Mathematical theory of elliptic curves may help strengthen IT security

May 12th, 2009 - 2:21 pm ICT by ANI  

Washington, May 12 (ANI): An approach based on the mathematical theory of elliptic curves may pave the way much more efficient cryptography - which underpins privacy, confidentiality, and identity to provide the fabric for e-commerce and secure communications - that will be capable of strengthening security against cyber crime and any terrorist attacks via the Internet.

The RSA cryptosystem - introduced by Rivest, Shamir, and Adlement in 1977 - relies for its security on the difficulty of working out the factors dividing large integers. Though it has performed well until now, the level of protection it provides has been eroded by constant efforts to develop more efficient methods for breaking it.

Scientists now say that the mathematical theory of elliptic curves may turn out to be helpful in developing more efficient cryptography capable of providing the optimum combination of security and processing efficiency.

Elliptic curves are equations with two variables, say x and y, including terms where both x and y are raised to powers of two or more.

The theory of elliptic curves has ironically been exploited for attacks on RSA cryptography.The potential for elliptic curves and other modern techniques of mathematics were discussed at a recent workshop organised by the European Science Foundation (ESF), which set the stage for development of a programme of European-wide research on the field.

“The impact of the elliptic curve method for integer factorisation (developed by my PhD advisor Hendrik Lenstra) has played a role in introducing elliptic curves to cryptographers, albeit for attacking the underlying problem on which RSA is based (the difficulty of factoring integers),” said David Kohel, convenor of the ESF workshop, from the Institut de Mathematiques de Luminy in Marseille, France.

Kohel noted that the advantage of elliptic curve cryptography lies in its immunity to the specialised attacks that have eroded the strength of RSA, with the result that smaller keys can be used to provide a given level of protection.

“The size of the parameters (essentially the key size) for elliptic curve cryptography (ECC) needed to ensure security (under our current state of understanding) is much lower for ECC than for RSA or ElGamal (another alternative cryptographic method,” he said.

Consequently, said the researcher, even though the algorithms required to implement ECC are actually more complex than for RSA, it is computationally more efficient.

In effect, ECC will make it easier to stay a step ahead of the hackers without undue load on computers.

“In general, the cryptographer has the benefit over the cryptanalyst (the person attacking the cryptosystem) as he or she can select the key size for any desired level of security (measured in ‘cost’ either in euros or computer-years), provided everyone has the same base of knowledge of best attacks on the underlying cryptosystem,” Kohel said.

While it is still much harder computationally to break the system than to use it with RSA, Kohel points out that this margin is greater for ECC. (ANI)

Tags: , , , , , , , , , , , , , , , , , , ,

Posted in Health Science |