This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
In order to securely broadcast the data in a web-based environment, the data can be organized as a hierarchical tree and encrypted by different cryptographic keys. To assign the user to a certain class for some time period most of the applications contain time bound related with each access control policy. An ideal time-bound hierarchical key management must be able to perform the updates of the users' keys periodically in order to make sure that the information delivered follows the access control policies of the data source in an efficient way and the storage as well as communication of keys must be minimized. Security is a major concern in communication network environment, to provide a data security on over non trusted network is a challenging factor.
Data Security is major issue in data communication system, there are different types of access control techniques are available to privilege data against attackers but which utilizes abnormal security control techniques which are insufficient and insecure. To overcome this difficulties it need to promote a new kind of key management scheme to promote efficient and secure broadcasting system .
This project focuses mainly on the secure broadcasting for this it need a time bound key management scheme that can organize the keys in hierarchical level so that a higher class can retrieve data content from a lower class but and the time bound associated with each access control policy, so that a user is assigned to a certain class for just a period of time . Based on this, it can recommend this time-bound hierarchical key management scheme, which is based on the use of elliptical curve cryptography which should perform the above task in an efficient fashion and it also minimizes the storage and implementation cost.
The main purpose of this project is to broadcast the data efficiently and securely by managing various levels of attacks.
The aim of this project is to broadcast the data securely and efficiently by implementing a key assignment scheme in which elliptic curve cryptography is deployed. To implement an efficient and secured broadcasting system by implementing a key management scheme by combining the elliptic curve cryptography features.
In electronic systems data can be organized and encrypted using symmetric key algorithms according to the user privileges and predefined time periods and then the data will be broadcasted to the users. In order to do this an efficient way is required to manage the encryption keys and time bound key management schemes were also proposed. But both these schemes are not secure against collusion attacks.
Security is a major concern in communication system, to protect data against attackers is a major aspect in any broadcasting environment. There are many security techniques were implemented while privileging data during broadcasting such as symmetric key techniques and key management schemes but these techniques didn't provide efficient results to manage security levels, the security schemes are insecure against collusion attacks .
The data can be encrypted using various key techniques, the broadcasted data can be organized as a hierarchical tree and encrypted by distinct cryptographic keys according to access control policies, the access control polices bound with particular time period once the time period exceeded the keys might be expires, these kind of techniques create lack of insecure problems.
In existing system the data should be organized and encrypted by making use of symmetric key algorithms according to the predefined time periods and user privileges, then the data will be broadcasted and this requires an efficient way to manage the encryption keys and time bound key management schemes for a hierarchy were also proposed but both these schemes are insecure against collusion attacks.
This project achieves a new key assignment scheme for access control which is both efficient and secure. Elliptic curve cryptography is also deployed. Analysis of the scheme is also provided with respect to the issues of security and efficiency.
This research mainly distinguish time bound key management scheme and symmetric key management scheme for enhancing better security . This project will evaluate hierarchical key management scheme for access control methods which is based on elliptic curve cryptography for enhancing better security. To deliver secured and efficient broadcasting system for managing various level of attacks. To analyze the hierarchal key management schemes for generating key structure for access control model. To invoke elliptic curve cryptography, of secure broadcasting of data. To update the keys with specified time period.
To define a key assignment scheme for access control by making use of elliptic curve cryptography
To analyze key management schemes and cryptography techniques for reviewing security problems.
To distinguish key management scheme in security control layer and to reduce computational load and implementation cost by implementing one or more key assignment scheme .
To define a key management hierarchical structure to the data source before deploying to any security levels.
To implement a new time bound key management scheme to the security hierarchical structure.
To define a key management scheme method for access control using elliptic curve
To minimize the storage and communication of keys and to provide access restrictions by implementing new key assignment scheme with a tamper device.
To minimize the storage and communication of keys by implementing new key assignment scheme with a tamper device.
To assign a time bound for each access control policy and to update the user keys periodically.
To provide access restrictions by implementing new key assignment scheme with a tamper device.
To enhance secure symmetric algorithm in time-bound hierarchical key assignment scheme for representing secure broadcasting
Chapter -1: Project analysis: To review problem statement and explore system objectives and Chapter -2: literature review: To conduct a back ground study and shows the relevant process
Chater-3: Research Method: To evaluate a research method for proposed system by exploring solutions.
Chapter -4: system design: To design high level and low level diagram for representing project flow
Chapter -5 Project implementation: To implement a project using C#.Net language and invokes all case studies
Chapter -6: System Testing and performance evolution: To conduct functional testing and various system testing for improving system performance.
Chapter -7: Conclusion, Future enhancement, bibliography and appendices
 Qingfeng Chen, Chengqi Zhang, Shichao Zhang, Secure transaction protocol analysis: models and applications, Springer, 2008
 Woei-Jiunn Tsaur, Haw-Tyng Pa, Dynamic Key Management Schemes for Secure Group Communication Based on Hierarchical Clustering in Mobile AdHocNetworks, Springer Berlin / Heidelberg, Volume 4743/2007
 H.-Y. Chien. "Efficient Time-Bound Hierarchical Key Assignment Scheme", IEEE Transactions on Knowledge and Data Engineering, Vol. 16, No. 10, pp. 1302-1304, Oct. 2004
 Yang Xiao, Yi Pan, Security in distributed and networking systems, World Scientific, 2007
 Darrel R. Hankerson, Scott A. Vanstone, Alfred J. Menezes, Guide to elliptic curve cryptography, Springer, 2004
 Richard A. Mollin, RSA and public-key cryptography, CRC Press, 2003
Security is a major concern in communication system, there are many techniques and methods are employed to assure the data security, such as cryptography, key management techniques. In remote communication system the data broadcasting across different end users should be secured, for enabling an information security on over remote network system many authors and researchers proposed different types of security methods. Information security is a hot research topic in data communication system, there are many issues.
However the broadcasting the data across web servers and other electronic media services enables secrete keys during broadcasting the data, The broadcasting channels need to provide simultaneous data broadcasting services to many end users from single source. For representing simultaneous operations which mainly computes the secret keys and access control schemes. But these level of operations need to send multiple keys to multiple end users, which enable secure broadcast application for sending encrypted data on over remote networks. The secure broadcast application hides the data by employing encryption and decryption techniques . But it changes the nature of traffic and it increases the network traffic.
The broadcasting environment should need to compute various security techniques for managing various security issues. In this project which address the key management and access control problems and takes the consideration of data protection methods. This chapter covers the background study of access control and key management techniques. It also demonstrate the cryptography features and its functionalities.
2. 1 Access control
Access control is a mechanism of controlling the resources against an unauthorized users, it restrict the users for providing some limitations. This system enables an authentication facilities for physical resources and where which only allows authenticated users to access the resources by presenting prior values. The entire system has been deployed at control system level. In this it provides user accessing details, it only enables the authentication layer for supporting mutual authentication.
Authentication is a process of identifying end users. The authentication process provides accessing permission to end uses by allotting some identification resources such as passwords for emails and web resources, smart cards, finger prints, bio metric devices etc. It registers the end users details and verifies the end user details by accepting an inputs, it monitors all the user authentication details in the server system.
Access Control is used to restrict the user to exactly what he should be able to do, but not more and not less. Anyone can be a legitimate user as there is an increase in computers exposes services that are available to anyone. Along with users there are also programs we would like to control.
Access Control Problem
The access control problem is used to ensure that only authorized users are given access to some resources of a computer system. Users are organized in a hierarchy formed by certain number of disjoint classes based on their responsibilities are called security classes. If some users have more access rights than others the concept of hierarchy arises.
In the hierarchy a method that is used to assign an encryption key and some private information to each class is a hierarchical key assignment scheme. Each class uses encryption key to protect its data by means of a symmetric cryptosystem, each class uses the private information to compute the keys assigned to all the classes lower down in the hierarchy.
2.1.1 Authentication Factors
The access control controls the accessing permission of end users by maintain the password. The password is encrypted and the encrypted password information is managed at server end during processing any web resources or any system resources the end user need to provide password, which should be a combination factors of text and numeric values. But the password method provides less security factors. To achieve user authentication
The security tokens is also called as authentication tokens, which checks an authentication of end users by verifying the digital signatures, pin numbers, and cryptography keys. It is a small device which can easily carries, which includes the secured information, the user need to submit the secured information during accessing the resources. The secured ID tokens generates keys, these keys randomly generates every time.
Cryptography is a process of protecting a data by hiding an actual data into the human non readable format. It's protecting the data by organizing the data into secret format.
Public Key Cryptography (PKC)
Most cryptography techniques are key based. A key is a mathematical value that is attached to plaintext. This key has a formula that encrypts or decrypts the information. With private key cryptography also known as secret key cryptography (SKC), a single key is used for both encryption and decryption; the sender uses the key to encrypt the plaintext and sends the cipher text to the receiver. The receiver applies the same key to decrypt the message and recover the plaintext. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption with this form of cryptography; it is obvious that the key must be known to both the sender and the receiver; that, in fact, is the secret.
One problem is error propagation; a garbled bit in transmission will result in garbled bits at the receiving side. Synchronous stream ciphers generate the key stream in a fashion independent of the message stream but by using the same key stream generation function at sender and receiver. While stream ciphers do not propagate transmission errors, they are, by their nature, periodic so that the key stream will eventually repeat. Block ciphers can operate in one of several modes; the following four are the most important: Electronic Codebook (ECB) mode is the simplest, most obvious application: the secret key is used to encrypt the plaintext block to form a cipher text block. Two identical plaintext blocks, then, will always generate the same cipher text block. Although this is the most common mode of block ciphers, it is susceptible to a variety of brute-force attacks.
DES is a block-cipher employing a 56-bit key that operates on 64-bit blocks. DES has a complex set of rules and transformations that were designed specifically to yield fast hardware implementations and slow software implementations, although this latter point is becoming less significant today since the speed of computer processors is several orders of magnitude faster today than twenty years ago. Advanced Encryption Standard (AES): the Advanced Encryption Standard became the official successor to DES in December 2001. AES uses an SKC scheme called Rijndael, a block cipher designed by Belgian cryptographers Joan Daemen and Vincent Rijmen. The algorithm can use a variable block length and key length; the latest specification allowed any combination of keys lengths of 128, 192, or 256 bits and blocks of length 128, 192, or 256 bits.
Hash function is mathematical algorithm. There is no concept of keys in the hash functions. A hash function accepts information as data attaches a value to this information and sends it. The most important advantage of the hash function is that no one can tamper with the information that is transmitted this technique. This is because the hash function is one-way cryptography technique. A hash function is said to be one-way because even if the output of a hash function is known, it is impossible to determine the input that constitutes the original information. For example, if data X is encrypted using a hash function to generate a value, Y, it is impossible to recover the value of X if Y is known. Hash functions are used to create signatures. These signatures are used to authenticate users
2.2 Key management
In 1981 the Lamport proposed user authentication maintaining password table, but this authentication mechanism proven the efficient secured factors due to the vulnerability . The user authentication need to maintain the information in database table and it need to protect the data. To improve the authentication process, the Hwang Li proposed user authentication scheme by combining the smart cards technique. It includes the time stamp in login message, and which doesn't require any database table to store the information. Which only need to maintain secret key to maintain login. But this scheme need to compute the keys, which takes extra computational issues during generating the key factors. To improve computational factors in smart cards, Awasti-lal resolve the problem by including forward security. The main purpose of this method is to provide the security for password even the generated keys will be compromised, it means to ensure the password security in worst case also. 
2.3 Time bound key management scheme
However the data security has been concerned with some specified time period for symmetric keys and with user privileges. The data can be controlled using key level factors, these keys are organized with specified time period. It specifies the time period for each access control polices. So that the user can access particular time period, for this reason every time it needs update the user keys. For regulating the user keys updates it requires to provide additional storage and need to manage the keys according to the user access control policies.
A time-bound hierarchical key assignment scheme is used to assign time-dependent encryption keys to set of classes in a partially ordered hierarchy, so that according to temporal constraints the keys of all the classes can be computed by each class lower down in the hierarchy.
In the hierarchy in order to assign an encryption key and some private information to each class a method is used known as hierarchical key assignment scheme. To protect the data by means of a symmetric cryptosystem encryption key has to be used, whereas to compute the keys that are assigned to all the classes lower down in the hierarchy, the private information will be used.
This assignment is done by a central authority, only at the distribution phase the Trusted Authority (TA) is active. An elegant hierarchical key assignment scheme was first proposed by Akl and Taylor. In this scheme a key is assigned to each class that can be used and also some public parameters generated by the central authority, in order to compute the key that is assigned to any class lower down in the hierarchy. Also many researchers have proposed schemes that can have better performances or can allow insertions and deletions of classes in the hierarchy . Crampton et al had recently  provided a detailed classification of many schemes in the literature and evaluates their merits according to different parameters, such as the amount of private information distributed and stored by users, the amount of public information, the complexity of key derivation, the complexity of handling dynamic updates to the hierarchy, and the resistance to collusive attacks.
Time-based access control is required by several applications. Some of the proposals for time-bound hierarchical key assignment schemes [7, 8, 9, 10] have shown to be insecure against collusive attacks, where as some classes are assigned by two or more users in distinct time periods, together to compute a key to which that they are not entitled . Beginning from the Akl-Taylor scheme , Wang and Laih  and Tzeng  have recently shown how to construct a time-bound hierarchical key assignment scheme. However, it is not clear as they did not formalize the definition of security and adversarial model.
2.3.1 Time bound cryptographic key assignment scheme
The cryptographic key assignment problem is to assign cryptographic keys to a set of partially ordered classes so that the cryptographic key of a higher class can be used to derive the cryptographic key of a lower class. In this paper, we propose a time-bound cryptographic key assignment scheme in which the cryptographic keys of a class are different for each time period
According to the W.G.Tzeng, an ideal time bound key management scheme for regulating the key generation and time bound operations by minimizing the space requirement and communication factors . But this scheme doesn't shown efficient results in computational factors. To improve the computational factors of Tzeng, H.Y. Chien  in 2004 has proposed another time bound key management scheme for improving the implementation load and computation factors by implementing the tamper-resistant device and a secure hash function, but this mechanism doesn't resolve the three party collision attacks.
 Pachghare, Cryptography and Information Security, PHI Learning Pvt. Ltd., 2009
 W.G. Tzeng. "A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a Hierarchy", IEEE Transactions on Knowledge and Data Engineering, Vol. 14, No. 1, pp. 182-188, Jan./Feb. 2002. 6th ACM Symposium on Access Control Models and Technologies (SACMAT 2001), May 3-4, 2001, Litton-TASC, Chantilly, Virginia, USA. ACM, 2001.
 Hwang, M.S., Li, L.H., A new remote user authentication scheme using smart cards, IEEE transaction on consumer electronics, 2000
 Natarajan Meghanathan, Selma Boumerdassi, Nabendu Chaki, Dhinaharan Nagamalai, Recent Trends in Network Security and Applications: Third International Conference, CNSA 2010, Chennai, India, July 23-25, 2010Proceedings, Springer, 2010
 C. H. Lin, Dynamic Key Management Schemes for Access Control in a Hierarchy, Computer Communications, 20, 1381-1385, 1997.
 J. Crampton, K. Martin, and P. Wild, On Key Assignment for Hierarchical Access Control, in Proc. Of the 19th IEEE Computer Security Foundations Workshop - CSFW 2006, S. Servolo island, Venice, Italy, July 2006, 98-111.
 W.-G. Tzeng, A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a Hierarchy, IEEE Transactions on Knowledge and Data Engineering, 14(1), 182-188, 2002.
 H. Y. Chien, Efficient Time-Bound Hierarchical Key Assignment Scheme, IEEE Transactions on Knowledge and Data Engineering, 16(10), 1301-1034, 2004.
 H. F. Huang and C. C. Chang, A New Cryptographic Key Assignment Scheme with Time-Constraint Access Control in a Hierarchy, Computer Standards & Interfaces 26, 159-166, 2004.
 J. Yeh, An RSA-Based Time-Bound Hierarchical Key Assignment Scheme for Electronic Article Sub-scription, in Proc. of the ACM International Conference on Information and Knowledge Management -CIKM 2005, Bremen, Germany, November 2005, 285-286.
 X. Yi and Y. Ye, Security of Tzeng's Time-Bound Key Assignment Scheme for Access Control in a Hierarchy, IEEE Transactions on Knowledge and Data Engineering, 15(4), 1054 -1055, 2003.
 S. G. Akl and P. D. Taylor, Cryptographic Solution to a Problem of Access Control in a Hierarchy, ACM Transactions on Computer Systems, 1(3), 239-248, 1983.
 S.-Y.Wang and C.-Laih, Merging: An E±cient Solution for a Time-Bound Hierarchical Key Assignment Scheme, IEEE Transactions on Dependable and Secure Computing, 3(1), 2006.
 W.-G. Tzeng, A Secure System for Data Access Based on Anonymous and Time-Dependent Hierarchical Keys, in Proc. of the ACM Symposium on Information, Computer and Communications Security -ASIACCS 2006, Taipei, Taiwan, March 2006, 223-230.
Broadcast is an important characteristic in any sensor network for critical operations such as network query, software updates, time synchronization, and network management.
The broadcast channel is used as a single transmission from a source station may be received by many destination stations. At a time a secret message must be sent to many people. These applications are known as secure broadcasting applications. These applications like document distribution, teleconferencing, etc., have changed the nature of data traffic.
In order to parallel the broadcast channels and fading channels with multiple receivers Wyner's wiretap channel has been extended. 
If identical data has to be sent to a group of receivers then multicast communications model reduces the overhead of the sender as well as the network management. By making use of this multicast mode many applications that make use of single-sender-multiple-receiver communication model can get benefit. Using cryptography the multicast communication is secure to ensure that only valid members have access to the communication channel. The symmetric key cryptography reduces the computational overhead by allowing the sender to perform one encryption and every user to perform one decryption per message.
Security means protecting information and information systems from unauthorized access, modification. Secure Broadcasting is the process of broadcasting the data in a secure way. It protects its confidentiality, integrity, availability, authenticity, non-repudiation. Access to data while broadcasting has increased greatly.
Confidentiality is used to prevent the disclosure of information to unauthorized users or systems. Confidentiality is required in order to maintain the privacy of the people whose personal information a system contains.
Integrity means without authorization data cannot be modified. Integrity can be violated in many ways without malicious intent.
For serving the purpose of any system, the information must be available when it is needed. The information will be stored and processed by the computing systems, the security controls that are used to protect it, and for accessing the communication channels that are used must function correctly. Ensuring the availability also involves in preventing the denial of service attacks.
It is necessary to ensure that the data, communications are genuine in information security.
Non-repudiation means that transaction of one party cannot deny having received a transaction nor the other party can deny having sent a transaction.
There are various types of security attacks 
DoS- Denial of Service
Denial of Service attacks are the most difficult to address. These attacks can be launched easily and it is difficult to track. To launch a Denial of Service attack is trivial where as detection is slow and processing must be done manually.
The denial of service attacks is classified into software exploits and flooding attacks. Software exploits means by disabling the victim the attacker sends a few packets to work out software bugs within the target's OS or application. In flooding attacks one or more attackers sending constant streams of packets aimed at overwhelming link bandwidth or computing resources at the victim. Flooding attacks cannot be addressed by software fixes. Flooding attacks can be classified based on the location of the observation point as single-source when a single zombie is observed flooding the victim and when multiple zombies are observed it is a direct multi-source. Insecure machines that have been compromised by a malicious user are Zombies. A special case of multi-source attacks are Reflector attacks which are used to hide the identity of the attacker. 
Flooding attacks are classified as (a) single-source, (b) multi-source, or (c) reflected based on the number of attackers and their location, with respect to the observation point and victim.
Unauthorized access can refer to a number of different sorts of attacks. These attacks are used to access some resource that a machine should not provide the attacker.
Spoofing is a security attack that allows you to pretend to be something other than what you are. This attack consists of the replacement of the valid source and/or destination IP address and the node numbers with false ones.
Malicious users who position themselves between the two endpoints of a communication link by copying are Man-in-the-middle attacks. These security attacks can collect login details or sensitive data and can change the content of the messages exchanged between the two parties.
Brute force and dictionary
The target of these Brute force and dictionary attacks can be passwords database file. By making use of brute force attacks passwords can be discovered by systematically arranging every possible combination of letters, numbers, and symbols. By using the predefined dictionary of expected passwords, the passwords can be discovered in dictionary attacks.
If the passwords are made strong and long then brute force attack will take longer time. It is therefore recommended to implement strong passwords like minimum 8 characters, combinations of upper and lower case, symbols and can also use matrix passwords.
The malicious users which attack users or system with the inspiration of power, recognition, or greed that result in stolen data, ideas, compromising security, lost productivity, etc.,
Sniffers are the attacks that attempt to obtain information about the traffic over the network. These attacks are in the form of packet capturing programs that focus on the initial connections to obtain logon credentials, secret keys, etc.
Spamming can be categorized as the security attacks in the form of unwanted email messages that contain viruses or Trojan horse files. Usually it is considered as a type of DoS attacks.
Digital Cryptography Basics
This section introduces a number of basic building blocks of modern digital
cryptography, describes what they can do for you, and explains how to compose
them to produce useful and practical secure services.
Message digest functions convert sequences of bits, possibly quite long, called messages, into fixed-length binary "fingerprints" or message digests of the original sequences. A message digest function has two goals:
It should be computationally infeasible to find another message whose digest is the same as the digest of a given message. It should be computationally infeasible to find two arbitrary messages whose digests are the same. In the common case where an authentication method takes a large amount of computational effort and that effort is proportional to the number of bits being authenticated, you can secure a large document by authenticating its much smaller fixed-size message digest.
Since many years for the purpose of secure communications over internet and many other forms of communications, public key cryptography has been introduced; this is used to provide the base for key management and digital signatures. In key management, the purpose of using public key cryptography is to distribute the secret keys used in other cryptographic algorithms. For digital signatures, the purpose of using public key cryptography is to authenticate the original data and to protect the integrity of that data. Elliptic curves appear in many diverse areas of mathematics, ranging from number theory to complex analysis, and from cryptography to mathematical physics.
New techniques are developed which offer better performance and high security. This best new public key techniques are built based on the elliptic curves. By considering future internet security this project will be based on elliptic curves. The two main public key algorithms used to secure the internet are RSA and Diffie-Hellman. The security of RSA is based on factoring two large prime numbers product. The Diffie- Hellman is related to the discrete logarithm problem for finite groups. Both algorithms are based on elementary number theory, though they are formulated differently, is closely related.
Three basic choices for public key systems are available for these applications:
â€¢ Diffie-Hellman (DH) or Digital Signature Algorithm (DSA) modulo a prime p
â€¢ Elliptic Curve Diffie-Hellman (ECDH) or Elliptic Curve Digital Signature Algorithm
Based on the difficulty in factoring large integers Rivest, Shamir and Adleman have published a system known as RSA in 1978. Whitefield Diffie and Martin Hellman proposed the public key system known Diffie-Hellman Key Exchange in 1976. Both DH which is a key agreement and DSA which is a signature are not directly interchangeable, even though they can be combined to do authenticated key agreement. These are based on the difficulty of solving the discrete logarithm problem in the multiplicative group of integers modulo a prime p.
In 1985 as a substitute for the multiplicative groups modulo p in either the DH or DSA protocols the Elliptic curve groups were proposed.
Elliptic curve-based systems give significant performance advantages and which can be implemented with much smaller parameters. Such performance improvements are chiefly important in the wireless arena.
The advantages of elliptic curves in the SSL/TLS protocol have been analyzed in depth.
Equivalent Security Levels
Therefore, to the same level of attacks, the system parameters for an elliptic-curve-based system can have much smaller parameters compared for RSA or mod p systems. Example, an elliptic curve over a 163-bit field gives the same level of security as 1024-bit RSA modulus or Diffie-Hellman prime.
Because of the differences in growing key bit length for equivalent security levels accounts for the advantages of the performance to be obtained from substituting ECC for RSA/DH/DSA in public key cryptographic protocols.
Elliptic curve cryptography has become a cutting edge technology which is being adopted by an increasing number of companies. The two reasons for this new development are: one is ECC has withstood a generation of attacks; second, in the increasing wireless industry, its advantages compared to RSA are more and have made it an attractive security alternative.
Elliptic Curve Discrete Logarithm Problem (ECDLP):
Elliptic Curve Discrete Logarithm Problem is an essential for resolving the problems of elliptic curve cryptography. There are many cryptographic methods deployed to solve the difficulities in Discrete Logarithm problem in various finite groups.
The first group used for this purpose (Diffie-Hellman 1976) was the multiplicative group Fp* in a finite field.
Koblitz and Miller (1985) independently suggested using the group E(Fp) of points modulo p on an elliptic curve.
At this time, the best algorithms for solving the elliptic curve discrete logarithm problem (ECDLP) are much less efficient than the algorithms for solving DLP in Fp* or for factoring large integers.
The ECDLP is intractable; for a given field size, it is vastly harder to find k from kP and P than it is to find kP from k and P.k is thus used as the private key; kP is used as the public.
The ECDLP is widely believed to be resistant to Number Field Sieve attacks. The best known attack is Pollard's Rho-whose difficulty grows more rapidly with the field size than do NFS methods
Let E be an elliptic curve over a finite field F_q. Suppose P is some point of E (F_q) and let Q be a point in < P >. Find an integer t such that Q = [t] P.
The elliptic curve discrete logarithm problem is hard to computationally solve when the point P has large prime order which is widely believed. The known methods for solving the ECDLP are:
The Pohlig-Hellman algorithm (which reduces the problem to subgroups of prime order).
Pohlig-Hellman algorithm: This algorithm reduces the computation factors of discrete logarithm (l) by computing the discrete logarithm in prime order subgroup. .
Shanks' baby-step-giant-step method.
Pollard's methods, the rho method and the kangaroo method, both of which have parallel versions due to van Oorschot and Wiener.
The Menezes-Okamoto-Vanstone (MOV) attack using the Weil pairing.
The Frey-Rueck attack using the Tate pairing.
The attacks on anomalous elliptic curves (i.e., elliptic curves over F_q which have p points) due to Semaev, Satoh-Araki and Smart.
Weil descent (for some sp5ecial finite fields).
Of the above methods, only the anomalous curves attack runs in polynomial time. The MOV, Frey-Rueck and Weil descent methods are (at their fastest) sub exponential in complexity.
Due to the Pohlig-Hellman algorithm it is restrict in the case of where the point P has large prime order. Then only the methods of Shanks and Pollard are applicable for all elliptic curves, and these methods have exponential complexity.
The public key cryptosystems available for ECC are analogues of the cryptosystems available for other discrete logarithm based systems (such as the multiplicative group of a finite field). These include Diffie-Hellman key exchange, El Gamal public key encryption, and ECDSA (an analogue of the US government's digital signature standard).
In fact, the security of cryptosystems based on elliptic curves usually relies on related problems like the (computational) Diffie-Hellman problem (CDH) or the Decision Diffie-Hellman problem (DDH).
Tamper Resistance Device
Tamper resistance device has the ability to defend against a threat. The device is often a cryptographic module but the characteristics could also be important for noncryptograhic devices which are used to protect design intellectual property or provide evidence of the device integrity for trust or warranty purposes. A higher level of attack skills, added work effort and more sophisticated equipments are required to perform the tamper action if the device is designed to have relatively more tamper resistance. Added tamper resistance reduces the probability of compromising the device. It will not damage the devices or triggering a tamper event but it will erase the keys and disables the device. The goal of the tamper resistance is to cause the attacker to inflict clear visible evidence on the device. So that the operator and /or manufacturer is aware of the tamper action and can take appropriate precaution and action.
Tamper detection device has the ability to sense that it is under physical attack and initiate defensive action through tamper response .The design of tamper detection can be implemented to sense different types, techniques and sophistication of tampering. The techniques that are used to detect tampering such as switches which are used to detect the opening of doors or access covers, sensors to detect changes in light or pressure within the devices or a barrier or matrix to detect drilling or penetrating the device boundary. For effective detection mechanism, it must be active regardless of the current logical state of the module.
A device (cryptographic module) is used to perform the tamper response action to prevent the misuse of the cryptographic module or disclosure of Critical Security Parameters (CSPs) that are generated or stored within the device. The response is triggered either by a signal from the sensor designed to detect the treat condition in the module or by an explicit command from an operator. The main objective of the tamper response is to erase the memory locations that contain cryptographic keys, passwords, PINs (see Personal Identification Number) or other critical security parameters that needs to be protected from disclosure to hostile entities.
For acquiring effective response it needs to prevent the misuse of the module while in the treat condition by inhibiting authentication, key management and cryptographic services from being initiated. The response action needs to be finished quickly to prevent the treat from compromising the integrity and trust of the device and CSPs before the response action have been completed.