Elliptic Curve Cryptography Comes of Age: Small Keys Unlock a Big Future

Last updated: 16 May 2016

Encryption Key Management IconWith the Internet of Things (IoT) fast upon us, the technology landscape is quickly evolving to be more connected, mobile, and pervasive. This evolution is entirely dependent on the emergence of a new breed of smart devices that will prove an incredible amount of insight into many aspects of our everyday lives.

At the same time, the breach landscape is painting a rather gloomy picture as to our ability to prevent attackers from compromising our systems and gaining access to our sensitive data. The safety of our information may therefore depend on our ability to update our approach to data protection – perhaps including the expanded use of Elliptic Curve Cryptography.

Here’s why:

Encryption, as we have stated many times on this blog, is the best means of protecting data even in the event of a breach, since the data or values taken will be unreachable to hackers. However, the emergence of Internet of Things presents some unique challenges around the use of encryption.

Why is key length relevant or not relevant? Traditionally, we think of cryptographic key length as an indicator of the level of protection encryption provides for our data.

That is to say, the larger the key, the more security afforded to the dependent data (if the key itself remains secure), and the more time it would take an attacker to break the encryption. It would make sense then that keys sizes should grow as the resources available at an attackers disposal attacker increase.

This is a big reason why NIST recommended moving from RSA 1024-bit keys to RSA 2048-bit keys in 2010.

One of the challenges with this approach is that any increase in key length reduces performance exponentially. In the case of symmetric cryptography, the performance hit from increasing key length will still be minimal, as symmetric crypto requires relatively little compute power.

However, the pre-sharing of keys required in symmetric crypto poses significant key management challenges that may make its use unwieldy in IoT applications.  For this reason, Public Key Cryptography will be the likely choice for securing devices and applications in IoT.

Unfortunately, few IoT devices have the power to leverage cryptographic keys of the length required by RSA today. For this reason, a new breed of more efficient, scalable, and secure cryptographic algorithms are required.

Elliptic Curve Cryptography (ECC) is a next-generation approach to cryptography that uses a mathematical formula to enable the use of relatively small cryptographic keys to provide the same or a greater level of security compared to the larger RSA keys.

Just how much stronger and smaller are ECC keys? Here is an example: a 384 bit ECC key is roughly equivalent to a 7680 bit RSA key.

Key Size Comparison:

ECC Key Size RSA Security Equivalent
224 bit 2048 bit
256 bit 3072 bit
384 bit 7680 bit
521 bit 15360 bit

Crypto Foundation Icon

Although ECC has been around since the mid-1980s, to date it has yet to see wide adoption. This promises to change with the growth of the Internet of Things.

ECC allows devices with limited processing power to achieve a high level of security without sacrificing expensive computing cycles and with minimal effect on application performance.

Primary Types of Elliptic Curve Cryptography Schemes:

  • Elliptic Curve Digital Signature Algorithm (ECDSA) is a digital signature algorithm that is primarily used to authenticate digital content, and identify the author of that content.
  • Elliptic Curve Integrated Encryption Scheme (ECIES) is an integrated encryption scheme that provides security against chosen plain text and chosen cipher text attacks
  • Elliptic curve Diffie–Hellman (ECDH) allows two parties, each with public-private key pairs, to share a secret over an insecure channel.

In addition to the numerous IoT use cases, ECC is also an extremely appealing algorithm to service providers who need to use cryptography on smartphones/tablets, smart meters, Type-1 embedded devices, and RFID chips.

In short, you no longer have to compromise performance for the sake of PKI security- algorithms such as ECC allows you to meet both requirements—just think outside your traditional encryption algorithm box.


IoT Security Guide Book - Cover ThumbnailWant to learn more about securing the internet of things? Download our free guide book, Building a Trusted Foundation for the Internet of Things, which outlines considerations for secuing IoT devices themselves, the “master” of those devices, and communication between the master and devices.

We hope that you’ll also connect with us on Twitter via @GemaltoSecurity to discuss IoT security, data breach trends, information security news, and more.

One thought on “Elliptic Curve Cryptography Comes of Age: Small Keys Unlock a Big Future

  1. Here’s why ECC may not be making people feel good, elliptic curve over real numbers didn’t turn out so well. Elliptic curve is promoted by the NSA, and contrary to popular belief the NSA is not in the business of protecting data. Many cryptographers believe the ECC pseudo-random number generator was fabricated to inject an NSA backdoor into ECC cryptography. The main reason RSA seems like a winner is more people can understand it, at least while I’m looking at it it makes sense. People like me with simple minds gravitate to RSA. Also, a lot can go wrong with the implementation. Sony used ECDSA to sign software on PlayStation and did not implement the algorithm correctly. Even ECC in OpenSSL resulted in Common Vulnerability and Exposures (CVE)-2014-3572, CVE-2014-0076 and CVE-2008-5077. Known Attacks include Side-channel, and twist-security (fault) attacks.

Leave a Reply

Your email address will not be published. Required fields are marked *