基于椭圆曲线加密体制的校园卡安全研究
|
摘要
随着校园网建设的发展,对校园卡的安全性能要求也越来越高,但限于校园卡自身硬件的资源极为有限,用其实现安全控制面临着存储器容量和计算能力方面的限制。目前市场上的大多数智能卡只是有128到1024字节的RAM,1K到16K字节的EEPROM,6K到16K字节的ROM,CPU通常为8比特,典型的时钟频率为3.57MHz。由此可见任何存储或者是处理能力的增加都意味着智能卡成本的大幅度提高。而椭圆曲线密码体制的突出优点是方便生成公钥、私钥对;节省内存空间;节省带宽;节省处理时间。鉴于此,本论文提出将椭圆曲线密码体制应用于校园卡的安全系统,有着十分明显的经济效益和实用价值。
本论文主要立足于椭圆曲线密码技术实现的运算层,来实现密码层的多种加密算法,包括DH协议、ELGamal加密体制、ELGamal签名和将DSA等内容应用到椭圆曲线密码体制上。运算层是椭圆曲线密码体制实现的最基础、最核心的部分,包括如何来计算椭圆曲线的阶为大素数或含有一个大的素因子,以保证所选取的椭圆曲线为安全椭圆曲线,本文根据IEEE P1363协议的SEA算法实现了安全椭圆曲线的选取;另外如何实现标量乘的快速运算,将会影响整个密码系统的实现效率,本文根据不同情况对椭圆曲线的标量乘法分别采用了带符号的二进制法和滑动窗口法进行快速运算。在密码层上实现了基于大素数域GF(p)(p=2~(192)-2~(64)-1)的密钥交换、ELGamal加密和椭圆曲线数字签名。综上所述,本论文所作的主要工作有:(1)对目前应用较广的公钥密码体制RSA和ECC算法及加解密实现进行比较。(2)针对目前已有的椭圆曲线攻击算法,使用SEA算法实现了安全椭圆曲线的选取,实现了基于大素数域上的椭圆曲线的ELGamal加解密和数字签名。(3)讨论了椭圆曲线在智能卡上的应用,并提出了两种基于ECC的身份认证方案。
With the development of campus network construction, higher security of campus card is required, but hardware resources of campus card itself are so limited that mernory capacity and processing capability is unable to achieve security system. At present, most of the smart cards on market have 128-1024 bites RAM, 1k~16k bites EEPROM, 6k~16k bites ROM, 8 bit CPU usually and typically 3.57 Mhz clock frequency, from which we can see that any improvement on memory or processing capability means great increase of the cost of smart card. Thus, this article proposes to apply Elliptic Curve Encryption System in security system of campus card. Elliptic Curve Encryption System's advantages are easy produce of public key and private key, saving memory capacity and net width and processing time. These advantages nicely supplement limitations of campus card, improve security of campus card and meanwhile reduce production cost, so this system has a bright future.
This article mainly bases on the operation layer of elliptic curve encryption techniques to achieve various encryption algorithms including DH protocol, ELGamal encryption system, ELGamal signature and applying DSA in Elliptic Curve Encryption System. Operation layer is the basic core part in Elliptic Curve Encryption System including how to calculate elliptic curve's stairs is a large prime or including a large prime gene to ensure elliptic curve to be safe elliptic curve; in this article safe elliptic curve is chosen by P1363 SAE algorithm. Besides, how to achieve fast point multiplication will influence the performance efficiency of the whole encryption system; in this article, for different situations, signed binary method and rolling window method are respectively applied to perform quick operation of elliptic curve's point multiplication. On encryption layer,
exchange of private keys based on prime field GF(p)(p=2192-264-1), ELGamal encryption and elliptic curve digital signature are performed. The main task of this article contains: (l)compares algorithm and encryption and decryption between the widely-used public key encryption system RSA and ECC; (2) directing against present elliptic curve attack algorithm, uses SEA algorithm to perform choosing of safe elliptic curve and to achieve based on prime field elliptic curve's ELGamal encryption and decryption and digital signature; (3) discusses elliptic curve's application on smart card and proposes two identification plans based on EEC.
本论文主要立足于椭圆曲线密码技术实现的运算层,来实现密码层的多种加密算法,包括DH协议、ELGamal加密体制、ELGamal签名和将DSA等内容应用到椭圆曲线密码体制上。运算层是椭圆曲线密码体制实现的最基础、最核心的部分,包括如何来计算椭圆曲线的阶为大素数或含有一个大的素因子,以保证所选取的椭圆曲线为安全椭圆曲线,本文根据IEEE P1363协议的SEA算法实现了安全椭圆曲线的选取;另外如何实现标量乘的快速运算,将会影响整个密码系统的实现效率,本文根据不同情况对椭圆曲线的标量乘法分别采用了带符号的二进制法和滑动窗口法进行快速运算。在密码层上实现了基于大素数域GF(p)(p=2~(192)-2~(64)-1)的密钥交换、ELGamal加密和椭圆曲线数字签名。综上所述,本论文所作的主要工作有:(1)对目前应用较广的公钥密码体制RSA和ECC算法及加解密实现进行比较。(2)针对目前已有的椭圆曲线攻击算法,使用SEA算法实现了安全椭圆曲线的选取,实现了基于大素数域上的椭圆曲线的ELGamal加解密和数字签名。(3)讨论了椭圆曲线在智能卡上的应用,并提出了两种基于ECC的身份认证方案。
With the development of campus network construction, higher security of campus card is required, but hardware resources of campus card itself are so limited that mernory capacity and processing capability is unable to achieve security system. At present, most of the smart cards on market have 128-1024 bites RAM, 1k~16k bites EEPROM, 6k~16k bites ROM, 8 bit CPU usually and typically 3.57 Mhz clock frequency, from which we can see that any improvement on memory or processing capability means great increase of the cost of smart card. Thus, this article proposes to apply Elliptic Curve Encryption System in security system of campus card. Elliptic Curve Encryption System's advantages are easy produce of public key and private key, saving memory capacity and net width and processing time. These advantages nicely supplement limitations of campus card, improve security of campus card and meanwhile reduce production cost, so this system has a bright future.
This article mainly bases on the operation layer of elliptic curve encryption techniques to achieve various encryption algorithms including DH protocol, ELGamal encryption system, ELGamal signature and applying DSA in Elliptic Curve Encryption System. Operation layer is the basic core part in Elliptic Curve Encryption System including how to calculate elliptic curve's stairs is a large prime or including a large prime gene to ensure elliptic curve to be safe elliptic curve; in this article safe elliptic curve is chosen by P1363 SAE algorithm. Besides, how to achieve fast point multiplication will influence the performance efficiency of the whole encryption system; in this article, for different situations, signed binary method and rolling window method are respectively applied to perform quick operation of elliptic curve's point multiplication. On encryption layer,
exchange of private keys based on prime field GF(p)(p=2192-264-1), ELGamal encryption and elliptic curve digital signature are performed. The main task of this article contains: (l)compares algorithm and encryption and decryption between the widely-used public key encryption system RSA and ECC; (2) directing against present elliptic curve attack algorithm, uses SEA algorithm to perform choosing of safe elliptic curve and to achieve based on prime field elliptic curve's ELGamal encryption and decryption and digital signature; (3) discusses elliptic curve's application on smart card and proposes two identification plans based on EEC.
引文
[1] Bruce Schneier,应用密码学协议、算法与c源程序,机械工业出版社,1999
[2] 杨义先,网络信息安全与保密,北京邮电大学出版社,2000
[3] W.Diffie,M.Hellman.New directions in cryptography. IEEE Trans. Inform. TheoryIT-22, 6(Nov. 1976), 644-654.
[4] M.E.Hellman,"Themathmatics of Public-key cryptography," Scientific American, v.241,n.8, Aug 1979pp.146-157.
[5] A.Shamir,"A Fast Signature Scheme,"MIT Laboratory for computer Science, technical Memoradum, MIT/Lcs/TM107, Massachusetts Institute of Technology, Jul 1978.
[6] B.S.Adiga and P.shankar,"modified Lu-Lee cryptosystems,"Ellectronics Letters,V.21,n. 18,29 Aug 1985,pp794-795.
[7] E.F. Brickell,J.A. Davis, and G. J. Simmons, "A Preliminary Report on the Cryptanalysis of Merkle-Hellman Knapsack," Advances in Cryptology." Prpoceedings of Cryto 82, Plenum Press, 1983, pp. 289-303.
[8] E.F. Brickell, "Are Most Low Density Polynomial Knapsacks Solvable in Polynomial Time?" Proceedings of the 14th Southeastern Conference on Combinatorics, GraphTheory, adn Computing, 1983.
[9] J.-M. Goethals C. Couvreur, "A Cryptanalytic Attack on the Lu-Lee Public-Key Cryptosystem," Philips Journal of Research, v.35, 1980, pp. 301-306
[10] M.J. Kochanski, "Remarks on Lu and Lee's Proposals," Cryptologia, v. 4, n. 4 1980, pp.204-207.
[11] E.F. Brickell and A. M. Odlyzko,"Cyptanalusis: A Survey of Recent Results," Contemporary Cryptology: The Science of Information Integrity, G. J. Simmons, ed., IEEE Press, 1991, pp. 501-540.
[12] B.Chor and R.L.Rivest, "A Knapsack Type Public Key Cryptosystem Based on Arithmetic in Finite Fields," Advances in Cryptology: Proceedings of CRYPTO 84, Springer-Verlag, 1985, pp. 54-56.
[13] 柯召等,数论讲义,高等教育出版社 1984.
[14] 方世昌,离散数学,西安电子科技大学出版社,2000。
[15] 南相浩等,ECC组合公钥,中国计算机学会信息保密专业委员会论文集2001-09.11。
[16] 李中献等,认证理论与技术的发展[J].电子学报,1999,1(27);98~102。
[17] 王汉强,RSA算法,WWW. csdn.net/Develop/Read-article. asp?ID=255。
[18] Stadler M. Piveteau J M, Camennisch J. fair blind signatures[A]. In: Advances in cryptology-Eurocrypt 95[C]. Berlin: Spring Verlag, 1996. 209~219
[19] Koblitz.Elliptic curve cryptosystems[J].Mathematics of Computation, 1987, 48, 203~209
[20] Koblitz.N.Constructing elliptic curve cryptosystems in characteristic 2. In: Menezes, AJ, Vanstone SA, eds. Advance inCryptology-CRYPTO 1990. Berlin/Heidelberg: Springer-Verlag, 1991. 156~167
[21] IEEE P1363/D13(Draft Version). Standard Specifications for Public Key Cryptography 1999。
[22] 刘志凌,电子商务核心理论与技术实现,国防工业出版社,2001
[23] 王育民等,通信网的安全-理论与技术,清华大学出版社,1998
[24] Menezes AJ, Okamoto T, Vanstone SA. Reducing elliptic curve logarithms to logarithms in a finite field. IEEE Transactions on Information Theory, 1993, 39(5): 1639~1646.
[25] 郭艾侠,椭圆曲线密码体制与智能卡.计算机应用 2003
[26] 唐文等,基于椭圆曲线密码系统的组合公钥技术,计算机工程与应用,2001.21
[27] 孙琦等,“一类用于实现密码体制的良好椭圆曲线”科学通报,3
[28] 卢开澄,计算机网络中的安全与保密 清华大学出版社 1998
[29] V.Miller.Uses of elliptic curves in cryptography[C]. In Advances in cryptology-Crypto 85, LNCS 218, 1986: 417~426。
[30] GalbraithSD. Supersingular curves in cryptography. In: Boyd C, ed. Advance in Cryptology-AS/ACRYPT 2001. Berlin/Heidelberg: Springer-Verlag, 2001. 495~513.
[31] Ron Goldman金字塔算法-曲线曲面几何模型的动态编程处理,电子工业出版社2003。
[32] Crypto++: http://www.eskimo.com/~weidai/cryptlib.html(C++)
[33] 白国强,椭圆曲线密码及其算法研究,西安电子科技大学博士论文,2000。
[34] Shamus Software Ltd Mulfiprecision Integer and Rational Arithmetic C/C++ Library http://indigo.ie/~mscott/(C/C++)
[35] 王育民等,保密学基础与应用,西安电子科技大学出版社,1990。
[36] Moreno.C,Algebraic Curves over Finite Fields,Cambridge UniversityPress,1991。
[37] RSATool, http://www.secretashell.com/TMG/RSATool2v15.zip。
[38] Freeliphttp://www.und.nodak.edu/org/crypto/crypto/numbers/programs/freelip/freelip_1.1.tar.gz。
[39] 王宝顺等,校园网设计与远程教学系统开发,人民邮电出版社,2003
[40] 王卓人等,IC卡的技术与应用,电子工业出版社1999.2
[41] 范晓红,智能卡技术-IC卡,清华大学出版社 2000
[2] 杨义先,网络信息安全与保密,北京邮电大学出版社,2000
[3] W.Diffie,M.Hellman.New directions in cryptography. IEEE Trans. Inform. TheoryIT-22, 6(Nov. 1976), 644-654.
[4] M.E.Hellman,"Themathmatics of Public-key cryptography," Scientific American, v.241,n.8, Aug 1979pp.146-157.
[5] A.Shamir,"A Fast Signature Scheme,"MIT Laboratory for computer Science, technical Memoradum, MIT/Lcs/TM107, Massachusetts Institute of Technology, Jul 1978.
[6] B.S.Adiga and P.shankar,"modified Lu-Lee cryptosystems,"Ellectronics Letters,V.21,n. 18,29 Aug 1985,pp794-795.
[7] E.F. Brickell,J.A. Davis, and G. J. Simmons, "A Preliminary Report on the Cryptanalysis of Merkle-Hellman Knapsack," Advances in Cryptology." Prpoceedings of Cryto 82, Plenum Press, 1983, pp. 289-303.
[8] E.F. Brickell, "Are Most Low Density Polynomial Knapsacks Solvable in Polynomial Time?" Proceedings of the 14th Southeastern Conference on Combinatorics, GraphTheory, adn Computing, 1983.
[9] J.-M. Goethals C. Couvreur, "A Cryptanalytic Attack on the Lu-Lee Public-Key Cryptosystem," Philips Journal of Research, v.35, 1980, pp. 301-306
[10] M.J. Kochanski, "Remarks on Lu and Lee's Proposals," Cryptologia, v. 4, n. 4 1980, pp.204-207.
[11] E.F. Brickell and A. M. Odlyzko,"Cyptanalusis: A Survey of Recent Results," Contemporary Cryptology: The Science of Information Integrity, G. J. Simmons, ed., IEEE Press, 1991, pp. 501-540.
[12] B.Chor and R.L.Rivest, "A Knapsack Type Public Key Cryptosystem Based on Arithmetic in Finite Fields," Advances in Cryptology: Proceedings of CRYPTO 84, Springer-Verlag, 1985, pp. 54-56.
[13] 柯召等,数论讲义,高等教育出版社 1984.
[14] 方世昌,离散数学,西安电子科技大学出版社,2000。
[15] 南相浩等,ECC组合公钥,中国计算机学会信息保密专业委员会论文集2001-09.11。
[16] 李中献等,认证理论与技术的发展[J].电子学报,1999,1(27);98~102。
[17] 王汉强,RSA算法,WWW. csdn.net/Develop/Read-article. asp?ID=255。
[18] Stadler M. Piveteau J M, Camennisch J. fair blind signatures[A]. In: Advances in cryptology-Eurocrypt 95[C]. Berlin: Spring Verlag, 1996. 209~219
[19] Koblitz.Elliptic curve cryptosystems[J].Mathematics of Computation, 1987, 48, 203~209
[20] Koblitz.N.Constructing elliptic curve cryptosystems in characteristic 2. In: Menezes, AJ, Vanstone SA, eds. Advance inCryptology-CRYPTO 1990. Berlin/Heidelberg: Springer-Verlag, 1991. 156~167
[21] IEEE P1363/D13(Draft Version). Standard Specifications for Public Key Cryptography 1999。
[22] 刘志凌,电子商务核心理论与技术实现,国防工业出版社,2001
[23] 王育民等,通信网的安全-理论与技术,清华大学出版社,1998
[24] Menezes AJ, Okamoto T, Vanstone SA. Reducing elliptic curve logarithms to logarithms in a finite field. IEEE Transactions on Information Theory, 1993, 39(5): 1639~1646.
[25] 郭艾侠,椭圆曲线密码体制与智能卡.计算机应用 2003
[26] 唐文等,基于椭圆曲线密码系统的组合公钥技术,计算机工程与应用,2001.21
[27] 孙琦等,“一类用于实现密码体制的良好椭圆曲线”科学通报,3
[28] 卢开澄,计算机网络中的安全与保密 清华大学出版社 1998
[29] V.Miller.Uses of elliptic curves in cryptography[C]. In Advances in cryptology-Crypto 85, LNCS 218, 1986: 417~426。
[30] GalbraithSD. Supersingular curves in cryptography. In: Boyd C, ed. Advance in Cryptology-AS/ACRYPT 2001. Berlin/Heidelberg: Springer-Verlag, 2001. 495~513.
[31] Ron Goldman金字塔算法-曲线曲面几何模型的动态编程处理,电子工业出版社2003。
[32] Crypto++: http://www.eskimo.com/~weidai/cryptlib.html(C++)
[33] 白国强,椭圆曲线密码及其算法研究,西安电子科技大学博士论文,2000。
[34] Shamus Software Ltd Mulfiprecision Integer and Rational Arithmetic C/C++ Library http://indigo.ie/~mscott/(C/C++)
[35] 王育民等,保密学基础与应用,西安电子科技大学出版社,1990。
[36] Moreno.C,Algebraic Curves over Finite Fields,Cambridge UniversityPress,1991。
[37] RSATool, http://www.secretashell.com/TMG/RSATool2v15.zip。
[38] Freeliphttp://www.und.nodak.edu/org/crypto/crypto/numbers/programs/freelip/freelip_1.1.tar.gz。
[39] 王宝顺等,校园网设计与远程教学系统开发,人民邮电出版社,2003
[40] 王卓人等,IC卡的技术与应用,电子工业出版社1999.2
[41] 范晓红,智能卡技术-IC卡,清华大学出版社 2000
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |