Scribd
Upload
36 views4 pages

3 ECDH (Elliptic Curve Diffie-Hellman) Secure Key Exchange

The Elliptic Curve Diffie-Hellman (ECDH) protocol enables secure key exchange between two parties using elliptic curve cryptography, making it suitable for resource-constrained IoT devices. ECDH offers advantages such as smaller key sizes, computational efficiency, and lower power consumption compared to traditional methods like RSA. Its relevance in IoT is underscored by its ability to meet real-time communication needs while ensuring security through standardized curves and mitigation against side-channel attacks.

Uploaded by

jmsbaihi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
36 views4 pages

3 ECDH (Elliptic Curve Diffie-Hellman) Secure Key Exchange

The Elliptic Curve Diffie-Hellman (ECDH) protocol enables secure key exchange between two parties using elliptic curve cryptography, making it suitable for resource-constrained IoT devices. ECDH offers advantages such as smaller key sizes, computational efficiency, and lower power consumption compared to traditional methods like RSA. Its relevance in IoT is underscored by its ability to meet real-time communication needs while ensuring security through standardized curves and mitigation against side-channel attacks.

Uploaded by

jmsbaihi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

ECDH (Elliptic Curve Diffie-

Hellman): Secure Key


Exchange
The Elliptic Curve Diffie-Hellman (ECDH) protocol combines the principles of
the Diffie-Hellman (DH) key exchange with Elliptic Curve Cryptography (ECC)
to enable secure shared secret establishment over insecure channels. ECDH
leverages the computational hardness of the Elliptic Curve Discrete Logarithm
Problem (ECDLP), making it ideal for resource-constrained IoT devices where
efficiency and security are critical.

How ECDH Works


ECDH enables two parties (e.g., IoT devices) to compute a shared secret
without directly transmitting it:

1. Parameter Agreement: Both parties agree on a publicly known elliptic


curve E over a finite field Fp and a base point Gof large prime order n.

2. Key Generation:

Alice randomly selects a private key dA ​ ∈ [1, n − 1] and computes her


public key QA ​ = dA ⋅ G
​ 

Bob randomly selects a private key dB ​ ∈ [1, n − 1] and computes his


public key QB ​ = dB ⋅ G 

3. Key Exchange:

Alice sends QA to Bob, and Bob sends QB to Alice.


​ ​

4. Shared Secret Derivation:

Alice computes S = dA ⋅ Q B​ 

Bob computes S = dB ⋅ Q A
​ 

Alice and Bob derive the same secret S = dA dB ⋅ G = dB dA ⋅ G


​ ​ ​ ​ , this
shared secret is used to generate symmetric keys for further
encryption.

ECDH (Elliptic Curve Diffie-Hellman): Secure Key Exchange 1


Advantages of ECDH
1. Smaller Key Sizes:

ECDH achieves equivalent security to RSA and DH with smaller keys.


For example:

112-bit security: ECDH (224-bit key) vs. RSA (2048-bit key) [2].

256-bit security: ECDH (521-bit key) vs. RSA (15360-bit key) [2].

Smaller keys reduce memory usage and bandwidth, critical for IoT
sensors and control units [3].

2. Computational Efficiency:

Point multiplication in ECC is faster than modular exponentiation in


RSA/DH.

Optimized algorithms like the Montgomery ladder and fixed-base


multiplication minimize computational overhead [4].

3. Energy Efficiency:

ECDH (Elliptic Curve Diffie-Hellman): Secure Key Exchange 2


Reduced computation translates to lower power consumption. For
example, ECDH with Curve25519 consumes 55 mW vs. 172 mW for
NIST P-521 on a 48 MHz processor.

Relevance to IoT
1. Resource Constraints:

IoT devices (e.g., sensors, control units) often have limited memory (16–
64 KB) and processing power (16–80 MHz). ECDH’s compact
parameters (e.g., Curve25519 uses 32-byte keys) are ideal for these
environments.

2. Real-Time Communication:

Vehicular networks and industrial IoT require low-latency key exchange.


ECDH’s fast scalar multiplication (e.g., 523 ms for Curve25519 on a 48
MHz processor) ensures real-time performance [4].

3. Standardization and Interoperability:

NIST curves (e.g., P-256, P-384) and modern curves (e.g., Curve25519)
are widely adopted in protocols like TLS and Bluetooth Low Energy,
ensuring compatibility with IoT systems.

Security Considerations
1. Curve Selection:

NIST curves (e.g., P-256) are standardized for security.

Modern curves (e.g., Curve25519) prioritize efficiency and


transparency, with built-in side-channel resistance.

2. Side-Channel Attacks:

IoT devices are vulnerable to timing and power analysis. Constant-time


algorithms (e.g., Montgomery ladder) mitigate these risks.

Comparison with RSA

Metric ECDH RSA

Key Size 256 bits (128-bit security) 3072 bits (128-bit security)

ECDH (Elliptic Curve Diffie-Hellman): Secure Key Exchange 3


Faster (optimized point Slower (modular
Encryption Speed
arithmetic) exponentiation)

Memory Usage ~32 bytes (Curve25519) ~384 bytes (RSA-2048)

Power
Lower (55 mW @ 48 MHz) Higher (172 mW @ 48 MHz)
Consumption

Related Papers
1. Tanksale, V. (2024). Efficient Elliptic Curve Diffie–Hellman Key Exchange for
Resource-Constrained IoT Devices. Electronics.

Focuses on optimizing ECDH for vehicular networks, comparing NIST P-


256, Curve25519, and secp256k1.

2. Mahto, D., & Yadav, D. K. (2017). RSA and ECC: A Comparative Analysis.
International Journal of Applied Engineering Research.

Compares RSA and ECC key sizes, computational efficiency, and


energy consumption.

3. Gura, N., et al. (2004). Comparing Elliptic Curve Cryptography and RSA on
8-bit CPUs. CHES.

Benchmarks ECC and RSA on low-power embedded systems.

Conclusion
ECDH is crucial for secure communication in IoT, offering both efficiency and
security for resource-constrained devices. By leveraging optimized curves
(e.g., Curve25519) and standardized implementations, We can lower
computational and memory usage.

ECDH (Elliptic Curve Diffie-Hellman): Secure Key Exchange 4

You might also like