International Journal of Application or Innovation in Engineering & Management (IJAIEM)
Web Site: www.ijaiem.org Email: editor@ijaiem.org, editorijaiem@gmail.com
Volume 3, Issue 1, January 2014
ISSN 2319 - 4847
Comparative Study and Performance Analysis
of Encryption in RSA, ECC and GoldwasserMicali Cryptosystems
Gururaja.H.S1, M. Seetha2, Anjan K Koundinya3, Shashank.A.M4 and Prashanth.C.A5
1
Assistant Professor, Department of Information Science & Engineering, B.M.S. College of Engineering, Bangalore, India
2
Professor, Department of Computer Science & Engineering, G.Narayanamma Institute of Technology and Science,
Hyderabad, India
3
Assistant Professor, Department of Computer Science & Engineering, R.V. College of Engineering, Bangalore, India
4,5
Department of Information Science & Engineering, B.M.S. College of Engineering, Bangalore, India
ABSTRACT
Today, the whole world is going wireless. The time has come to control gadgets like Smart Cards, PDAs and Mobile Phones
remotely using new and faster cryptosystems. This paper helps to outline the key concepts of RSA, ECC and Goldwasser-Micali
public-key cryptosystems giving a comparative study and performance analysis of encryption in these cryptosystems. The key
considerations for choosing an encryption algorithm like encryption time, decryption time, throughput and ciphertext size with
varying plaintext sizes are used as comparision metrics and the readings are used to record inferences.
Keywords: RSA, ECC, GM, Encryption, Decryption, Ciphertext, Plaintext
1. INTRODUCTION
Today, the world is growing fast with electronic revolution in our day-to-day life. In this environment, any information is
available at the click of a mouse button. When information is available so freely in the web, there are people who might
use this information against us. So it has become mandatory to check this behaviour and control the act of attack against
us. This made people to think about a solution named Encryption [1], [3]. The process of Encryption is to convert your
information into a form which cannot be read or understood by anyone.
Figure 1 Process of Cryptography
Figure 1 shows the process of Cryptography which is the science of secrect sharing. Any character or alphabet we press
on the keyboard is represented as a binary information. If the entire document is converted into binary information, just
imagine how difficult it would be to recognize the information. In the process of encryption, we try to mix these binary
numbers after performing a few mathematical operations which converts the huge set of binary information in a newer
arrangement which is difficult to understand.
The entire process of encryption is to perform mathematical operations on the text that scrambles the text binaries. This is
done with the help of a key. Key acts as a parameter which is passed in the encryption function along with the text which
needs to be encrypted. The process of encryption then generates a Ciphertext which is nothing but a coded information
difficult for others to understand. This can be mathematically represented as
Ciphertext = Encryption (Key, Plaintext)
(1)
Volume 3, Issue 1, January 2014
Page 111
International Journal of Application or Innovation in Engineering & Management (IJAIEM)
Web Site: www.ijaiem.org Email: editor@ijaiem.org, editorijaiem@gmail.com
Volume 3, Issue 1, January 2014
ISSN 2319 - 4847
Now the Ciphertext can be transmitted to any unsecure network. When it is received by the intended recepient, the
Ciphertext is decrypted using a Decryption [1], [3] function and Key. This generates back the Plaintext. This can be
mathematically represented as
Plaintext = Decryption (Key, Ciphertext)
(2)
Figure 2 Symmetric Key Encryption
Figure 2 shows the process of Symmetric Key Encryption involving the use of a single key. The equations (1) and (2)
gives us the method of generating Ciphertext and Plaintext in Symmetric Key Encryption.
Figure 3 Asymmetric/Public Key Encryption
Figure 3 shows the process of Asymmetric Key Encryption or Public Key Encryption which involves the use of two distict
keys – one to encrypt and a different one to decrypt.
This paper presents the evaluation of Rivest, Shamir, Adleman (RSA), Elliptic Curve Cryptography (ECC) &
Goldwasser-Micali (GM) asymmetric encryption algorithms. Encryption algorithms plays a main role in any security
system by providing a secure communication over the internet. These algorithms depend on resources such as memory,
CPU time, battery power and computation time to encrypt and decrypt data. In this paper, different experiments have
been conducted to compare these algorithms in terms of encryption time, decryption time, throughput and ciphertext size
with varying plaintext sizes. The rest of the paper is organized as follows: Section 2 presents Encryption in RSA, Section
3 presents Encryption in ECC, Section 4 presents Encryption in GM cryptosystem and Section 5 describes the parameters
used for evaluation. Results are discussed in Section 6 and Section 7 concludes the research work.
2. ENCRYPTION IN RSA
Encryption
Volume 3, Issue 1, January 2014
Page 112
International Journal of Application or Innovation in Engineering & Management (IJAIEM)
Web Site: www.ijaiem.org Email: editor@ijaiem.org, editorijaiem@gmail.com
Volume 3, Issue 1, January 2014
ISSN 2319 - 4847
The RSA algorithm [1], [10], [12] is a public key encryption algorithm which relies on the generation of two large prime
numbers, and on the fact that their product is difficult to factorize. The standard RSA algorithm is divided into the
following steps:
Step 1: Assume two large prime numbers p & q.
Step 2: Compute N = p*q, where N is a factor of two large prime numbers.
Step 3: Select an Encryption key E such that it is not a factor of the product (p-1)*(q-1) i.e., Ø(n)= (p-1)*(q-1); for
calculating encryption exponents, E should be 1< E < Ø(n) such that gcd(E, Ø(n))=1.
Step 4: Select the Decryption key D, which satisfy the Equation D*E = 1 mod Ø(n).
Step 5: For Encryption: C=ME mod N, where C is Ciphertext, M is Message.
Decryption
M= CD mod N.
Security
The Secuirty of RSA mainly lies with the Selection of a large prime number, an Encryption Key and a Decryption Key.
Factoring large numbers is not provably hard, but no algorithms exists today to factor a 200-digit number in a reasonable
amount of time.
The main feature of RSA algorithm is the selection of large prime number (p, q) because it is logical that fraction of large
number is always typical and any users or force attackers could not be able to find the capable numbers, timely to force
attack is shortly non-feasible.
Advantages
RSA's biggest advantage is that it uses Public Key encryption. This means that your text will be encrypted with someone's
Public Key (which everyone knows about). However, only the person it is intended for can read it, by using their private
key (which only they know about). Attempting to use the Public Key to decrypt the message would not work. RSA can
also be used to "sign" a message, meaning that the recipient can verify that it was sent by the person they think it was sent
by.
Disadvantages
A disadvantage of using public-key cryptography for encryption is speed. There are many secret-key encryption methods
that are significantly faster than any currently available public-key encryption method. Nevertheless, public-key
cryptography can be used with secret-key cryptography to get the best of both worlds. For encryption, the best solution is
to combine public and secret-key systems in order to get both the security advantages of public-key systems and the speed
advantages of secret-key systems. Public-key cryptography may be vulnerable to impersonation, even if users' private keys
are not available.
3. ENCRYPTION IN ECC
Encryption
Here, we essentially encode a message on the curve. Note that we cannot simply encode the message as the x or y
coordinate of a point, because not all such coordinates are in Ep(a, b), where Ep(a, b) denotes the elliptic group mod p
whose elements (x, y) are pairs of nonnegative integers less than p, satisfying:
y2 = x3 + ax + b (mod p)
As with the Key Exchange system, an Encryption/Decryption [4], [6], [8] system requires a point P and an elliptic group
as parameters. Each user A selects a private key d and generates a public key as follows
Q=d*P
where d = The random number that we have selected within the range of 1 to (n-1).
P is the point on the curve.
Q is the public key and ‘d’ is the private key.
Volume 3, Issue 1, January 2014
Page 113
International Journal of Application or Innovation in Engineering & Management (IJAIEM)
Web Site: www.ijaiem.org Email: editor@ijaiem.org, editorijaiem@gmail.com
Volume 3, Issue 1, January 2014
ISSN 2319 - 4847
Consider ‘m’ has the point ‘M’ on the curve ‘E’. To encrypt and send a message M to B, A chooses a random positive
integer ‘k’ from 1 to (n-1) and produces the Ciphertext as a pair of points. Let the two points be Ca and Cb. The
Ciphertext can be represented as
Cm = { Ca, Cb }
where Ca = k*P
Cb = M + k*Q
Cm will be sent.
Important thing to note is that A has used B’s public key Q.
Decryption
To recover the message M, B multiplies the first point in the pair by B’s secret key and subtracts the result from the
second point:
M = Cb – d * C a
Security
A has masked the message M by adding k*Q to it. Nobody but A knows the value of ‘k’, so even though Q is a public key,
nobody can remove the mask k*Q. However, A also includes a “clue,” which is enough to remove the mask if one knows
the private key ‘d’. For an attacker to recover the message, the attacker would have to compute ‘k’ given P and k*P ,
which is hard.
Advantages
ECC employs a relatively short encryption key, a value that must be fed into the encryption algorithm to decode an
encrypted message. This short key is faster and requires less computing power than other first-generation encryption
public key algorithms. For example, a 160-bit ECC encryption key provides the same security as a 1024-bit RSA
encryption key and can be up to 15 times faster, depending on the platform on which it is implemented. The advantages
of ECC over RSA are particularly important in wireless devices, where computing power, memory and battery life are
limited.
Disadvantages
One of the main disadvantages of ECC is that it increases the size of the encrypted message significantly more than RSA
encryption. Furthermore, the ECC algorithm is more complex and more difficult to implement than RSA, which
increases the likelihood of implementation errors, thereby reducing the security of the algorithm.
4. ENCRYPTION IN GM
Encryption
Entities A and B create a public key and a corresponding private key for Encryption [2], [7], [9]. Each of these entities
must:
1. Select two large distinct primes p & q.
2. Compute n = p*q
3. Select y ϵ Zn such that y is a quadratic non-residue modulo n and the Jacobi symbol y/n = 1 (y is a pseudo square
modulo n).
4. A’s public key is (n,y) and A’s private key is the pair (p,q).
B encrypts a message m for A, which A decrypts. B should do the following:
(a) Obtain A’s authentic public key (n,y)
(b) Represent the message m as a binary string m = m1m2…mt of length t.
(c) For i from 1 to t do:
i. Choose x ϵ Zn
ii. If mi = 1 then set ci ← y x2mod n, otherwise set ci← x2mod n
(d) Send the t-tuple c=(c1, c2,… ct) to A.
Decryption:
To recover the message (m) from the ciphertext (c)
Volume 3, Issue 1, January 2014
Page 114
International Journal of Application or Innovation in Engineering & Management (IJAIEM)
Web Site: www.ijaiem.org Email: editor@ijaiem.org, editorijaiem@gmail.com
Volume 3, Issue 1, January 2014
ISSN 2319 - 4847
(a) For i from 1 to t do:
i. Calculate the Legendre symbol
ii. If ei = 1 then set mi ← 0; otherwise set mi ← 1
(b) m = m1 m2…mt
Proof
ci = x2 mod n is a quadratic residue modulo n if a message bit mi is 0
ci = yx 2mod n is also a pseudosquare modulo n (since y is a pseudosquare modulo n) if a message bit mi is 1
ci is a quadratic residue modulo n if and only if ci is a quadratic residue modulo p. Since A knows p, she can compute this
legendre symbol and hence recover the message bit mi.
Security
There is a simple reduction from breaking this cryptosystem to the problem of determining whether a random value
modulo N with Jacobi symbol +1 is a quadratic residue. If an algorithm A breaks the cryptosystem, then to determine if a
given value x is a quadratic residue modulo N, we test A to see if it can break the cryptosystem using (x,N) as a public
key. If x is a nonresidue, then A should work properly. However, if x is a residue, then every "ciphertext" will simply be a
random quadratic residue, so A cannot be correct more than half of the time. Furthermore, this problem is random self
reducible, which ensures that for a given N, every public key is just as secure as every other public key.
Advantages
Because encryption is performed using a probabilistic algorithm, a given plaintext may produce very different ciphertexts
each time it is encrypted. This has significant advantages, as it prevents an adversary from recognizing intercepted
messages by comparing them to a dictionary of known ciphertexts.
Disadvantages
If the plaintext message has t bits, then the ciphertext is a t vector, each entry a value from Zn. Since n must be of the
order of several hundred digits to prevent efficient factorization, this is a huge message expansion. This means that the
message expansion is dependent on t rather than n.
5. EVALUATION PARAMETERS
The following parameters [1], [12] are considered for evaluation of RSA, ECC & GM asymmetric encryption algorithms
for both encryption and decryption schemes.
• Encryption time (Computation Time/ Response Time)
The encryption time is the time that an encryption algorithm takes to produce a ciphertext from a plaintext.
• Decryption time (Computation Time/ Response Time)
The decryption time is the time that a decryption algorithm takes to reproduce a plaintext from a ciphertext.
• Throughput
Throughput is equal to total plaintext in bytes encrypted divided by the encryption time. Higher the throughput, higher
will be the performance.
• Plaintext Size Vs Ciphertext Size
In any cryptographic algorithm, it is essential to understand the size of the input and the size of output. Larger the size of
the Ciphertext compared with the Plaintext, more secure is the Ciphertext against any Brute-Force attack.
6. RESULTS & DISCUSSIONS
We have tested the implementation of RSA, ECC and GM cryptosystems seperately. The tests are done for the following
parametric factors and the results are shown by the following graphs.
1. Plaintext Size Versus Ciphertext Size
2. Encryption Time
Volume 3, Issue 1, January 2014
Page 115
International Journal of Application or Innovation in Engineering & Management (IJAIEM)
Web Site: www.ijaiem.org Email: editor@ijaiem.org, editorijaiem@gmail.com
Volume 3, Issue 1, January 2014
ISSN 2319 - 4847
3. Decryption Time
4. Throughput
Plaintext Size Vs Ciphertext Size
Figure 4 shows the performance analysis of plaintext size Vs ciphertext size in RSA, ECC and GM cryptosystems. In any
cryptographic algorithm, it is essential to understand the size of the input and the size of output as this is one of the
important property of an avalanche effect [11]. Larger the size of the Ciphertext compared with the Plaintext, more secure
is the Ciphertext against any Brute-Force attack. In this case, RSA, ECC and GM cryptosystems uphold this effect and
there is no direct relationships between symbols in the Ciphertext to the symbols in the Plaintext (Statistical Analysis) [5].
Figure 4 Plaintext Size Vs Ciphertext Size in RSA, ECC & GM Cryptosystems
Encryption Time
Figure 5 shows the performance analysis of encryption time in RSA, ECC and GM cryptosystems. The encryption time
has its paramount importance for varied plaintext sizes as this determines the time involved in converting plaintext into
ciphertext. Here, we can observe that RSA and ECC cryptosystems take less time for encryption compared to GM
cryptosystem for the given plaintext size.
Figure 5 Comparision of Encryption Time in RSA, ECC & GM Cryptosystems
Decryption Time
Figure 6 shows the performance analysis of decryption time in RSA, ECC and GM cryptosystems. The decryption time
has its paramount importance for varied ciphertext sizes as this determines the time involved in converting ciphertext
back to plaintext. Here, we can observe that RSA and ECC cryptosystems take less time for decryption compared to GM
Volume 3, Issue 1, January 2014
Page 116
International Journal of Application or Innovation in Engineering & Management (IJAIEM)
Web Site: www.ijaiem.org Email: editor@ijaiem.org, editorijaiem@gmail.com
Volume 3, Issue 1, January 2014
ISSN 2319 - 4847
cryptosystem for the given ciphertext size.
Figure 6 Comparision of Decryption Time in RSA, ECC & GM Cryptosystems
Throughput
Figure 7 and Figure 8 shows the performance analysis of throughput for the process of encryption and decryption in RSA,
ECC and GM cryptosystems. We can observe that the throughput of ECC overtakes the throughput of RSA and GM
cryptosystems.
Figure 7 Throughput of Encryption Process in RSA, ECC & GM Cryptosystems
Figure 8 Throughput of Decryption Process in RSA, ECC & GM Cryptosystems
7. CONCLUSIONS
This research work presents the comparison of RSA, ECC and GM cryptosystems in terms of encryption time, decryption
time, throughput and ciphertext size with varying plaintext sizes. Different experiments were conducted on the mentioned
parameters for comparison of these algorithms and the results concluded that ECC performed better in terms of
encryption time and decryption time. Throughput is the most important parameter that demonstrates the performance of
any algorithm. It is observed that the throughput of ECC is better compared to RSA and GM cryptosystems.
Acknowledgement
Gururaja.H.S. thanks M.S.Sudhi, Retired Professor and Head, Dept. of Electronics and Communication Engineering,
MSRIT, Bangalore for his guidance and constant support.
References
[1] Gururaja, H.S., Seetha, M., Koundinya, A.K., “Design and Performance Analysis of Secure Elliptic Curve
Cryptosystem”, International Journal of Advanced Research in Computer and Communication Engineering, Vol. 2,
Issue 8, 2013.
Volume 3, Issue 1, January 2014
Page 117
International Journal of Application or Innovation in Engineering & Management (IJAIEM)
Web Site: www.ijaiem.org Email: editor@ijaiem.org, editorijaiem@gmail.com
Volume 3, Issue 1, January 2014
ISSN 2319 - 4847
[2]
[3]
[4]
[5]
[6]
Alfred J. Menezes, Paul C. van Oorschot, and Scott A.Vanstone, Handbook of Applied Cryptography, 1996.
Stallings, W., Cryptography and Network Security, 3rd edn., Pearson Publishing, London, 2006.
Koblitz, N., Elliptic Curve Cryptosystems, Volume 48, Mathematics of Computation, 1987.
Young, A., Malicious Cryptography, 1st edn., pp. 220–240, Wiley Publishing, 2004.
Gururaja, H.S., Seetha, M., Koundinya, A.K., “A Practical Password based authenication using elliptic curve
cryptography”, Proceedings of International Conference on Convergence of Science and Engineering, 2010.
[7] Shruthi R, Sumana P, Koundinya, A.K., “Performance Analysis of Goldwasser-Micali Cryptosystem”, International
Journal of Advanced Research in Computer and Communication Engineering, Vol. 2, Issue 7, 2013.
[8] Wikipedia, “Encryption, Decryption, Security, Advantages and Disadvantages in ECC”, wikipedia.com [Online],
Available: http://en.wikipedia.org/wiki/Elliptic_curve_cryptography. [Accessed: Jan. 10, 2014].
[9] Wikipedia, “Encryption, Decryption, Security, Advantages and Disadvantages in GM”, wikipedia.com [Online],
Available: http://en.wikipedia.org/wiki/GoldwasserMicali_cryptosystem. [Accessed: Jan. 10, 2014].
[10] Wikipedia, “Encryption, Decryption, Security, Advantages and Disadvantages in RSA”, wikipedia.com [Online],
Available: http://en.wikipedia.org/wiki/RSA_cryptosystem. [Accessed: Jan. 10, 2014].
[11] H. Feistel, W. A. Notz and J. L. Smith, “Some cryptographic techniques for machine-to-machine data
communications”, Proceedings.of IEEE, pp. 1545–1554, 1975.
[12] Priit Karu, Jonne Loikkanen, “Practical Comparision of Fast Public-Key Cryptosystems”, Tik-110.501 Seminar on
Network Secrity, 2000.
AUTHORS
Gururaja.H.S has completed his Bachelor of Engineering in Computer Science and Master of Technology in
Computer Networks from Visvesvaraya Technological University, Belgaum. He is currently pursuing his
Ph.D. from JNTU, Hyderabad in the field of Cryptography & Network Security and has around 8 years of
teaching experience.
Dr.M. Seetha has completed her Ph.D in Computer Science and Engineering in the area of image
processing in December 2007 from Jawaharlal Nehru Technological University, Hyderabad, India. She has a
teaching experience of 19 years, presently working as a Professor at GNITS, Hyderabad. She is guiding 10
Ph.D scholars and her research interest includes image processing, neural networks, computer networks and
data mining. She has published more than 50 papers in refereed journals and in the proceedings of National/International
Conferences and Symposiums. She is the recipient of the AICTE Career Award for Young Teachers (CAYT) in FEB
2009 and received a grant upto 10.5 lakhs over a period of three years by AICTE, India. She is a reviewer for various
International Journals and Conferences. She holds the Life Membership of Indian Society for Technical Education (ISTE)
and The Institution of Electronics and Telecommunication Engineers (IETE).
Anjan K. Koundinya has received his B.E degree from Visvesvaraya Technological University, Belgaum, India
in 2007 and his M.Tech degree in Department of Computer Science and Engineering, M.S. Ramaiah Institute
of Technology, Bangalore, India. He has been awarded Best Performer PG 2010 and Rank holder for his
academic excellence. His areas of research includes Network Security and Cryptography, Adhoc Networks and
Mobile Computing. He is currently pursuing his Ph.D. from VTU, Belgaum and working in RVCE as an Assistant
Professor in the Dept. of CSE.
Shashank.A.M is pursuing his Bachelors in Information Science and Engineering at BMS College of
Engineering, Bangalore. His areas of interest include Networks, Cryptography and Operating Systems.
Prashanth.C.A is pursuing his Bachelors in Information Science and Engineering at BMS College of
Engineering, Bangalore. His areas of interest include Cryptography and Web Technologies.
Volume 3, Issue 1, January 2014
Page 118