Elliptic Curve Cryptography (ECC) is a public-key encryption method based on the algebraic structure of elliptic curves over finite fields.
There are three key types of algorithms that are formally recognized and used for digital certificates: RSA, DSA and ECC.
Of the three major types of algorithms, ECC based signatures are the most efficient. The security of ECC systems is based on the elliptic curve discrete logarithm problem, rather than the integer factorization problem. This difference allows ECC systems to start out smaller and scale more efficiently as the bit size of the matching symmetric key increases. This means that significantly smaller parameters can be used in ECC than that with RSA and DSA to obtain the same level of security. Thus, ECC based solutions are ideally suited for M2M environments.
Within the ECC family of algorithms the certificate schemes are best suited for M2M applications where memory and bandwidth is most constrained. It conserves memory by using significantly smaller key sizes than any other public-key scheme. The verifier uses the TrustPoint root certificate to extract the public key and verify the signature.
Table 1: Size comparison between ECC and RSA public key and certificates.
Security Level | Public Key Size (bits) ECC | Public Key Size (bits) RSA | Ratio ECC/RSA public keys | Cert Size (bits) ECC | Cert Size (bits) RSA | Ratio ECC/RSA certificates |
---|---|---|---|---|---|---|
80 | 192 | 1024 | 5x smaller | 193 | 2048 | 10x smaller |
112 | 224 | 2048 | 9x smaller | 225 | 4096 | 18x smaller |
128* | 256 | 3072 | 12x smaller | 257 | 6144 | 23x smaller |
192 | 384 | 7680 | 20x smaller | 385 | 15360 | 39x smaller |
256 | 521 | 15360 | 29x smaller | 522 | 30720 | 57x smaller |
The above table shows that ECC key sizes for the same level of security is much smaller than the key sizes for RSA. For example, let’s briefly look at the row that is in bold and labelled with an *. A security level equivalent to searching all 128 bit vectors is currently what is used in commercial implementations today. To achieve this level of security requires an elliptic curve with 256 bits. By moving to the RSA column, one can see by comparison that in order to achieve the equivalent security, one would need to use 3072 bits RSA implementation.
The advantages that can be gained from smaller parameters include:
Advantages are especially important in environments where at least one
of the following resources is limited:
Therefore, ECC and TrustPoint’s specific deployment of certificates are especially well-suited for the constrained environments found in M2M.