A Comparative Study of RSA and ECC and Implementation of ECC on Embedded Systems

International Journal of Innovative Research in Advanced Engineering (IJIRAE) ISSN: 2349-2763
Issue 03, Volume 3 (March 2016) www.ijirae.com
_________________________________________________________________________________________________
IJIRAE: Impact Factor Value – SJIF: Innospace, Morocco (2015): 3.361 | PIF: 2.469 | Jour Info: 4.085 |
Index Copernicus 2014 = 6.57
© 2014- 16, IJIRAE- All Rights Reserved Page -86
A Comparative Study of RSA and ECC and Implementation
of ECC on Embedded Systems
Mashrufee Alam*
Department of Computer
Science and Engineering,
Jahangirnagar University,
Savar, Dhaka, Bangladesh.
Israt Jahan
Liton Jude Rozario
Israt Jerin
Savar, Dhaka, Bangladesh
Abstract— A large share of embedded applications are wireless, which makes the communication channel especially
vulnerable. The research in the field of ECC is mostly focused on its implementation on application specific systems,
which have restricted resources like storage, processing speed and domain specific CPU architecture. The focus of
this research is on the implementation of ECC in an embedded iOS application to compare the performance measures
obtained in the wireless environment or embedded systems by using elliptic curve cryptography (ECC), with a
traditional cryptosystem like RSA.
Keywords— ECC, RSA,iOS, Embedded Systems, Cryptography.
I. INTRODUCTION
With the emergence of ubiquitous computing, pervasive computing, and all the other interesting areas, which promise
network and computer resource access everywhere, interesting developments can be witnessed. Small devices that fit in
the palm of your hand are able to do complex operations for which super computers were needed an only a couple of
decades ago. Using sensor networks to monitor facilities at companies allows for a constant supervision in order to
reduce maintenance cost and predict faults well in advance. With these developments however, securing communications
across the network becomes ever more important. However, due to the mobile aspect of many devices and also the
computing resources available in for instance sensor nodes in a sensor network, this can be quite a challenge. Embedded
chips don’t have the same computing resources available then say, a desktop computer. Battery life in mobile devices is
again a limiting factor in what can be achieved. Cryptography in general is mathematically very intensive, and in order to
allow such resource constrained devices to encrypt the data that is send over the network, special care has to be taken as
to what form of cryptography one can use, and to optimize the algorithms used to limit the power consumption and
computing cycles required.
Since the inception of elliptic curve cryptography (ECC) it has gained wide acceptance mostly due to its smaller key size
and greater security. Cryptography in general is mathematically very intensive, and in order to allow resource constrained
devices like embedded systems to encrypt the data that is send over the network, what form of cryptography one can use,
and to optimize the algorithms used to limit the power consumption and computing cycles required. Even optimized
implementations of asymmetric algorithms, e.g., elliptic curve cryptography (ECC), are orders of magnitude more
expensive than established symmetric primitives. The establishment of RSA and later ECC has shown, asymmetric
primitives need a thorough study of implementation aspects until they reveal their full potential. One factor that has been
out of scope of scientific research on many of these alternative primitives is the efficiency with regard to implementation
on embedded systems. Not only is it desirable to have alternatives ready for the case RSA and ECC might get broken.
Some of the alternative schemes can also turn out to be more efficient than current schemes, possibly possessing better
implementation properties than prevailing ones. Accordingly, the study of implementation aspects of alternative public
key cryptosystems can influence the cost, performance, and security of future embedded security applications.
1) Overview of Functional Security
Several functional security primitives have been proposed in the context of network security. These include various
cryptographic algorithms used for encrypting and decrypting data, and for checking the integrity of data. Most
cryptographic algorithms fall into one of three classes – symmetric ciphers, asymmetric ciphers and hashing
algorithms [1]-[2].
 Symmetric ciphers require the sender to use a secret key to encrypt data (the data being encrypted is often
referred to as plaintext) and transmit the encrypted data (usually called the cipher text) to the receiver. On
receiving the cipher text, the receiver then uses the same secret key to decrypt it and regenerate the plaintext.
The cipher text should have the property that it is very hard for a third party to deduce the plaintext, without
having access to the secret key. Thus, confidentiality or privacy of data is ensured during transmission.
Examples of symmetric ciphers include DES, 3DES, AES, and RC4. Most symmetric ciphers are constructed
from computationally lightweight operations such as permutations, substitutions, etc. Thus, they are well
suited for securing bulk data transfers.

_________________________________________________________________________________________________
 Hashing algorithms such as MD5 and SHA convert arbitrary messages into unique fixed-length values, thereby
providing unique “thumbprints” for messages. Hash functions are often used to construct Message
Authentication Codes (MACs), such as HMAC-SHA [15], which additionally incorporate a key to prevent
adversaries who tamper with data from avoiding detection by re- computing hashes.
 Asymmetric algorithms (also called public key algorithms), on the other hand, typically use a private (secret)
key for decryption, and a related public (non- secret) key for encryption. Encryption requires only the public key,
which is not sufficient for decryption. Digital signatures are also constructed using public key cryptography and
hashes. Asymmetric algorithms (e.g., RSA, Diffie-Hellman, etc.) rely on the use of more computationally
intensive mathematical functions such as modular exponentiation for encryption and decryption. Therefore, they
are often used for security functions complementary to secure bulk data transfers such as exchanging symmetric
cipher keys.
Security solutions to meet the various security requirements out- lined in the previous section typically rely on security
mechanisms that use a combination of the aforementioned cryptographic primitives in a specific manner (i.e., security
protocols). Various security technologies and mechanisms have been designed around these cryptographic algorithms in
order to provide specific security services.
Secure communication protocols (popularly called security protocols) provide ways of ensuring secure communication
channels to and from the embedded system. IPSec [3] and SSL [4] are popular examples of security protocols, widely
used for Virtual Private Networks (VPNs) and secure web transactions, respectively.
 Digital certificates provide ways of associating identity with an entity, while biometric technologies [5] such as
fingerprint recognition and voice recognition aid in end-user authentication. Digital signatures, which function
as the electronic equivalent of handwritten signatures, can be used to authenticate the source of data as well as
verify its identity.
 Digital Rights Management (DRM) protocols such as OpenIPMP [6], MPEG [7],ISMA [8] and MOSES [9],
provide secure frameworks intended to protect application content against unauthorized use.
 Secure storage and secure execution require that the architecture of the system be tailored for security
considerations. Simple examples include the use of bus application or a process [11], HW/SW techniques to
preserve the privacy and integrity of data throughout the memory hierarchy [12], execution of encrypted code in
processors to prevent bus probing [13]-[14] etc.
II. PRELIMINARIES
This section briefly discusses the fundamental arithmetic operations required for elliptic curve cryptography defined
over prime field Fp . At the same time we will go though the brief of RSA and security in embedded systems.
A. Elliptic Curve Arithmetic
The equation of elliptic curve is defined over Fp as
E : y2 = x3 +ax +b,
Where 4a3
+27b2
¹0. . All operations on coefficients are performed by modulo p in Fp . Let E Fp( ) be the set of all
rational points on the curve defined over Fp and it includes the point at infinity denoted by O. Let us consider two
rational points J = xJ, yJ( ),K = xK, yK( ), and their addition L = J +K, where L = xL, yL( )and J,K, L Î E FP( ).
1) Point addition: Point addition of two points J and K will result another point L on the same elliptic curve. For
Geometric visualization we can consider J,K, L Î E R( ).

_________________________________________________________________________________________________
Fig. 1 Geometric explanation of point addition on real number R
Here the tangent s is calculated as follows
S =
yK - yJ
xK - xJ
(J ¹ K And xK ¹ xJ )
Then, the x and y coordinates of L is calculated as follows,
xL, yL( ) = s2
- xJ - xK( ), x J -xL( )s- yJ( ), If s ¹0
xL, yL( ) = 0 if s =0
Considering point J such that yJ ¹0 Let L = 2J. Then
s =
3xJ
2
+a
2yJ
xL, yL( ) = s2
-2xJ( ),-yJ + xJ - xL( )s( ), If s ¹0
S is the tangent at the point on EC and O it the additive unity in E Fp( ). When J =-K then J +K =O is called elliptic
curve addition (ECA). If J = K then J +K =2J , which is known as elliptic curve doubling (ECD).
Fig. 2Geometric explanation of point doubling on real numbers R

_________________________________________________________________________________________________
B. RSA encryption and decryption
RSA [3] algorithm is the widely used PKC which security depends on prime factorization problems. Its
operation involves four steps key generation, key distribution, encryption and decryption. The main idea is to find large
positive integers e, d and n such that with modular exponentiation for all m is me
( )
d
modn = m where encryption key e ,
decryption key d and n is a composite number which is a product of two large prime number. Here knowing e and n
or even m it can be extremely difficult to find d .
1) Encryption:First at senders side message M is converted into an integer m where 0 m <n and gcd m,n( )=1.
The cipher text c , is calculated by using receivers public key e as follows
c º me
modn
Which is send to the receiver.
2) Decryption:At receiver’s end m is deciphered from c by using receiver’s private key d by computing
cd
º me
( )
d
º mmodn
3) Key Generation:RSA key generation algorithm is as follows
Input: p,q two large prime numbers
Output: e, d
1. Select 2 large prime numbers of about the same size, p and q
2. Compute n = pq , and j n( )= q -1( ) p -1( )
3. Select encryption key e, 1<e <j(n), such that gcd(e,j(n)) =1
4. Calculate d =e-1
modj n( )( ); i.e., d is the modular multiplicative inverse of e modj n( )( )
III. IMPLEMENTATION AND RESULTS
There are various embedded systems now days. For our simulation we choose mobile platform from Apple. We
developed an iOS application, which can be run in iPad, iPhone or iPod. In which we have implemented the algorithms
RSA, ECC to make comparison between them on different aspects.
A. Simulation environment
For our implementation we choose iOS platform and Objective-c and C as out base programming language. The
simulation environment is an iOS 64bit Simulator that consists of ARM64 bit processor and 1 gigabyte of primary
memory. Apple Security Library is used for protocol implementations. Therefore the result also compares the library
itself for different protocols of RSA and ECC. NIST recommended parameters be used for both RSA and ECC. In short,
 For our Experiment we choose the following environment
 Mac OS X 10.11
 iOS Simulator as our embedded device
 GCC 4.2.1 Compiler
 Objective – C as implementation Language
 iOS Security Library from Apple.
B. Screenshots from iOS Application
In the following Fig. 3, the input and output of the implementation of RSA in a iOS device is shown. Base64
Encoding is used here.

_________________________________________________________________________________________________
Fig. 3Input Output from RSA Algorithm.
In the following Fig. 4, the input and output of the implementation of ECC 128 bits in an iOS device is shown.
Fig. 4 Output from ECC using 128 bit.
Fig. 5 Output from ECC using 192bits.

_________________________________________________________________________________________________
Fig. 6 Output from ECC using 256bits.
In the following Fig. 7, The input and output of the implementation of ECC 384 bits in a iOS device is shown.
Fig. 7 Output from ECC using 385 bits.
C. Performance analysis and Simulation Results
Performance of encryption algorithms, RSA, ECC is evaluated considering the following parameters
1. Key size in bits.
2. The time consumption signature generation and verification.

_________________________________________________________________________________________________
When it comes to ECC, the basic operation is point multiplication, which is known to be very expensive. Some efficient
scalar multiplication algorithm over comes this. Meanwhile, RSA already has a known sub-exponential attack. So, the
bits requirement for RSA generated key pair is supposed to rise much faster than that for ECC generated one. Also, for a
similar level of security, the numbers involved in ECC are smaller as compared to RSA, as can be derived from the data
displayed in table 1 to 4.
TABLE I -
ECC AND COMPARABLE KEY SIZE (IN BITS).
RSA and ECC are compared for their performance taking in account the time factors in the table.
Table II
KEY GENERATION PERFORMANCE.
KEY LENGTH (BITS) TIMES (S)
RSA ECC RSA ECC
1024 163 0.16 0.08
2240 233 7.47 0.18
3072 283 9.80 0.27
7680 409 133.90 0.64
15360 571 679.06 1.44
Table III
SIGNATURE GENERATION PERFORMANCE.
RSA ECC RSA ECC
1024 163 0.01 0.15
2240 233 0.15 0.34
3072 283 0.21 0.59
7680 409 1.53 1.18
15360 571 9.20 3.07
Table IV
SIGNATURE VERIFICATION PERFORMANCE.
RSA ECC RSA ECC
1024 163 0.01 0.23
2240 233 0.01 0.51
3072 283 0.01 0.86
7680 409 0.01 1.80
15360 571 0.03 4.53
D. Result Analysis
From the above table we can find that RSA has roughly 10 times computational overheads than ECC. Systems
parameters and key pairs are shorter for ECC. ECC offers considerable bandwidth saving over RSA as for same level of
security RSA requires much larger key size. Key generation is faster in ECC than RSA. Encryption is faster in ECC but
decryption is slower than RSA. So we can say for iOS devices ECC will be more efficient in terms of security. An
overview of all the comparisons can be summarized into the following TABLE V.
ECC KEY SIZE
(bits)
RSA KEY SIZE
(bits)
KEY SIZE
RATIO (bits)
163 1024 1/6
256 3072 1/12
384 7680 1/20
512 15360 1/30

_________________________________________________________________________________________________
Table V
ECC AND RSA AN OVERALL COMPARISON.
PARAMETERS ECC RSA
Computational Overheads Roughly 10 times than that of RSA
can be saved
More than ECC
Key Sizes System parameters and key pair are
shorter for the ECC
System parameters and key pair are
larger for the RSA
Bandwidth saving ECC offers considerable bandwidth
saving over RSA
Much less bandwidth saving than
ECC
Key generation Faster Slower
Encryption Much faster than RSA At good speed but slower than ECC
Decryption Slower than RSA Faster than ECC
Small Devices Efficiency Much more efficient Less efficient than ECC
IV.CONCLUSION AND FUTURE WORK
The elliptic curve discrete logarithm problem makes ECC most efficient with smaller key size compared to RSA
algorithm. It is mostly considered for resource-constrained devices. Our findings suggest that RSA key generation is
significantly slower than ECC key generation in iOS. Considering there are affordable devices that can break RSA keys
smaller than 1024 bits in a matter of days, the cost of key generation can be considered as a factor in the choice of public
key systems to use when using digital signatures, especially for smaller devices with lesser computational resources. As
our future work we would like to implement ECC in a real world scenario.
ACKNOWLEDGMENT
We gratefully acknowledge the support from Department of Computer Science & Engineering, Jahangirnagar
University, Savar, Dhaka, Bangladesh. Without which the present study could not have been completed.
REFERENCES
[1] W. Diffie, M. E. Hellman, New directions in cryptography. IEEE Transactions on Information Theory, IT-22,
pp644654, November 1976.
[2] N., Koblitz. Elliptic curve cryptography, Mathematics of Computation 48: 203-209. 1987.
[3] R L Rivest, A Shamir, L Adleman, On Digital Signatures and Public Key Cryptosystems, Communications of the
ACM, vol 21 no 2, pp120-126, Feb 1978.
[4] Nicholas Jansma, Brandon Arrendondo, Performance Comparison of Elliptic Curve and RSA Digital
Signatures,Communications of the ACM, vol 21 no 2, pp120-126, Feb 1978.
[5] Dr.M.Gobi, R.Sridevi, R.Rahini priyadharshini, A Comparative Study on the Performance and the Security of RSA
and ECC Algorithm, National Conference on Advanced Networking and Applications, March 2015.
[6] Miguel Salas, A Secure Framework for OTA Smart Device Ecosystems Using ECC Encryption and Biometrics ,
Advances in Security of Information and Communication Networks, Vol 381, pp204-218, 2013.
[7] W. Stallings, Cryptography and Network Security: Principles and Practice, Prentice Hall, Sixth Edition, 1998.
[8] B. Schneier, Applied Cryptography: Protocols, Algorithms and Source Code in C, Second Edition, John Wiley and
Sons, 1996.
[9] Applied Cryptography: Protocols, Algorithms and Source Code in C, Second Edition, John Wiley and Sons, 1996.
[10] Paul Reid, Biometrics and Network Security,Second Edition, Sixth Edition, Prentice, Hall PTR, 2003.
[11] D. Lie, C. A. Thekkath, M. Mitchell, P. Lincoln, D. Boneh, J. C. Mitchell, M. Horowitz, Architectural support for
copy and tamper resistant software,Proc. ACM Architectural Support for Programming Languages and Operating
Systems (ASPLOS), pp168 177, 2000.
[12] G. E. Suh, D. Clarke, B. Gassend, M. van Dijk, S. Devadas, AEGIS: Architecture for Tamper-Evident and Tamper-
Resistant Processing, Proc. Intl Conf. Supercomputing (ICS 03), pp160171, June 2003. A. J. Menezes, P. C. van
Oorschot, S. A. Vanstone, Handbook of Applied Cryptography, CRC Press, Boca Raton, Florida, USA,Fifth Edition,
1997.
[13] Federal Information Processing Standards, National Bureau of Stan- dards, U.S. Department of Commerce, NIST
FIPS PUB 46, Data En- cryption Standard, January 15, 1977.
[14] X. Lai, J. L. Massey, Markov Ciphers and Differential Cryptanalysis In D. W. Davies, editor, Advances in
Cryptology, EUROCRYPT 91, vol.LNCS 547 no.91, pp1738, Berlin, Germany, 1991.
[15] U.S. Department of Commerce/National Institute of Standard and Technology, FIPS PUB 197, Specification for the
Advanced.

A Comparative Study of RSA and ECC and Implementation of ECC on Embedded Systems

More Related Content

What's hot (20)

Viewers also liked (11)

Similar to A Comparative Study of RSA and ECC and Implementation of ECC on Embedded Systems (20)

More from AM Publications (20)

Recently uploaded (20)

A Comparative Study of RSA and ECC and Implementation of ECC on Embedded Systems