Elliptic Curve Based Zero Knowledge Proofs and Their Applicability on Resource Constrained Devices

TL;DR

This paper adapts elliptic curve-based zero knowledge proofs for resource-constrained devices, implementing and evaluating their performance on low-end hardware to enhance security in limited environments.

Contribution

It transforms well-known ZKIP protocols into the ECC setting and evaluates their implementation on low-end microcontrollers, filling a gap in practical resource-constrained device security.

Findings

Protocols are feasible on low-end hardware

Implementation results show acceptable code size and energy consumption

Provides a foundation for secure privacy-preserving applications on constrained devices

Abstract

Elliptic Curve Cryptography (ECC) is an attractive alternative to conventional public key cryptography, such as RSA. ECC is an ideal candidate for implementation on constrained devices where the major computational resources i.e. speed, memory are limited and low-power wireless communication protocols are employed. That is because it attains the same security levels with traditional cryptosystems using smaller parameter sizes. Moreover, in several application areas such as person identification and eVoting, it is frequently required of entities to prove knowledge of some fact without revealing this knowledge. Such proofs of knowledge are called Zero Knowledge Interactive Proofs (ZKIP) and involve interactions between two communicating parties, the Prover and the Verifier. In a ZKIP, the Prover demonstrates the possesion of some information (e.g. authentication information) to the Verifier without disclosing it. In this paper, we focus on the application of ZKIP protocols on resource constrained devices. We study well-established ZKIP protocols based on the discrete logarithm problem and we transform them under the ECC setting. Then, we implement the proposed protocols on Wiselib, a generic and open source algorithmic library. Finally, we present a thorough evaluation of the protocols on two popular hardware platforms equipped with low end microcontrollers (Jennic JN5139, TI MSP430) and 802.15.4 RF transceivers, in terms of code size, execution time, message size and energy requirements. To the best of our knowledge, this is the first attempt of implementing and evaluating ZKIP protocols with emphasis on low-end devices. This work's results can be used from developers who wish to achieve certain levels of security and privacy in their applications.