EFFICIENCY AND EFFECTIVENESS ANALYSIS OVER ECC-BASED DIRECT AND INDIRECT AUTHENTICATION PROTOCOLS: AN EXTENSIVE COMPARATIVE STUDY

ISSN: 2229-6948(ONLINE) DOI: 10.21917/ijct.2012.0072 ICTACT JOURNAL ON COMMUNICATION TECHNOLOGY, MARCH 2012, VOLUME: 03, ISSUE: 01 EFFICIENCY AND EFFECTIVENESS ANALYSIS OVER ECC-BASED DIRECT AND INDIRECT AUTHENTICATION PROTOCOLS: AN EXTENSIVE COMPARATIVE STUDY K. Thilagavathi1 and P.G.Rajeswari2 1 2 Department of Mathematics, Kongunadu Arts and Science College, India Department of Science and Humanities, Easa College of Engineering and Technology, India E-mail: [19]. Elliptic curve cryptography plays an important role in authentication and encryption protocols [5] [18]. ECCs are used commonly in constrained environments, such as portable and wireless devices, as a small-area, low-energy alternative to the RSA cryptosystem. The primary application of ECC is secure key agreement and digital signature generation and verification [6]. In both of these applications the primary optimization criterion from the implementation point of view is the minimum latency (rather than the maximum throughput) [7]. An elliptic curve is a type of cubic curve whose solutions are confined to a region of space that is topologically equivalent to a torus [8]. The crucial property of an elliptic curve is that we can define a rule for adding two points which are on the curve, to obtain a third point which is also on the curve. This addition rule satisfies the normal properties of addition [9]. Elliptic curve cryptosystems require less computational power, memory, communication bandwidth and network connectivity [15]. The main attraction of ECC over RSA and DSA is because they take sub-exponential time to solve the underlying hard mathematical problem in ECC (the elliptic curve discrete logarithm problem (ECDLP) while the best known algorithm takes full exponential time [11]. The ECC is intended to be used in the security layer to automatically encrypt/decrypt all data that flows to or from the application layer. We develop a front-end program to demonstrate the functionality of the ECC. This frontend program utilizes the ECC to encrypt a plain text data file. The program can be used on /computing devices in order to store confidential data securely onto the device. In addition to encryption and decryption, ECC can be applied to other applications such as Digital Signatures, Mutual Authentication, and Secure Data Transmission [10]. ECC is becoming the mainstream cryptographic scheme in all mobile and wireless devices. Smart cards are one of the most popular devices for the use of ECC and many manufacturing companies produce smart cards that make use of elliptic curve digital signature algorithms [13]. Elliptic curve cryptography has become the cryptography of choice for mobile computing and communications devices due to its size and efficiency benefits [16]. Some of the works that have been done with Elliptic Curve Cryptography is reviewed in the following section. Abstract Elliptic curve cryptography finds enormous applications because of its security offering using the remarkable property of elliptic curve. The Elliptic curve cryptography finds enormous applications in almost all the emerging areas. However in mobile networks, the usage of elliptic curve cryptography is limited. Moreover, the operation of mobile networks in an un-trusted environment increases the significance of the usage of security protocols. To provide a secure environment, an improved authentication protocols are required as the menacing effects increasing. Hence, in the previous works, we have proposed two authentication protocols. One of the protocols performs direct authentication and the other one performs indirect authentication. However, the performance of both of them has to be analyzed. Hence in this paper, a comparative analysis is made between the two authentication protocols. The analysis is done empirically as well experimentally. For performance analysis, the efficiency measures such as computational overhead, communication overhead, storage overhead and total computational complexity and the effectiveness measures such as replay attack, guessing attack and Stolen-Verifier attack are considered. Keywords: Elliptic Curve Cryptography (ECC), Direct Authentication Protocol, Indirect Authentication Protocol, Efficiency, Effectiveness 1. INTRODUCTION The rapid progress in wireless mobile communication technology and personal communication systems has prompted new security questions. Since open air is used as the communication channel, the content of the communication may be exposed to an eavesdropper, or system services can be used fraudulently. In order to have reliable proper security over the wireless communication channel, certain security measures need to be provided [12].The mobile environment aggravates some of the security concerns and threats. Mobile users will use resources at various locations and this may be provided by different service providers. Integrity and confidentiality of information stored on the mobile appliance is another important concern. A competing system that has emerged recently is ECC [10]. ECC is a public key cryptography system superior to the well-known RSA cryptography: for the same key size, it gives a higher security level than RSA [3] [14]. From the time when the use of elliptic curves in public key cryptography was suggested in 1985, increasingly effective implementations of ECC systems have been developed. Today, these systems are as fast as systems based on integer factoring with same key length [1]. Elliptic curves have been broadly used in the design of cryptosystems [2] [17]. ECC has been adopted in a wide variety of applications from digital certificates in web server authentication to embedded processors in wearable devices [4] 2. RELATED WORKS Pathak et al. [20] have proposed a new modified algorithm called ‘Direct Recoding Method’ for computation of signed binary representation. Their proposed method has been more efficient compared to other standard methods such as NAF, MOF and complementary recoding method. Rahila Bilal et al. [21] has discussed that Elliptic Curve Cryptography has been 515 K THILAGAVATHI AND P G RAJESWARI: EFFICIENCY AND EFFECTIVENESS ANALYSIS OVER ECC-BASED DIRECT AND INDIRECT AUTHENTICATION PROTOCOLS: AN EXTENSIVE COMPARATIVE STUDY one of the most interesting research topic in VLSI. FPGA based architecture for elliptic curve cryptography coprocessor, which has promising performance in terms of both Space Complexity and Time Complexity has been proposed in their paper. The modules have been simulated using Modelsim SE software and synthesized using Xilinx ISE 9.2i software. Experimental results have shown that ECC coprocessor realized in their architecture can speed up an elliptic curve scalar multiplication suitable for low area constraint applications and very high speed applications. Adnan Abdul-Aziz Gutub [22] has designed and modeled an improved parallel elliptic curve processor. The Jacobian coordinates system has been adjusted (...truncated)