Journal of ICT Standardization

Implementation of Elliptic Curve Cryptosystem with Bitcoin Curves on SECP256k1, NIST256p, NIST521p, and LLL

Mohammed Mujeer Ulla — 2023-11-18

Very recent attacks like ladder leaks demonstrated the feasibility of recovering private keys with side-channel attacks using just one bit of secret nonce. ECDSA nonce bias can be exploited in many ways. Some attacks on ECDSA involve complicated Fourier analysis and lattice mathematics. This paper will enable cryptographers to identify efficient ways in which ECDSA can be cracked on curves NIST256p, SECP256k1, NIST521p, and weak nonce, kind of attacks that can crack ECDSA and how to protect yourself. Initially, we begin with an ECDSA signature to sign a message using the private key and validate the generated signature using the shared public key. Then we use a nonce or a random value to randomize the generated signature. Every time we sign, a new verifiable random nonce value is created, and a way in which the intruder can discover the private key if the signer leaks any one of the nonce values. Then we use Lenstra–Lenstra–Lovasz (LLL) method as a black box, we will try to attack signatures generated from bad nonce or bad random number generator (RAG) on NIST256p, SECP256k1 curves. The combination of nonce generation, post-message signing, and validation in ECDSA helps achieve Uniqueness, Authentication, Integrity, and Non-Repudiation. The analysis is performed by considering all three curves for the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA). The comparative analysis for each of the selected curves in terms of computational time is done with the leak of nonce and with the Lenstra–Lenstra–Lovasz method to crack ECDSA. The average computational costs to break ECDSA with curves NIST256p, NIST521p, and SECP256k1 are 0.016, 0.34,0.46 respectively which is almost zero depicting the strength of the algorithm. The average computational costs to break ECDSA with curves SECP256K1 and NIST256p using LLL are 2.9 and 3.4 respectively

Analysis of Elliptic Curve Cryptography & RSA

Mohammad Rafeek Khan — 2023-11-18

In today’s digital world, the Internet is an essential component of communication networks. It provides a platform for quickly exchanging information among communicating parties. There is a risk of unauthorized persons gaining access to our sensitive information while it is being transmitted. Cryptography is one of the most effective and efficient strategies for protecting our data and it are utilized all around the world. The efficiency of a cryptography algorithm is determined by a number of parameters, one of which is the length of the key. For cryptography, key (public/private) is an essential part. To provide robust security, RSA takes larger key size. If we use larger key size, the processing performance will be slowed. As a result, processing speed will decrease and memory consumption will increase. Due to this, cryptographic algorithms with smaller key size and higher security are becoming more popular. Out of the cryptographic algorithms, Elliptic Curve Cryptography (ECC) provides equivalent level of safety which RSA provides, but it takes smaller key size. On the basis of key size, our work focused on, studied, and compared the efficacy in terms of security among the well-known public key cryptography algorithms, namely ECC (Elliptic Curve Cryptography) and RSA (Rivets Shamir Adelman).

Machine Learning Models: A Study of English Essay Text Content Feature Extraction and Automatic Scoring

Wei Shang — 2023-11-18

Accurate automatic scoring of English essay is beneficial for both teachers and students in English teaching. This paper briefly introduced an XGBoost-based automated scoring algorithm for English essay. To improve the accuracy of the algorithm, a long short-term memory (LSTM) semantic model was introduced to extract semantic scoring features from essays. Finally, the improved XGBoost algorithm was compared with the traditional XGBoost and LSTM algorithms in a simulation experiment using five types of essay prompts. The results indicate that the improved XGBoost algorithm has the best performance for automatic scoring of English essay and also requires the shortest scoring time.

A Study on an Intelligent Algorithm for Automatic Test Paper Generation and Scoring in University English Exams

Han Yang — 2023-11-18

This paper mainly studied the automatic test paper generation and scoring problems in university English exams. Firstly, an automatic test paper generation model was established. Then, an improved genetic algorithm (IGA) was designed for intelligent test paper generation, and it was also used to automatically score answers to Chinese-to-English translation questions in terms of syntax and semantics. It was found that compared with the traditional GA and particle swarm optimization algorithm, the IGA method was faster in generating test papers, with an average generation time of 25 s, and had a higher success rate (94%), suggesting higher validity, and the difficulty and differentiation degrees of the test papers were closer to the preset values. The results of automatic scoring also had a correlation of more than 0.8 with the manual scoring results. The results prove the effectiveness of the automatic test paper generation and scoring method. It can be promoted and applied in practice to enhance the security and fairness of large-scale English exams, as well as achieve objectivity and consistency in scoring.

Analyzing the Standardization Landscape for Identity Management in Public Services – A Standards Review for the IMPULSE Project

René Lindner — 2023-11-18

The digitalization of public services is one of the major challenges that public administrations are currently facing. Electronic identifications play a major role for a variety of these related services. Due to the impact these services will have on the daily life of citizens, organizations, and the public at large, the social dimensions must be considered equally to the technical ones. To ensure the applicability, trust, and compliance of electronic identity for access to public services, it is necessary to take into account relevant standards collected through an analysis of the state-of-the-art. In general, the literature on integrating standardization in research projects is very rare and potential impacts of standards related to electronic identification have not been assessed yet. The European project IMPULSE has integrated standardization as an essential element and assessed the relevant standardization landscape as one activity. The analysis of the standardization landscape resulted in the identification of nine formal and six de-facto standards that have high relevance for IMPULSE. The process for this analysis and the resulting dashboard will support future projects to effectively consider, analyze and use standards for their projects.