later that he sent the message, and this fact should

be verifiable independently by an independent third-party without knowing too much about the content of the disputed messages.

III.APPLICATIONS OF PUBLIC KEY CRYPTOSYSTEM

Some public key algorithms are ECC, RSA, Diffie-Hellman key exchange and DSA. In the later section we mainly focus on Elliptic Curve Cryptosystem (ECC). Table1

Algorithm Encryption/decryption Digital signature Key exchange RSA Yes Yes Yes Elliptic Curve Yes Yes Yes Diffie-Hellman Yes No Yes DSS No Yes No

Table.1 applications of public key cryptosystem



IV. ELLIPTIC CURVE CRYPTOGRAPHY

The principal attraction of Elliptic Curve Cryptography (ECC) compared to RSA is that it offers equal security for a far smaller key size, thereby reducing processing overhead. The advantage of ECC over other public key cryptography techniques such as RSA is that the best known algorithm for solving ECDLP the underlying hard mathematical problem in ECC takes the fully exponential time and so far there is a lack of sub exponential attack on ECC. ECC is based on the Discrete Logarithmic problem over the points on an elliptic curve [8][10][11]

Elliptic curve is the set of Weierstrass equation of the form Y2+a1xy+a 3y=x3+a 2x2+a 4x+a6 -------------------------------------- EQ 1 Y2=x3+ax+b -------------------------------------- EQ 2 Y2+xy=x3+ax2+b ---------------------------------------EQ 3 Y2+y=x3+ax+b --------------------------------------- EQ 4

Cryptography purposes we always use a finite field a1, a2, a3, a4, a6 are real numbers belong to R, x and y take values in the real numbers. If L is an extension field of real numbers, then the set of L-rational points on the Elliptic curve is called Weierstrass equation. The following algorithm gives the points on the curve Eq2 (a,b) [12] Algorithm elliptic-points (p,a,b) { X=0 While(x<p) { W=(x3+ax+b) mod p If (w is perfect square in Zp) Output ((x√,w).(x,- √w)) X=x+1 } }

The number of points on an elliptic curve over a finite field must satisfy Hasse’s theorem. The order of the curve N will satisfy the following equation [8][10][12]

P+1-2√p≤N≤p+1=2√p

\

Figure: 1 Point Doubling Figure: 2 Point Additions

Point additions (PA) and point doublings (PD) can be implemented using coordinate system [13] like affine coordinate system, standard projective, Standard projective and affine, Jacobian projective and affine, lopez-Dahab. The most popular coordinate representation is affine repetition which is based on two coordinate (x,y) and other representation such as projective Jacobian, lopez-dahab uses three coordinates , Transforming affine coordinates into one of the other representation is almost simple but not vice versa, since transformation requires costlier field inversion[3][7]. The addition of two points on an elliptic curve. Elliptic curves have the interesting property that adding two points on the elliptic curve results a third point on the curve. Therefore, adding two points, P1 and P2, gets us point P3, also on the curve. Small changes in P1 or P2 can cause a large change in the position of P3. Point addition is the addition of two points J and K on an elliptic curve to obtain another point L on the same elliptic curve and point doubling is the addition of a point J on the elliptic curve to itself to obtain another point L.

V. SECURITY OF ELLIPTIC CURVE CRYPTOGRAPHY Security is the most attractive feature of elliptic curve cryptography. Elliptic curve cryptosystems also are more computationally efficient than the first generation public key system like RSA, DSA and Diffie-Hellman key exchange algorithm. Table 1 gives approximate equivalent key size for ECC and RSA algorithm.



From table 1 it is clear to see that ECC affords the same security as RSA while using significantly smaller key sizes. In Table 1, at all levels of security including 512 bits, ECC has smaller public key sizes than both RSA and DSA/DH. Because of its smaller key size, ECC outperforms both RSA and DSA/DH for most routine operations while offering comparable levels of security. The reason is that ECC provides greater efficiency in terms of computational overheads, key sizes and bandwidth. In implementations, these saving mean higher speeds, lower power consumption. For efficient cryptosystem implementation ANSI (American National Standard Institute) and NIST (National Institute of Standard and Technology) are producing standards and technology [3][8].

Time to break in MIPS years RSA/DSA key exchange ECC Key size RSA/ECC key size ratio 104 512 106 5:1 108 768 132 6:1 1011 1024 163 7:1 1020 2043 210 10:1 1078 21000 600 35:1

Table2. Security of Elliptic Curve Cryptography

VI. NETWORK DETECTION METHOD

6.1. Anomaly Detection: Anomaly detection is used in the data mining based intrusion detection system tries to define what is normal and then detect how analyzed data is different from model [14]. But meanwhile if some intrusion arises, it will not be considered as normal. It detects them initially. It is also possible that training data will contain traces of intrusion, so in such case future instance of the attack may not be detected rather; they will be treated as normal. 6.2. Misuse Detection: The set of labelled data is use to train the machine leaning algorithm and the detection model is built. This detection model will be similar to the signature describe earlier. But this is also similarly vulnerable to new type of attack as the signature based method.

VII. UNSUPERVISED NETWORK ATTACK DETECTION

Aiming at discovery knowledge independent system, new proposed algorithm is unsupervised network attack detection algorithm. Initially traffic is captured and packet are analysed by aggregating in multi resolution flow. On the top of these flow, different time series is built. And anomalous change is defined by change-detection algorithm based on time- series analysis. 7.1. Determining degree of abnormality: There is the use of robust clustering algorithm like sub-space clustering (SSC), Density- based clustering, and Evidence Accumulation Clustering (EAC) as combination of these approaches for providing traffic structure. These traffic structures are used as the evidence for determining by how much degree the traffic is not normal. Thus the output of second stage is outlying flow. 7.2. Declaring anomalies: Using a simple threshold detection approach, outlying flow which is top ranked is flagged as anomalies.

VIII. UNSUPERVISED ATTACK DETECTION THROUGH CLUSTERING

IP flows in the flagged time slot are used as the input for unsupervised attack detection. At this step unsupervised network attack detection algorithm ranks the degree of abnormality of every flow by using clustering and outliers analysis techniques. Two different resolutions, using either IP source or IP destination aggregation key IP flows are analysed. There are two different anomalies on the basis of which traffic anomalies can be classified, 1-to N anomalies and N-to-1 anomalies.

IX. PERFORMANCE PARAMETERS FOR ELLIPTIC CURVE CRYPTOGRAPHY IMPLEMENTATION

Although RSA, E1-GAMAL and Diffie-Hellman are secure asymmetric key cryptosystem, their security comes with a price, their large keys. So researchers have looked for providing substitute that provides the same level of security with smaller keys. For Elliptic Curve Cryptography implementation following consideration should meet [1][15][16][17]:

Suitability of methods available for optimizing finite field arithmetic like addition, multiplication, squaring, and inversion. Suitability of methods available for optimizing elliptic curve arithmetic like point addition, point doubling and scalar

multiplication.

Application platform like software, hardware, or firmware. Constraints of a particular computing environment e.g., processor speed, storage, code size, gate count, power consumption. Constraints of a particular communications environment e.g., bandwidth, response time. Suitability of methods used for optimizing anomaly detection, misuse detection, unsupervised network attack detection,

unsupervised attack detection through clustering.



Efficiency of ECC is depends upon factors such as computational overheads, key size, bandwidth, ECC provides higher-strength per- bit which include higher speeds, lower power consumption, bandwidth savings, storage efficiencies, smaller certificates and cluster using the density based, Sub-space, Evidence Accumulation Clustering.

X. APPLICATION OF ELLIPTIC CURVE CRYPTOGRAPHY

Many devices are constrained devices that have small and limited storage and computational power, for constrained devices ECC can be applied [10][18][19]

For wireless communication devices like PDA’s multimedia cellular phones ECC can apply. It can be used for security of smart cards, wireless sensor networks, wireless mesh and network detection. Web servers that need to handle many encryption sessions. Any kind of application where security is needed for our current cryptosystem.

CONCLUSION

Elliptic curve cryptography offers the highest strength-per-key-bit of any known public-key system of first generation techniques like RSA, Diffie-Hellman. ECC offers the same level of security with smaller key size, computational power is high integrated circuit space is limited for network detection using clustering, smart card, wireless device and mobile phones. The ongoing development of standards is very important position for the use of a cryptosystem. Standards help to ensure security and interoperability of different implementations of one cryptosystem. There are several major organizations that develop standards like International Standards Organization (ISO), American National Standards Institute(ANSI), Institute of Electrical and Electronic Engineering(IEEE), Federal Information Processing Standards(FIPS). The most important for security for information technology are the in addition secure communication. Elliptic Curve Cryptography (ECC) enabling technology for Network Detection, Mobile Network Security and Numerous wireless sensor networks.

REFERENCES

[1] Dr.R.Shanmugalakshremi. M.Prabu “ Research Issues on Elliptic Curve Cryptography and its applications” IJCSNS International

Journal of Computer Science and Network Security, VOL.9 No.6, June 2009. [2] F.Amin, A.H.Jahngir and H.rasifard “Analysis of Public-key cryptography for wireless sensor network security” World Academy of

science , Engineering and Technology41 2008. [3] www.certicom.com [4] William Stallings “Cryptography and network security principles and practice” Fifth edition , person, 2011. [5] Behrouz A Forouzan, Debdeep Mukhopadhyay “cryptography and network security” Second edition. Mc-Graw Hill,2008. [6] Sameer Hasan Al_Bakir, M.L. mat kiah, a.a.Zaidan, B.B.Zaidan and Gazi Mahabubul Alam, “securing Peer to peer mobile

communications using public key cryptography: new Security strategy.” International Journal of the physical SciencesVol.6 (4),pp.930-938,Februray,2011.

[7] Sonail Nimbhorkar, Dr.L.G.Malik “Prospective Utilization of Elliptic Curve Cryptography for security Enhancement” International Journal of Application or Innovation in Engineering & Management (IJAIEM), volume 2, Issue 1 January 2013

[8] William Stallings. “Cryptography and Network Security Principles and practices, fourth edition” , prentice Hall, 2006. [9] S.Kim and A.L.N.Reddy. A.Study of Analyzing Network Traffic as Image in Real-Time. In IEEE International conference of

communication, 2005. [10] Sonail Nimbhorkar, Dr.L.G.Malik “ A survey on Elliptic curve cryptography (ECC)” International Journal Advanced Studies in

Computers, Science and Engineering vol,1,issue 1,pp,1.5,July 2012. [11] Alpesh R.Mishra and Abhilash Mandloi, “Implementation of Cryptography Algorithm for GSM and UMTS System” International

Journal of Network Security & and its Application (IJNSA), vol.3, no.6,pp,1-5, November 2011. [12] Ranbir Soram, “Mobile SMA Banking Security using elliptic curve cryptosystem, “IJCSNS International Journal of Computer

Science and Network Security, vol.9 no.6,pp,30-38,June.2009. [13] Mrs.megha Kolhekar “Implementation of Elliptic curve cryptography on text. And Image” International Journal of Enterprise

Computing and Business System ISSN(online):2230 2230-8849 vol.1 Issue 2 July 2011. [14] Pedro Casas,johan Mazel. Steps Toward Autonomous Network Security: Unsupervised Detection of Network Attacks, IEEE

International Conference of communication 2011. [15]Andrej Dujella “Applications of elliptic curves in public key cryptography” Basque Center for applied Mathematics and Universidad

del Pais Vasco / Euskal Herriko Unibertsitatea, Bilbao, May 2011. [16]Pradeep Malik “Elliptic Curve Cryptography for security Inwireless Networks” Statistics 2011 Canada: 5th Canadian Conference in

Applied Statistical Techniques, july 1-4-2011, Concordia University, Montreal, Quebec, Canada. [17]LIU Shuanggen, LI Ping, HU Yupu “improvement Schemes for Scalar Multiplication Algorithm in Elliptic Curve Cryptography”

ISSN:1000-3428.0.2006-17-009. [18] Tingdingchen,Huiyun Li,Keke Wu, Fengqi Yu “ Evaluation criterion of side channel countermeasures for elliptic cryptography

devices” DOIIO.1109/iCCCs.2009.13. [19]Xue Sun,Mingping Xia “An improved proxy signature based on elliptic curve cryptography” DoI10.1109/ICCCS.2009.36.