L03_publickeycrypto

Certicomcom a canadian based company is one of

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: nd digital signature respectively key Certicom (http://www.certicom.com, a canadian-based company, is one of canadian-based the leading companies for ECC commercialization the ECC Vs. RSA ECC Shorter keys (equivalent key sizes: Shorter ~150bits Vs. 1024bits of RSA) and thus, shorter signature as well. thus, Fast and compact implementations, Fast especially in hardware especially => Advantageous in environments with => limited bandwidth and storage, e.g. wireless applications, smartcards, embedded systems embedded Shorter history of cryptanalysis (since Shorter early 90’s) early Complex mathematical description No patents for the cryptosystems No themselves, but many on the implementation optimization implementation Shorter signature generation time Shorter key generation time Larger no. of operations for attacks Larger against the algorithm against RSA Proven technology, Proven Widely deployed and used in a Widely large set of general applications large Efficient software implementation Longer history of cryptanalysis Longer (since late 70’s) (since Patent expired in 2000 Shorter signature verification time Larger Memory requirements for Larger attacks against the algorithm attacks ECC Vs. RSA (cont’d): Equivalent Key-size to support same level of Security RSA PKC 512 MIPS-Years to MIPS-Years Crack Crack 3 x 104 768 2 x 108 1024 3 x 1011 7.1 x 1018 1280 1 x 1014 1.6 x 1028 1536 3 x 1016 2048 3 x 1020 Elliptic Curve PKC Key Key Size Size 150 MIPS-Years MIPS-Years to Crack to 3.8 x 1010 205 234 Key Size Example: Equivalent key-sizes given current acceptable security level of 4.12x10 12 MIPS-year: RSA : ECC : Symmetric cipher, (e.g. AES) = 1024:163:79 [ Ref: 1GHz Pentium PC ~= 250 MIPS] Relative Performance: ECC Vs. RSA (cont’d) Estimated Relative Time units of Estimated Encryption/Decryption and/or Key-exchange (source: RSA) Encryption/Decryption RSA Initiate contact Initiate (Public Key) (Public Receive message Receive (Private Key) (Private DH ECC ECC with 1 32 18 acceleration N/A 13 16 6 2 Estimated Relative Time units of Estimated Digital signing and verification (source: RSA) Digital RSA DSA ECC ECC with Sign (Private Key) 13 17 7 acceleration 2 Verify (Public Key) 1 33 19 N/A Some Cryptographic predictions by the S. of RSA: AES will remain secure for the forseeable future Some PK schemes and key sizes will be successfully attacked Some in the next few years in Crypto will be invisibly everywhere Vulnerabilities will be visibly everywhere Crypto research will remain vigorous, but only its simplest ideas Crypto will become practically useful will Non-crypto security will remain a mess...
View Full Document

This note was uploaded on 12/05/2013 for the course IERG 4130 taught by Professor Chowsze-ming,sherman during the Fall '13 term at CUHK.

Ask a homework question - tutors are online