Smart home IoT use case with elliptic curve based digital signature: an evaluation on security and performance analysis
Azrin Zahan, Md. Selim Hossain, Ziaur Rahman and SK. A. Shezan
Abstract
This paper concerns the lightweight cryptography, elliptic curve cryptography on the Internet of Thing (IoT). Most of the system depends on the internet, so it is IoT that is an excellent evolution of technology. Smart home, city, university are some familiar examples of the Internet of Things. It is a great challenge to modernize our world into the smart world from the security perspective. For instance, at the smart home door system, an unauthorized person can easily break the security that means opening the door after trying the password several times. Some security schemes have been proposed to enhance IoT security issues after adopting the public key infrastructure (PKI) system that is either not secure or has complexity. The lightweight nature of the IoT devices often demands different security approaches apart from existing web security that motivates us to enhance IoT security upon different primitive such as elliptic curve cryptography (ECC). Here, we propose sample IoT scenarios to incorporate ECC instead of an existing technique as it has the thin nature in key size, and at the same size of the key ECC show more strength than RSA-driven technique. We evaluate our proposed system based on a smart-door IoT system using a simulation tool, namely Cryptool 2. The contribution of this work is to show how ECC performs better than the Rivest–Shamir–Adleman (RSA) based approach in the considered IoT use-case.
Keyword
Internet of thing, Elliptic curve cryptography, Security, Smart home.
Cite this article
Zahan A, Hossain MS, Rahman Z, Shezan SA
Refference
[1][1]Hussain F. Internet of things: building blocks and business models. Springer International Publishing; 2017.
[2][2]Rosing M. Implementing elliptic curve cryptography. Manning Publications Co.; 1999.
[3][3]P Shruti, R Chandraleka. Elliptic curve cryptography security in the context of internet of things. International Journal of Scientific & Engineering Research. 2017; 8(5):90-3.
[4][4]Vargheese R, Dahir H. An IoT/IoE enabled architecture framework for precision on shelf availability: enhancing proactive shopper experience. In international conference on Big Data 2014 (pp. 21-6). IEEE.
[5][5]Clarke RY. Smart cities and the internet of everything: the foundation for delivering next-generation citizen services. Alexandria, VA, Tech. Rep. 2013.
[6][6]Hankerson D, Menezes AJ, Vanstone S. Guide to elliptic curve cryptography. Computing Reviews. 2005; 46(1).
[7][7]Koblitz N. Elliptic curve cryptosystems. Mathematics of Computation. 1987; 48(177):203-9.
[8][8]Johnson D, Menezes A, Vanstone S. The elliptic curve digital signature algorithm (ECDSA). International Journal of Information Security. 2001; 1(1):36-63.
[9][9]Tange H, Andersen B. Attacks and countermeasures on AES and ECC. In international symposium on wireless personal multimedia communications 2013 (pp. 1-5). IEEE.
[10][10]Geometry RA. IEEE 13th international conference on wireless and mobile computing, networking and communications. International workshop on smart environments and urban networking-2017.
[11][11]Forouzan BA. Cryptography & network security. McGraw-Hill, Inc.; 2007.
[12][12]Gupta V, Stebila D, Fung S, Shantz SC, Gura N, Eberle H. Speeding up secure web transactions using elliptic curve cryptography. In NDSS 2004.
[13][13]Sinha R, Srivastava HK, Gupta S. Performance based comparison study of RSA and elliptic curve cryptography. International Journal of Scientific & Engineering Research. 2013; 4(5):720-5.
[14][14]Gennaro R, Jarecki S, Krawczyk H, Rabin T. Robust threshold DSS signatures. In international conference on the theory and applications of cryptographic techniques 1996 (pp. 354-71). Springer, Berlin, Heidelberg.
[15][15]Joye M, Tymen C. Protections against differential analysis for elliptic curve cryptography—an algebraic approach. In international workshop on cryptographic hardware and embedded systems 2001 (pp. 377-90). Springer, Berlin, Heidelberg.
[16][16]Tiwari HD, Kim JH. Novel method for DNA‐based elliptic curve cryptography for IoT devices. ETRI Journal. 2018; 40(3):396-409.
[17][17]Jansma N, Arrendondo B. Performance comparison of elliptic curve and RSA digital signatures. nicj. net/files. 2004.
[18][18]Rajeshwari PG, Thilagavathi K. An efficient authentication protocol based on elliptic curve cryptography for mobile network. International Journal of Computer Science and Network Security. 2009; 9(2):176-185.
[19][19]Kumari S, Karuppiah M, Das AK, Li X, Wu F, Kumar N. A secure authentication scheme based on elliptic curve cryptography for IoT and cloud servers. The Journal of Supercomputing. 2018; 74(12):6428-53.
[20][20]Bos J, Kaihara M, Kleinjung T, Lenstra AK, Montgomery PL. On the Security of 1024-bit RSA and 160-bit Elliptic Curve Cryptography. 2009.
[21][21]Mahto D, Khan DA, Yadav DK. Security analysis of elliptic curve cryptography and RSA. In proceedings of the world congress on engineering 2016 (pp. 419-22).
[22][22]Mahto D, Yadav DK. Network security using ECC with biometric. In international conference on heterogeneous networking for quality, reliability, security and robustness 2013 (pp. 842-53). Springer, Berlin, Heidelberg.
[23][23]Mahto D, Yadav DK. RSA and ECC: a comparative analysis. International Journal of Applied Engineering Research. 2017; 12(19):9053-61.