Elliptic Curve Based Zero Knowledge Proofs and their Applicability on Resource Constrained Devices

As the Internet of Things (IOT) arises, the use of low-end devices on a daily basis increases. The wireless nature of communication that these devices provide raises security and privacy issues. For protecting a user's privacy, cryptography offers the tool of zero knowledge proofs (ZKP). In this paper, we study well-established ZKP protocols based on the discrete logarithm problem and we adapt them to the Elliptic Curve Cryptography (ECC) setting, which consists an ideal candidate for embedded implementations. Then, we implement the proposed protocols on Wiselib, a generic and open source algorithmic library. For the first time, we present a thorough evaluation of the protocols on two popular hardware platforms equipped with low end microcontrollers (Jennic JN5139, TI MSP430) and 802.15.4 RF transceivers, in terms of code size, execution time, message size and energy requirements. This work's results can be used from developers who wish to achieve certain levels of privacy in their applications.

[1]  Clifford Neuman,et al.  Security and privacy using one-round zero-knowledge proofs , 2005, Seventh IEEE International Conference on E-Commerce Technology (CEC'05).

[2]  Ian F. Blake,et al.  Elliptic curves in cryptography , 1999 .

[3]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[4]  Dennis McLeod,et al.  Better privacy and security in e-commerce: using elliptic curve-based zero knowledge proofs , 2004, Proceedings. IEEE International Conference on e-Commerce Technology, 2004. CEC 2004..

[5]  W. Marsden I and J , 2012 .

[6]  Ioannis Chatzigiannakis,et al.  Wiselib: A Generic Algorithm Library for Heterogeneous Sensor Networks , 2010, EWSN.

[7]  Warren D. Smith,et al.  Cryptography meets voting , 2005 .

[8]  Donald E. Eastlake,et al.  US Secure Hash Algorithm 1 (SHA1) , 2001, RFC.

[9]  David Chaum,et al.  An Improved Protocol for Demonstrating Possession of Discrete Logarithms and Some Generalizations , 1987, EUROCRYPT.

[10]  Jan Camenisch,et al.  Design and implementation of the idemix anonymous credential system , 2002, CCS '02.

[11]  Yuguang Fang,et al.  Securing wireless sensor networks: a survey , 2008, IEEE Communications Surveys & Tutorials.

[12]  Michaël Quisquater,et al.  How to Explain Zero-Knowledge Protocols to Your Children , 1989, CRYPTO.

[13]  Michael D. Smith,et al.  Implementing public-key infrastructure for sensor networks , 2008, TOSN.

[14]  Peng Ning,et al.  2008 International Conference on Information Processing in Sensor Networks TinyECC: A Configurable Library for Elliptic Curve Cryptography in Wireless Sensor Networks ∗ , 2022 .

[15]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[16]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[17]  Hans Eberle,et al.  Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[18]  John H. Davies MSP430 Microcontroller Basics , 2008 .

[19]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[20]  Neal Koblitz,et al.  Algebraic aspects of cryptography , 1998, Algorithms and computation in mathematics.

[21]  Joseph H. Silverman,et al.  The arithmetic of elliptic curves , 1986, Graduate texts in mathematics.

[22]  David E. Culler,et al.  TOSSIM: accurate and scalable simulation of entire TinyOS applications , 2003, SenSys '03.

[23]  Vipul Gupta,et al.  Energy analysis of public-key cryptography for wireless sensor networks , 2005, Third IEEE International Conference on Pervasive Computing and Communications.

[24]  John B. Shoven,et al.  I , Edinburgh Medical and Surgical Journal.

[25]  Matt Welsh,et al.  Simulating the power consumption of large-scale sensor network applications , 2004, SenSys '04.

[26]  David Chaum,et al.  Convertible Undeniable Signatures , 1990, CRYPTO.

[27]  Sándor P. Fekete,et al.  Shawn: A new approach to simulating wireless sensor networks , 2005, ArXiv.

[28]  Stefan A. Brands,et al.  Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy , 2000 .