# Implementation Of Elliptic Curve Cryptography Computer Science Essay

**Published:** **Last Edited:**

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Cryptography provides security to the users data which is transferred through internet networks. It is the process of converting ordinary information plaintext into unintelligible cipher-text (encryption) and retrieving original information (plaintext) from the unintelligible cipher-text back to plaintext (decryption). Elliptic curve cryptography (ECC) is an approach to public-key cryptography based on smaller key sizes, which results in faster computations, lower power consumption, as well as memory and bandwidth savings. For elliptic-curve-based protocols, it is assumed that finding the discrete algorithm of an elliptic curve element is not practical. Improving the performance of these operations is generally achieved by means of integer recoding techniques, which aim at minimizing the scalars' density of nonzero digits. We present a detailed theoretical analysis, together with timings and fair comparisons over both tripling-oriented Doche - Ichart - Kohel curves and generic Weierstrass curves. Our experiments show that our algorithms are almost always faster than their widely used counterparts.

## Mrs. M.Manchu.M.Tech.,

Associate Professor,

Department of Computer science And Engineering,

Ponjesly College of Engineering,

Nagercoil-3.

manchu@yahoo.com

## Index Terms - Elliptic curve cryptography, single/double scalar multiplication, hybrid binary-ternary number system, DIK-3 curves, network security.

## INTRODUCTION

## NETWORK SECURITY

In the field of networking, the area of network security consists of the provision and policies adopted by the network administrator to prevent and monitor unauthorized access, misuse, modification, User's chosen are assigned an ID and password or Other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs conducting transactions and communications among businesses, government agencies and individuals. Network security is involved in organization, enterprises, and other types of institutions. It does as its title explains. It secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.

## 1.2 NETWORK SECURITY CONCEPTS

Network security starts withÂ authenticatingÂ the user, commonly with a username and a password. Since this requires just one detail authenticating the user name -i.e. the password, which is something the user 'knows'- this is sometimes termed one-factor authentication. WithÂ two-factor authentication, something the user 'has' is also used (e.g. aÂ security tokenÂ or 'dongle', anÂ ATM card, or a mobile phone); and with three-factor authentication, something the user is also used (e.g. aÂ finger printÂ orÂ retinal scan). Once authenticated, aÂ firewallÂ enforces access policies such as what services are allowed to be accessed by the network users. Though effective to prevent unauthorized access, this component may fail to check potentially harmful content such asÂ computer worms orÂ TrojansÂ being transmitted over the network.Â Anti-virus softwareÂ or anÂ intrusion prevention systemÂ (IPS)Â help detect and inhibit the action of suchÂ malware. AnÂ anomaly-based intrusion detection systemÂ may also monitor the network andÂ trafficÂ for unexpected (i.e. suspicious) content or behavior and other anomalies to protect resources, e.g. fromÂ denial of serviceÂ attacks or an employee accessing files at strange times. Individual events occurring on the network may be logged for audit purposes and for later high-level analysis.

Communication between two hosts using a network may be encrypted to maintain privacy. Honeypots, essentiallyÂ decoyÂ network-accessible resources, may be deployed in a network as surveillance and early-warning tools, as the honeypots are not normally accessed for legitimate purposes. Techniques used by the attackers that attempt to compromise these decoy resources are studied during and after an attack to keep an eye on newÂ exploitationÂ techniques. Such analysis may be used to further tighten security of the actual network being protected by the honeypot.

## 1.3 SECURITY MANAGEMENT

Security management for networks is different for all kinds of situations. A home or small office may only require basic security while large businesses may require high-maintenance and advanced software and hardware to prevent malicious attacks fromÂ hackingÂ and spamming.

## 1.4 INFORMATION SECURITY

Information security is characterized as the preservation of

Confidentiality - ensuring that information is accessible only to those authorized to have access.

Integrity - safeguarding the accuracy and completeness of information and processing methods.

Availability - ensuring that authorized users have access to information and relating assets when required. Information security is achieved by implementing a suitable set of controls, which could be policies, practices, procedures, organizational practices and software functions

## 1.5 BENEFITS OF USING NETWORKS

As business grows, good communication between employees is essential. Can improve efficiency by sharing information such as common files, databases and business application software over a computer network with improvements in network capacity and the ability to work remotely, successful business should regularly re-evaluate their needs and their IT infrastructure. Properly planned, an efficient network brings a wide range of benefits to a company.

To improve communication by connecting your computers and working on standardized systems, so that

Staff, suppliers and customers are able to share information.

Sharing information can make your business more efficient.

Staffs are better equipped to deal with queries and deliver a better standard.

You can reduce costs and improve efficiency by storing information in one centralized database and streamlining working practices, so that:

Staff can deal with more customers at the same time by accessing databases.

Network administration can be centralized, less IT support is required

Costs are cut through sharing of peripherals such as printers, scanners etc.

You can reduce errors and improve consistency by having all staff work from a single source of information, so that standard versions of manuals and directories can be made available, and data can be backed up from a single point on a scheduled basis, ensuring consistency.

Computers which are connected through a network can share resources as hard drives, printers, scanners etc with each other.

They can send file from one computer to another quite easily.

You can connect all the computers which are connected through a network to the internet by using a single line. So it means that you can save the connection cost for each computer but you internet connection must be fast.

If you want to access data from the computer which is the part of network then you can access data from that computer.

Users can run those programs which are not installed on their computers but are installed on any other user's computer.

## 1.6 NEEDS OF CRYPTO SYSTEM

Networking is used in many fields in the world level. In current time network technology is improving. At the same time instruction is most problematic one. The security of data from hackers or intruders is very much important. If we detect the instructions, destruction of files can be avoided as well as data are protected from unauthorized persons or intruders.

## LITERATURE SURVEY

In [1] J. Adikari, V.S. Dimitrov, and L. Imbert, "Hybrid Binary-Ternary Joint form and Its Application in Elliptic Curve Cryptography" proposed Speeding-up the double scalar multiplication in elliptic curve cryptography. This is used in ECDSA for digital signature verification. The new algorithm, Hybrid binary-ternary joint form will be introduced. Gain achieved with new algorithm is up to 19%. HBTJF has fewer number of non-zero columns in its representation compared to JSF and interleaving method. HBTJF has fewer numbers of columns in its representation compared to JSF and interleaving method. Needs to have efficient point tripling methods.

Â In [2] R. Avanzi, V.S. Dimitrov, C. Doche, and F. Sica, "Extending Scalar Multiplication Using Double Bases,"Â Proposed a unifying theory by proposing an alternate recoding algorithm which works in all cases with optimal constants. Furthermore, it can also solve the until now untreatable case where both A and B are non real. The resulting scalar multiplication method is then compared to standard methods for Koblitz curves. It runs in less than log n/ log n elliptic curve additions, and is faster than any given method with similar storage requirements already on the curve K-163, with larger improvements as the size of the curve increases, surpassing 50% with respect to the _-NAF for the curves K-409 and K-571. With respect of windowed methods, that can approach our speed but require O(log(n)/ log log(n)) precomputations for optimal parameters, we offer the advantage of a fixed, small memory footprint, as we need storage for at most two additional points.

In[3]Â D.J. Bernstein, P. Birkner, T. Lange, and C. Peters, "Optimizing Double-Base Elliptic-Curve Single-Scalar Multiplication,"Â proposed the best speeds that can be obtained for single-scalar multiplication with variable base point by combining a huge range of options: - many choices of coordinate systems and formulas for individual group operations, including new formulas for tripling on Edwards curves; - double-base chains with many different doubling/tripling ratios, including standard base-2 chains as an extreme case; - many precomputation strategies, going beyond Dimitrov, Imbert, Mishra (Asiacrypt 2005) and Doche and Imbert (Indocrypt 2006). Optimized precomputations and triplings save time for single-scalar multiplication in Jacobian coordinates, Hessian curves, and tripling-oriented Doche/Icart/Kohel curves. However, even faster single-scalar multiplication is possible in Jacobi intersections, Edwards curves, extended Jacobi-quartic coordinates, and inverted Edwards coordinates, thanks to extremely fast doublings and additions; there is no evidence that double-base chains are worthwhile for the fastest curves. Inverted Edwards coordinates are the speed leader.

In [4] V.S. Dimitrov, L. Imbert, and P.K. Mishra, "Efficient and Secure Elliptic Curve Point Multiplication Using Double-Base Chains,"proposed an efficient and secure point multiplication algorithm, based on double-base chains. This is achieved by taking advantage of the sparseness and the ternary nature of the so called double-base number system (DBNS). The speed-ups are the results of fewer point additions and improved formulae for point triplings and quadruplings in both even and odd characteristic. Our algorithms can be protected against simple and differential side-channel analysis by using side-channel atomicity and classical randomization techniques. Our numerical experiments show that our approach leads to speed-ups compared to windowing methods, even with window size equal to 4, and other SCA resistant algorithms.

Â In [10]Â R.L. Rivest, A. Shamir, and L. Adleman, "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems", proposed An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key. This has two important consequences: Couriers or other secure means are not needed to transmit keys, since a message can be enciphered using an encryption key publicly revealed by the intended recipient. Only they can decipher the message, since only he knows the corresponding decryption key. A message can be \signed" using a privately held decryption key. Anyone can verify this signature using the corresponding publicly revealed encryption key. Signatures cannot be forged, and a signer cannot later deny the validity of his signature.

## III PROPOSED DESIGN

System implements data security by implementing Elliptic curve cryptography in an internetworking environment. Elliptic curve cryptography (ECC) is an approach to public-key cryptography based on smaller key sizes, which results in faster computations, lower power consumption, as well as memory and bandwidth savings. For elliptic-curve-based protocols, it is assumed that finding the discrete algorithm of an elliptic curve element is not practical.

Proposed system implements the ECC by splitting the message before encryption, a message M is first splited into n partial messages that are individually converted to ECC point and then encrypted E. This encrypted information is further split into partial encrypted messages.

The system then transmits each partially encrypted message from sender S into different routes to the receiver. The nodes on these routes forward these messages to receiver after adding a delay value to ensure that the receiver has received the partial encrypted message that was routed though that node.

When receiver R collects more partially encrypted messages, and then it recalculates the encrypted message E (with the help of ECC points) by combining all partially encrypted messages. Finally the encrypted message is decrypted using ECC public key cryptography and then original message is retrieved at the Receiver R.

## 3.1 Architectural Design

## Creation of ECC Point

ECC point creation is a major task in the implementation of ECC Curve cryptography. The BranchManager decides the creation of ECC points. Based on these ECC points the splitting of messages and node selection to pass the encrypted messages are decided. For all ECC-TC algorithms, multiple secrets are required to be transmitted over the network. But the packet size varies depending on the implemented algorithm thus adding communication overheads. To solve this problem, a solution for sharing up to n secrets which results in constant packet size irrespective of the algorithm. With the given ECC points, so carry out point addition or multiplication/exponentiation. These operations are prerequisite for carrying out encryption using ECC encryption algorithms

## Algorithm 1. HBTNS representation

Input: An integer n > 0

Output: Arrays digits [ ], base [ ]

1: i = 0

2: while n> 0 do

3: if n ï‚º 0(mod3) then

4: digits [i] = 0

5: base [i] =3

6: else if n ï‚º 0(mod2) then

7: digits [i] = 0

8: base [i] =2

9: else

10: digits [i] =1

11: base [i] =2

12: end if

13: n = [n / base [i]]

14: i = i + 1

15: end while

16: return digits [ ], base [ ]

## Description

The Hybrid Binary Ternary Number System represents Mixing bases two and three in the representation of n can be seen as expressing n in a base that is a real number between 2 and 3. Using some probabilistic arguments, this average base Î² can be easily evaluated. For the recoding algorithm presented in Algorithm 1, one obtains Î² =210/1333/13 ï‚» 2.1962. Consequently, a t-bit integer has (logÎ²2)t ï‚» 0.8811t digits on average. This corresponds to a reduction of roughly 12 percent compared to the binary length. The proportion of ones can also be evaluated to 5/13 ï‚» 0.3846, that is approximately 0.3388t.

## User

User is major task holders of the system. User is the person who got registered with the particular branch Manager. After getting registered he can login to his account by giving the user name and password to his home page. It contain the following options

Change account

Add to address book

Creation of ECC factors

View Address book

Compose ECC Mails

Inbox

## Change account

User can change his password by giving old password and new password in proper field. There is a confirm password field to confirm new password this is validated using compare validation control. New password field is restricted by entering less than or equal to six characters, this is done by proper coding.

## Add to Address Book

Add to address book option provides the facility to the user to add contacts to the address book those who are the users of this system. The user can store the information like e-mail id, address, phone no and so on.

## Creation of ECC Factors

ECC factors creation is a major task in the implementation of ECC Curve cryptography. The User decides the creation of ECC factors.

## View Address Book

This option is used to view the address stored in the address book. To view the address book select the group name from the dropdown list box. The contacts added to the particular group can be viewed in the table.

## Algorithm 2. W-hybrid binary-ternary from (W-HBTF)

Input: A positive integer k, two integers b, t>0 such that

ï· = 2b3t

Output: Arrays whbt [ ], base [ ]

i = 0

while k > 0 do

if kï‚º0 ( mod2) then

whbt [i]=0

base [i] =2

else if k ï‚º 0 ( mod2) then

whbt [i]= 0

base [i] = 3

## else

whbt [i]= k mods 2b3t

base [i] = 2

k = k-whbt [i]

## end if

k=k/base [i]

i=i +1

## end while

return whbt[ ] ,base[ ]

## Description

The window hybrid binary ternary form (w-HBTF) for single scalar multiplication extending the concept of w-NAF where w represents the width of a 1D window, the value of w in w-HBTF is an expression of the form 2b3t with b,t ïƒŽ N, which can be seen as a 2D window of width b and height t. For example, when b=1 and t = 2 we get a window of size 2132 = 18. Note that when t = 0 the hybrid binary -ternary representation is equivalent to 2b-NAF. Algorithm 2 is an extension of Algorithm 1. We start by checking whether the input number is divisible by 2 or 3 and, if this is the case, we assign the corresponding digit to zero and the base accordingly. If the number k is neither divisible by 2 nor 3, we subtract k mods w from k such that the result is divisible by w = 2b3t. The corresponding digit is set to k mods w, an integer in [-2b-13t , 2b-13t ], while base is set to 3. The value k is then divided by 3. This guarantees that the next t + b - 1 digits will all be zero.

## Compose ECC Mails

Compose module is used to write mails to the other users in the system. In this sub-module the user can call the group or the members of address book can be directly call and send e-mail.

## Algorithm 3. W-hybrid binary-ternary joint form (W-HBTF)

Input: Two positive integers k1, k2

Output: Arrays hbt1 [ ], hbt2 [ ], base [ ]

i=0

while k1>0 or k2> do

if k1ï‚º0 (mod 2) and k2 ï‚º0 (mod 2) then

hbt [i] = 0, hbt 2 [i]=0

base [i]=2

else if k1ï‚º 0( mod3) and k2ï‚º0 ( mod3) then

hbt1 [i]=0,hbt2[i]=0

base [i] =3

## else

hbt 1[i] =k1 mods 6,hbt 2 [i]=k2 mode 6

base [i]=2

k1= k1= hbt 1[i], k2=k2=hbt 2 [i]

## end if

k1=k1/base[i], k2=k2/base[i]

i= i+1

## end while

return hbt1[ ] , hbt2[ ] , base [ ]

## Description

The computation of the HBTJF for two scalars k1; k2 starts by checking whether both numbers k1 and k2 are divisible by 2. If it is the case, the common base is set to two and both digits are set to 0. In other words, a zero column in base 2 is generated. Failing this first condition, both k1 and k2 are checked for divisibility by three. If both numbers are divisible by three, then a zero-column in base 3 is produced. If none of the above conditions are satisfied, i.e., if k1 and k2 are neither divisible by 2 nor 3 simultaneously, then the values ki mods 6 for i = 1, 2 are subtracted from k1 and k2, respectively, such that both scalars become simultaneously divisible by 6. We then divide both numbers by 2. This step generates a nonzero column in base 2 with the guarantee to generate a zero-column in base 3 at the next step. We repeat this procedure until both k1 and k2 are equal to 0. Note that in the case of a nonzero column, the possible digits belong to the set {-2,-1, 0, 1, 2, 3}.

## Inbox

This module is used to view the mails send by other users to a particular User. By using this he can read the mails and also down load the files if there any attachment.

## Algorithm 4. Reduced hybrid binary- ternary joint form

Input: Two positive integers k1, k2

Output: Arrays rhbt1 [ ], rhbt2 [ ], base [ ]

1: i = 0

2: while k1>0 or k2>0 do

3: if k1ï‚º 0 (mod2) and k2ï‚º 0 (mod2) then

.4: rhbt[i] = 0, rhbt2[i] =0

5: base[i] =2

6: else if k1 ï‚º 0(mod 3) and k2 ï‚º 0 (mod 3) then

7: rhbt1[i] = 0, rhbt2[i] = 0

8: base [i] = 3

9: else

10: if k1ï‚º 0(mod4) or k2 ï‚º 0(mod4) then

11: rhbt1[i] = k1 mode 4,

rhbt2[i] = k2 mods 4

12: base [i] = 2

13: else

14: rhbt1[i] = k1 mods 3,

rhbt2[i] = k2 mods 3

15: base [i] = 3

16: end if

17: k1=k1=rhbt1[i], k2 = k2=rhbt2 [i]

18: end if

19: k1=k1 /base[i], k2 = k2/base [i]

20: i = i+1

21: end while

22: return rhbt1 [ ], rhbt2 [ ], base [ ]

## Description

The difference with Algorithm 3 which computes the (non reduced) HBTJF is in the treatment of the last condition, that is, when k1 and k2 are neither divisible by 2 or by 3 simultaneously (steps 9-18). Instead of subtracting a value from {-2, . . . , 3} from both numbers to get a pair of integers that is divisible by 6, we now check whether k1 or k2 is divisible by 4. If so, we subtract k1 mods 4 and k2 mods 4 from k1 and k2, respectively, followed by a division by 2. Finally, if none of the above conditions are satisfied, we subtract k1 mods 3 and k2 mods 3 from k1 and k2 and perform a division by 3. We reiterate the whole procedure until both k1 and k2 are zero.

## CONCLUSION

Thus the proposed system titles "Implementation of Elliptical Curve Cryptography in Inter-networks" successfully implements the security for users data transmitting through internet work using the ECC-TC cryptography. The new system splits the message into different partial messages based on the ECC points set by different branch administrators. Then these partial messages are encrypted using the crypto keys, it is proved that the encryption at the sender end takes lesser time while compared to previous methods, because of the smaller key size and split before encryption defined in the proposed ECC-TC. It is also proved that while decryption at the receiver end also needs lesser time while compared to the traditional RSA-TC approaches and other split after encryption techniques. The system with low computational efficiency and network with low bandwidth have successfully decrypted the collected messages from various routes. Thus the entire system is more efficient than any of the system.