Implementation of Elliptic Curve Cryptosystem with Bitcoin Curves on SECP256k1, NIST256p, NIST521p, and LLL
DOI:
https://doi.org/10.13052/jicts2245-800X.1141Keywords:
Internet of Things, ECC – elliptic curve cryptography, SEC – U.S. securities and exchange commission, IEEE – institute of electrical and electronics engineers, ISO – international organization for standardization, American national standards institute, The NIST national institute of standards and technology, American security agency, EdDSA – edwards curve digital signature algorithm nonce – number only used once, RAG – random number generatorAbstract
Very recent attacks like ladder leaks demonstrated the feasibility of recovering private keys with side-channel attacks using just one bit of secret nonce. ECDSA nonce bias can be exploited in many ways. Some attacks on ECDSA involve complicated Fourier analysis and lattice mathematics. This paper will enable cryptographers to identify efficient ways in which ECDSA can be cracked on curves NIST256p, SECP256k1, NIST521p, and weak nonce, kind of attacks that can crack ECDSA and how to protect yourself. Initially, we begin with an ECDSA signature to sign a message using the private key and validate the generated signature using the shared public key. Then we use a nonce or a random value to randomize the generated signature. Every time we sign, a new verifiable random nonce value is created, and a way in which the intruder can discover the private key if the signer leaks any one of the nonce values. Then we use Lenstra–Lenstra–Lovasz (LLL) method as a black box, we will try to attack signatures generated from bad nonce or bad random number generator (RAG) on NIST256p, SECP256k1 curves. The combination of nonce generation, post-message signing, and validation in ECDSA helps achieve Uniqueness, Authentication, Integrity, and Non-Repudiation. The analysis is performed by considering all three curves for the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA). The comparative analysis for each of the selected curves in terms of computational time is done with the leak of nonce and with the Lenstra–Lenstra–Lovasz method to crack ECDSA. The average computational costs to break ECDSA with curves NIST256p, NIST521p, and SECP256k1 are 0.016, 0.34,0.46 respectively which is almost zero depicting the strength of the algorithm. The average computational costs to break ECDSA with curves SECP256K1 and NIST256p using LLL are 2.9 and 3.4 respectively
Downloads
References
Chintan Patel, Nishant Doshi 2021 “Secure Light Weight Key Exchange Using ECC For User Gateway Paradigm IEEE Transactions on Computer DOI: 10.1109/TC.2020.3026027 Page: 1–1.”
Xiaoqiang Zhang And Xuesong Wang 2018 “Digital Image Encryption Algorithm Based on Elliptic Curve Public Cryptosystem” IEEE Access Pages: 70025–70034 ISSN: 2169-3536 Volume: 6.”.
Mohammad Ayoub Khan, Mohammed Tabrez Quasim, Norah Saleh Alghamdi, Mohammad Yahiya Khan. 2020 “A Secure Framework for Authentication and Encryption Using Improved ECC for IoT-Based Medical Sensor Data” IEEE Access Pages: 52018–52027 ISSN: 2169-3536 Volume: 8.
Nizar Ouni and Ridha Bouallegue May 2016 “Performance And Complexity Analysis of Reduced Iterations LLL Algorithm” International Journal of Computer Networks & Communications (IJCNC) Vol. 8.
Yunju Park and Jaehyen 2016 Analysis of the upper bound on the complexity of LLL Algorithm, Journal of the Korean Society for Industrial and Applied Mathematics“ Vol. 20, No. 2, 107–121,
Dan Boneh & Ramarathnam Venkatesan 2001 “Hardness of Computing the Most Significant Bits of Secret Keys in Diffie-Hellman and Related Schemes” Lecture Notes in Computer Science – Annual International Cryptology Conference, volume 1109, pp. 129–142.
Badis Hammi, Achraf Fayad, Rida Khatoun, Sherali Zeadally and Youcef Begriche 2020 “A Lightweight ECC-Based Authentication Scheme for Internet of Things (IoT)” IEEE Systems Journal Pages: 3440–3450 DOI: 10.1109/JSYST.2020.2970167, Volume: 14.”.
Joachim Breitner and Nadia Heninger 2019 “Biased Nonce Sense: Lattice Attacks against Weak ECDSA Signatures in Cryptocurrencies” Lecture Notes in Computer Science Springer International Publishing – Financial Cryptography and Data Security.
Javed R. Shaikh, Maria Nenova, Georgi Iliev and Zlatka Valkova-Jarvis 2017 “Analysis of Standard Elliptic Curves for the Implementation of Elliptic Curve Cryptography in Resource-Constrained E-commerce Applications” IEEE-COMCAS ISBN:978-1-5386-3169-0.”.
Shen Guicheng, Yu Zhen 2013 “Application of Elliptic Curve Cryptography in Node Authentication of Internet of Things IEEE-IIHMSP ISBN:978-0-7695-5120-3 DOI: 10.1109/IIH-MSP.2013.118.”.
Ravi Kishore Kodali and Ashwitha Naikoti 2016 “ECDH based Security Model for IoT using ESP 8266” IEEE – ICCICCT DOI: 10.1109/ICCICCT.2016.7988026”.
