1 / 17

An Efficient Identity-based Cryptosystem for End-to-end Mobile Security

An Efficient Identity-based Cryptosystem for End-to-end Mobile Security. IEEE Transactions on Wireless Communications, 2006 Jing-Shyang Hwu, Rong-Jaye Chen, Yi-Bing Lin 2008. 12. 04 Presented by Jang Chol Soon. Contents. Introduction Background ID-based Encryption Elliptic Curves

lan
Download Presentation

An Efficient Identity-based Cryptosystem for End-to-end Mobile Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. An Efficient Identity-based Cryptosystem for End-to-end Mobile Security IEEE Transactions on Wireless Communications, 2006 Jing-Shyang Hwu, Rong-Jaye Chen, Yi-Bing Lin 2008. 12. 04 Presented by Jang Chol Soon

  2. Contents • Introduction • Background • ID-based Encryption • Elliptic Curves • Divisor • Weil Pairing • Efficient Computation for Weil Pairing • Point Halving • Halve-and-Add Method for Weil Pairing • Performance Evaluation • Application System • Conclusions

  3. Introduction • Mobile security • Mobile operators have provided security protection including • authentication and encryption for circuit-switched voice services. • Wireless data services(e.g. mobile banking) are likely to be offered • by third parties(e.g. banks) • The third parties can’t trust the security mechanisms of mobile operators. • :their own solution for end-to-end security. • End-to-end security mechanisms in mobile services • : public-key cryptosystem • The main concern in public-key cryptosystem • : the authenticity of public key ⇒ “certificate” • The certificate is issued by a trusted third party consisting of the user name • and his public key.

  4. Introduction • ID-based cryptography • In 1984, Shamir • The public key of a user can be derived from public information • that uniquely identifies the user. (e.g. e-mail, telephone number) • The first complete ID-based cryptosystem • · In 2001, Boneh and Franklin • · use a bilinear map(Weil pairing) over elliptic curves • Major advantages • · No certificate • · Users need not memorize extra public keys. • Drawback • · Overhead for the pairing computing

  5. Background • Background • A. ID-based Encryption (scheme) • B. Elliptic Curves • C. Divisor • D. Weil pairing

  6. Background • A. ID-based Encryption (IBE) scheme • use a bilinear map called Weil pairing over elliptic curves. • bilinear map • · transform a pair of elements(P, Q) in group G1 • · send the pair to an element in group G2 in a way that satisfies • some properties (bilinearity: It should be linear in each entry of the pair.) • Weil pairing on elliptic curves is selected as the bilinear map • · G1 : the elliptic curve group → • · G2 : the multiplicative group → • The decryption procedure yields the correct message • because of the bilinearity of the Weil pairing.

  7. Background • A. ID-based Encryption (IBE) scheme • The security level depends on the size of the finite field • because the scheme is constructed on an elliptic curve. • ex) an elliptic curve over 163-bit finite field = 1024-bit RSA • The most significant overhead isthe computation of Weil pairing. PKG Elliptic curves Weil pairing Sender Receiver

  8. Background • B. Elliptic Curves • p : a prime larger than 3 • : infinity point → the identity element • An elliptic curve over a finite field of size p noted by GE(p) • are • The group operation is written as addition • instead of multiplication. λ : the slope of the line passing through P and Q

  9. Background • C. Divisor • A useful device for keeping track of the zeros and poles of relational • functions • defined as a formal sum of points on elliptic curve group • : a non-zero integer that specifies the zero/pole property of point P • and its respective order. • A formula for adding two divisors in canonical form • · provide a method of finding a rational function f • · critical for computing Weil pairing

  10. Background • D. Weil Pairing • Weil pairing e(P, Q) is defined as follows • The Weil pairing has the bilinearity property. • The first algorithm for e(P, Q) computation is Miller’s Algorithm.

  11. Efficient Computation for Weil Pairing • Point halving algorithm • proposed by Knudsen • Fast computation for scalar multiplication on elliptic curve one field multiplication Three operations

  12. Halve-and-Add Method for Weil Pairing • Halve-and-Add method • Method for the evaluation of rational functions used in the Miller’s algorithm • To take advantage of point halving · require 1 inversion, 3 multiplications, 1 squaring, and 1 square rootcomputing · advantage over the doubling

  13. Performance Evaluation • Performance Evaluation By using halving, save · 2n inversions · 2n-3k multiplications · n squaring at the cost of solving n quadratic equation · 2n square roots · n trace computing

  14. Performance Evaluation • Performance Evaluation

  15. Application System • ID-based End-to-End Mobile Encryption System • typically based on Public-key cryptosystem • Traditional public-key cryptosystem • · The sender has to request the receiver’s public-key and verify its validity • before encrypting a message. • · When the receiver is off-line, • the sender can not communication with the receiver to request • the public-key • ID-based cryptosystem • · The sender can user the receiver’s ID(i.e., telephone number) as a public • key without any request and verification. • · Even if the receiver’s device is power-off, • the sender can still send an encrypted short message.

  16. Application System • ID-based End-to-End Mobile Encryption System ID=0912345678 Private Key Generator (PKG) (1) Subscription time SIM Card KR Cipher Bob(0912345678) Alice SIM Card SIM Card (5) KR GSM Network ID-based Decryption ID-based Decryption (6) Message ID-based Encryption Message ID-based Encryption (2) Cipher (3) Bob’s phone number (public-key) (0912345678)

  17. Conclusion • Conclusion • An efficient ID-based cryptography scheme for end-to-end mobile • security system • A fast method for computing the Weil pairing using point halving algorithm • : λ-representation in a normal basis • Contribution • to apply point halving algorithm to the ID-based scheme • an efficient approach to compute the rational function evaluation • algorithm

More Related