Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Elliptic curve cryptography: What ECC can do for the enterprise

Is elliptic curve cryptography more effective than RSA or Diffie-Hellman? Security expert Michael Cobb details the pros and cons of ECC.

Researchers at the 2013 Black Hat conference advocated moving away from traditional cryptography methods such as...

RSA and Diffie-Hellman in favor of something called elliptic curve cryptography. First, could you explain the pros and cons of elliptic curve cryptography over current systems? Also, how does this potential change affect enterprises?

Ask the Expert

SearchSecurity expert Michael Cobb is standing by to answer your application security and platform security questions – ask them now

Elliptic Curve Cryptography (ECC), a mechanism for implementing public-key cryptography, was discovered in 1985 by Victor Miller of IBM and Neil Koblitz of the University of Washington. Unlike symmetric key algorithms, public key algorithms do not require an initial exchange of a secret key between parties and are fundamental to cryptosystems, applications and protocols such as SSL/TLS that underpin secure communications over the Internet.

The two public key algorithms commonly used to secure the Internet today are Rivest-Shamir-Adleman (RSA) and Diffie-Hellman. Both are based on the use of elementary number theory and are closely related. RSA uses the difficulty of factoring the product of large prime numbers, while the Diffie-Hellman method is based on the computational difficulty of solving the discrete logarithm problem, a series of complex mathematical equations. While the formal definition of an elliptic curve is fairly technical and requires some background in algebraic geometry, ECC can be described more simply as being based on the difficulty of finding the discrete logarithm of a random elliptic curve element. The size of the elliptic curve will determine the difficulty of the problem.

Calls to move away from RSA- and Diffie-Hellman-based cryptosystems are rapidly growing as both methods are becoming increasingly prone to strong attack algorithms. Unfortunately, the sophistication of hackers has grown significantly over the past several decades and an alarming number of ever-larger public keys are being broken. Researchers at the 2013 Black Hat conference concluded that there's a small but very real chance that using RSA will become a security risk within the next two to five years. The National Security Agency (NSA) presented a recommended set of advanced cryptography algorithms, many based on ECC, known as Suite B back in 2005. RSA and Diffie-Hellman were not in the list -- an indication that a breakthrough may be close.

As of 2014, the U.S. National Institute of Standards and Technology (NIST) will not allow 1,024-bit RSA keys to be used in the federal government, which is why the industry at large is moving to 2,048-bit keys. Although doubling key strength delivers an exponential increase in protection, the computational power required to process 2,048-bit certificates is five to 30 times greater than that required for 1,024-bit certificates. However, ECC-based systems offer more security per bit in key size than either RSA or Diffie-Hellman, meaning the level of security provided by an ECC 164-key takes other systems a 1,024-bit key to achieve. Because ECC creates faster, smaller and more efficient cryptographic keys and therefore delivers equivalent security with lower computing power and battery resource usage, it is becoming widely used for mobile applications. Enterprises looking to do business with U.S. government agencies will need to meet their security compliance requirements, which may include using ECC. While today's hardware and applications are mainly ECC ready, legacy systems may have to be upgraded.

The world of IT has to move to a more secure solution before RSA and Diffie-Hellman are actually broken. ECC is a viable option as it is implemented in most desktop and mobile platforms. Various countries including the United States have adopted some form of elliptic curve cryptography to protect classified information for future systems. One block to the widespread adoption of ECC is that various aspects of it have been patented by a number of different people and companies around the world.

Another hurdle may come from the fact that the NSA is pushing the use of elliptic curve cryptography. Due to the recent, credible allegations that the NSA has sought to weaken encryption standards in the past, some argue that the NSA's promotion of EEC may be an indication that it can, in fact, break ECC more easily than other encryption methods. A similar situation occurred back in the 1970s; the NSA knew of a cryptanalytic technique called differential cryptanalysis that was not in the public domain and used it to break a variety of academic and commercial algorithms that were thought to be secure. The current breakdown of trust between the NSA and the security industry could hold up attempts to move to stronger encryption algorithms.

This was last published in January 2014

Dig Deeper on Disk and file encryption tools