Security Algorithms

Integrated Encryption Scheme (IES) is a hybrid encryption scheme. One variant of IES is ECIES. It requires obtaining the shared secret through elliptic-curve Diffie-Hellman (ECDH), and then generating an independent symmetric key and a MAC key by using a key derivation function (KDF). The keys can be used for encryption/decryption and message authentication.

The ECIES hybrid encryption scheme is based on P-256 elliptic curve obtaining PRESENT-128 key. This security algorithm distributes keys and boosts efficiency in encryption/decryption.

ECC is an approach to public key cryptography based on the algebraic structure of elliptic curves over finite fields. Mathematically, this cryptography is based on the difficulty in computing the discrete logarithms in an Abelian group consisting of rational points on the elliptic curve. ECC stands out for allowing smaller keys compared to non-EC cryptography while providing equivalent or higher security in certain circumstances.

Compared with RSA, ECC excels in:

• Better security guarantee: Security performance of the 160-bit ECC equals that of 1024-bit RSA or 1024-bit DSA.

• Higher processing speed: ECC stands out in the speed of processing private keys, which is much faster than that of RSA or DSA.

• Lower bandwidth and less memory occupation: Compared with RSA and DSA, ECC excels in smaller key size and system parameters.

PRESENT-128 is a lightweight block cipher based on substitution–permutation network (SPN) structure. It operates on 64-bit blocks for 31 rounds; the key size is 128 bits. Compared with other lightweight block ciphers such as TEA, MCRYTON, HIGHT, SEA, and CGEN, PRESENT-128 features simpler hardware implementation and a concise way to implement round functions.

HMAC-SHA256 is a type of keyed hash algorithm that is constructed from the SHA-256 hash function. According to HMAC and SHA-256 algorithms, plaintext of HMAC-SHA256 shall be in 512-bit unit. Users can obtain 256-bit MACs with keys at any size (recommended: 256 bits or larger) by using HMAC-SHA256.

RSA digital signature algorithm (RSASSA) is a kind of RSA encryption/decryption algorithm; Probabilistic Signature Scheme (PSS) is a padding scheme for private key signature. In essence, RSASSA-PSS can be regarded as RSA encryption used together with a padding scheme.

• Padding schemes: When PKCS#1 V1.5 is used, the output of the same message/key is the same; in contrast, when PKCS#1 PSS is used, the output of the same message/key varies due to true random numbers are used. But the corresponding public key works for verification in both signature algorithms.

• Security: When PKCS#1 V1.5 is used, the public exponent (e) is often 65537. This is because if the public exponent is too short (for example, e = 3), the encryption scheme will become vulnerable to ciphertext attacks (ciphertext may still comply with padding specifications after being tampered with). However, when the padding scheme is PKCS#1 PSS, the public exponent being 3 is no longer an issue.