DOI: http://dx.doi.org/10.26483/ijarcs.v9i3.

6104
ISSN No. 0976-5697
Volume 9, No. 3, May-June 2018
International Journal of Advanced Research in Computer Science
RESEARCH PAPER
Available Online at www.ijarcs.info
TIME COMPLEXITY ANALYSIS OF RSA AND ECC BASED SECURITY
ALGORITHMS IN CLOUD DATA

D.Pharkkavi and Dr. D. Maruthanayagam

1
Research Scholar, Sri Vijay Vidyalaya College of Arts & Science, Dharmapuri, Tamilnadu, India
2
Head/Professor, PG and Research Department of Computer Science, Sri Vijay Vidyalaya College of Arts & Science,
Dharmapuri, Tamilnadu, India
[email protected]

Abstract: Cloud computing is being heralded as an important trend in information technology throughout the world. Data security has a major
issue in cloud computing environment; it becomes a serious problem due to the data which is stored diversely over the cloud. Data privacy and
security are the two main aspects of user’s concern in cloud information technology. Now-a-days, the cloud data security method uses the
symmetric encryption and asymmetric encryption algorithms with their strong authentication techniques. In this paper, we discuss and compare
the performances for number of existing security techniques used to provide security in the field of cloud computing on the basis of different
parameters. It will be useful to enhance the security of data storage in a cloud environment and also to find proposed a novel security algorithm.

Keywords: Cloud Computing, Security, Cryptography, ECC, RSA, ECDH and ECDSA

I.INTRODUCTION Many cryptographic algorithms are considered with two

Cloud computing utilizes with an attractive tag line ‘pay-as- major categories.
you-use’ for attracting users to its great elasticity and a) Symmetric algorithms like DES, Triple DES, AES,
scalability of resources at relatively low cost. Evaluated to b) Asymmetric or public-key encryption algorithms like
the construction of their own infrastructures, customers are Diffie-Hellman, RSA, ECDH, ECC, ECDSA etc.
capable to reduce on important expenditure procedure by
securing storage, migrating computation and hosting onto the In symmetric key encryption, the sender who is transmitting
cloud. Even though this affords savings in terms of the data and the receiver who is receiving the data to be share
manpower and finance, it takes lots of new risks and a key which is kept secret [3]. This is the way used to encrypt
challenges. and decrypt the messages. In asymmetric key encryption, two
keys are involved wherein one key is used for encryption
The authority of the cloud computing is considered with (publicly available) and the other key is used for decryption
respect to its technological transformations and business (kept secret).
benefits, the future enterprise applications are completely • Attribute based encryption: The secret key of a user
dependent on it. It has its individual benefits; however it has and the cipher text are depending upon attributes by
several risks and challenges like, Privacy Issues, Data Theft, using the public-key encryption, (e.g. the kind of
Infected Application, Data Integrity, Data Location, Data subscription he has, or the country he lives,). A user can
Loss, Security on User Level, and Security on Vendor Level encrypt a message under a policy and a public key.
[1]. Nowadays cryptography is more useful than encryption Decryption process will only handle work if the
and decryption. Authentication is a basic part of our daily life attributes related with the decryption key match the
as the privacy protection. We use authentication throughout policy used to encrypt the message.
to process day-to-day lives when we sign our name to some • Cloud-managed-key: An additional possible threat with
document, where our agreements and decisions are conventional cryptographic techniques can be allowing
communicated electronically for providing authentication. users manage their decryption keys themselves.
Additionally, if a user has not provided permissions as
A digital signature attaches a document to the processor long to access data, after that it can decrypt data if he has
using a particular key, while a digital timestamp connects a the key. The cloud is managed the key using a
document to a particular time. The risk may be difficult to cryptographic technique as a possible solution for this
find its solution needs some secret knowledge like signing issue can be resolved
few digital documents or decrypting an encrypted message. • Identity based encryption: The Identity-based
Cloud uses various cryptographic techniques necessary for encryption (IBE) is a kind of public-key encryption
cloud security. A key is utilized for data encryption and data where in the public key of a user is some unique
decryption. This supports in securely protecting integrity and information about the identity of the user (e.g. a client
confidentiality of data. It ensures to protect the security of electronic mail address). An ASCII string consider as a
data to be shared in cloud and allows data to be stored known identity value for any party that allows a public
securely [2]. key generation. The corresponding private key’s utilized
by performing private key generator and also known as
third party access. This type of encryption process is able

© 2015-19, IJARCS All Rights Reserved 206

 D. Pharkkavi et al, International Journal of Advanced Research in Computer Science, 9 (3), May-June 2018 206-213

to cut down the complexity for utilizing both Where C =cipher text
administrators and users M=message text
E =public key
II.SECURITY ALGORITHMS D =private key
2.1 RSA • Input : d, n, C
In RSA schema, integer performs with in the interval [0, n-1] • C is the cipher text.
such as block cipher, original message and cipher message. • Computation: Let D be the decrypted text such that
In which the encrypted message and original message are D=(Cd Mod n)
represented h*h square matrices in another schema. In this • Output: D is the decrypted message.
technique, they don’t have any restriction for encryption and • Public Key: {e, n}
decryption order and also consider as more dynamic, efficient • Private Key: {d, n}
and scalable [4]. For the above security purpose, the Example:
hardware implementation of RSA schema utilizing the i) Prime Number P = 211, Q = 233.
modular exponentiation [5] and also provide security and ii) RSA Modules N= 211 x 233 = 49163
help to save to computation time and processing time. Due to ϕ(n) = (211−1). (233−1) = 48720.
the increasing demand of security issues in communication iii) Public key e = 2^16+1= 65537.
channel its essential to improve a new technological iv) Private key d ≡ e−1 (mod 48720) ≡ 44723.
development and efficient hardware security module. v) Message M=”INDIA”
It is an encryption-decryption technique. It consists of vi) Encryption E(M) ≡ M 65537(mod 49163).
plaintext and cipher text in the form of integers between 0 to Vii) Decryption D(M) ≡ M44723 (mod 49163).
n-1. This plain text is encrypted in blocks; each and every Viii) Bob sends Alice the message "INDIA" as follows:
block has a binary value which should be less than n.
• The Input text will be separated into segments of
This algorithm is done in three steps:
Size 1 (the symbol '#' is used as separator).
• Key generation I # N # D # I # A = 01001001 # 01001110
• Encryption # 01000100 # 01001001 # 01000001
• Decryption ix) Encryption into ciphertext c[i] = m[i]^e (mod N)
Key Generation: 1001001010000100 # 111001101111100 #
000001001101110 # 1001001010000100 #
In key generation consider two prime numbers (i.e.) p and q. 000110011110100
it consists of public key and a private key. The public key x) Alice decrypts the message by computing, Decryption into
will be known to everyone. Calculate the value of n. select a plaintext m[i] = c[i]^d (mod N)
random encryption key e calculates the gcd and it should be 000010110100110 # 000110110000100 # 011001110011011
equal to 1. Then find the decryption key d. finally calculate # 000010110100110 # 1010011111111010
the public key and private key. The plain text is encrypted in
blocks, with each block having a binary value less than some 2.2 ELLIPTIC CURVE CRYPTOGRAPHY (ECC)
number n i.e., for block size i bits, 2i<n<2i+1 .
• Input: None To generate cryptographic algorithms [6] the ECC
• Computations: Select two relatively prime numbers cryptographic scheme uses the properties of elliptic curves.
p and q.Where n=p*q and v-(p-1)*(q-1). In the 1980s Koblitz and Miller proposed using the group
• Compute the integer d such that (d*e)%v=1. points on an elliptic curve defined over a finite field in
• e is the integer. discrete logarithmic cryptosystems. An elliptic curve is the
• Output: n, e and d solution set over a non-singular cubic polynomial equation
Encryption process: with two unknowns over a field F. In short terms it is a
In the encryption process represent a plaintext in series of discredited set of solutions to a curve that is in the form:
numbers modulo n. the encryption process to obtain cipher y2 = x3 + ax + b
text C from plaintext M is very simple. It is formulated as: These curves holds the property that if you draw a straight
C=Me mod n line that intersects the curve in two points, it will also
Where C = cipher text intersect the curve in a third point that is either on the curve
M = message text or the point of infinity (also referred to as the neutral
E = public key element). Another important property of elliptic curves is that
D = private key they are symmetric over the x-axis. That means that if you
The file will be encrypted by sending a symmetric File have a point P(x, y) then -P will be (x, -y). Using these
Encrypted Key (FEK) simultaneously asymmetric public key properties one can define some interesting and useful
will generated both will be combined and forms an encrypted arithmetic rules. We will now briefly explain how point
FEK with a header file. addition over elliptic curves is done, as this is used for key
• Input: Integers n, e, M generation. Suppose that you have a point A and a point B on
• M is integer representation of the plain text. an elliptic curve and you want to perform an addition of these
• Computation: Let C be the integer representation of two points. Then you draw a line from A through B. This line
the cipher text. C=(Me mod n) will intersect the curve in a third point. Take this third point
• Output: Encrypted text or cipher text C. and mirror it over the x-axis and that will be the result of the
Decryption process: addition [7][8].
The reverse process of encryption will be decryption. It can
be generated using the formula: m= ed mod n.

© 2015-19, IJARCS All Rights Reserved 207

 D. Pharkkavi et al, International Journal of Advanced Research in Computer Science, 9 (3), May-June 2018 206-213

•
Calculate (P + (rand * Bpub)) prod), this gives the
ALGORITHM FOR ECC mapped point P
• Then un-map P to the plain text M
There has to be some information that is publicly known to EXAMPLE:
all the users, thus making it the public key cryptography. The 1. Curve Size: Small , Curve Type: Real number,
publicly known entities are:- Curve attributes: a=3, b=15, Curve: y² = x³ + 3x +
1. From the equation of the elliptic curve, we need to know:- 15,Point P = (3.2|7.57),Point Q = (-1.4|-2.83),Point
• The values of the constants a and b. R = P + Q = (3.31|-7.84)
• The value of m, where elliptic curve is defined over
GF(2m).
2. The group of the elliptic curve.
3. A base point B, i.e. any point on the curve E that belongs
to the group taken as a base.
The algorithms for different parts of ECC are:-
Key Generation Algorithm
• Randomly select an integer Apriv. It acts as the private
key for A.
• Then generate Apub such that Apub = Apriv * B, where
Apub is the public key for A.
• Randomly select an integer Bpriv. It acts as the private
key for B.
• Then generate Bpub such that Bpub = Bpriv * B, where
Bpub is the public key for B. 2. Curve Size: Large, Curve Type: F(p), Select curve
• Finally, A generates key, Ka = Apriv * Bpub attributes: ANSI X9.62,Curve: prime192v1, Radix: 16
• B generates key, Kb = Bpriv * Apub hexadecimal, Curve attributes: y2 = x3 + 3x + 15, where
Signature Generation Algorithm a = fffffffffffffffffffffffffffffffefffffffffffffffc,
• Calculation of message digest with a HASH function, b = 64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1
preferable SHA-1, where e is the message digest, m is p = fffffffffffffffffffffffffffffffeffffffffffffffff
the message such that e = HASHfun(m) Base point G: Point P
• Generate a random integer r and between 1 and n-1. x = f505a38eb66ad677495e0713a37c4bd6fc826ee18c2de9d2
• The first of the signature, sign1 is calculated from sign1 y= 421090022aaafa8976e9df198a61d84d384feb00dfe0c191
= x mod n where x is the product of B with rand i.e. x =
xcod(rand * B) where xcod is a function to get the x co- Base point G: point Q
ordinate. x = e16e7fb72431ecb46f90235c19f8e8b499833be5fc7d3a49
• But if sign1 is 0, then redo the previous step. y=4dae3baeed3af299d203621933943ee3f65f2e4139e5fe72
• The second part of the signature, sign2 is calculated from Point R : R = P + Q
the equation sign2 = rand -1( e + (Apriv*sign1)(mod n) x= f5c1bc8d5fd1ad01ba71edf255083f9185154bd5d644961c
• But if sing2 is 0, then re-generate r and follow the y= f1247ab9e7171aeaf709657d87c9d368535c318201b0ffc8
procedure again.
• The signature generated is a pair (sign1, sign2).
Signature Validation Algorithm
• Check if sign1 and sign2 lie between the range of 1
and n-1. If not, the signature is not valid.
• Calculate the message digest from the received
message with the same hash function, e =
HASHfun(m).
• Calculate var1, where var1 = sign2 1(mod n)
• Calculate var2, such that var2 = (e*var1) mod n
• Calculate var3, such that var3 = (sign1*var1) mod n
• We then calculate X, such that X = (var2*B) +
(var3*Apub)
• If sign1 (mod n) is equal to xcod(X), then signature
is verified.
Encryption Algorithm
• The plain text M is mapped onto the elliptic curve at
Figure 1: Time Complexity (MS) Comparison of RSA, ECC,
a point P.
ECDH and ECDSA
• Generate a random integer rand between 1 and n-1.
• The cipher text is then encoded as a pair C, where C 3. Curve Size: Large, Curve Type: F(2^m), Select curve
= [( rand * B),(P + (rand * Bpub)] attributes : ANSI X9.62, Curve: c2pnb163v1, Radix : 16
Decryption Algorithm hexadecimal
• Get x, where x = xcod(C). a = 00000007 2546b543 5234a422 e0789675 f432c894
• Calculate prod, where prod = Bpriv * x 35de5242
© 2015-19, IJARCS All Rights Reserved 208
 D. Pharkkavi et al, International Journal of Advanced Research in Computer Science, 9 (3), May-June 2018 206-213

b = 00000000 c9517d06 d5240d3c ff38c74b 20b6cd4d • After that, they publicly pick a random base point B
6f9dd4d9 belongs E.
m = 163 • In third stage, Alex chooses a secret random integer e.
Alex then computes eBεE. Consequently, transmit to
Base Point P: Benny.
x = 00000007 af699895 46103d79 329fcc3d 74880f33 • A secret random integer d is selected by benny. Benny
bbe803cb then computes dBεE. And send it to Alex.
y= 00000001 ec23211b 5966adea 1d3f87f7 ea5848ae • Subsequently eB and dB are public and e and d are
f0b7ca9f secret.
• Alex computes the secret key edB = e(dB).
Base point Q: • Benny computes the secret key edB = d(eB).
X=00000007 3fbb1a82 e9f24136 3428217c 11d41746
30127d94 Example:
Y= 00000001 360090a6 d6df3487 da3808cf c571908e Step 1: Set public parameters
60d8eb90 Curve type: F (p), Curve Size: Small, Domain parameters:
Point R : R = P + Q a=3,b=15,p=31, generator G= (1,9)
X= 00000007 ee35173a 4ae9f401 c42fe4f6 01338998 Step 2: Choose Secrets
bb745a37 Alice= 11, Bob=14
Y= 00000003 6639922b a4e6c208 dc1f73b5 b137fc51 Step 3: Generate shared keys
4a275c7d Secret key (d): Q=d*G , Alice=(1,22), Bob= (5,0)
4. Curve Size: Small, Curve Type: F(2^m), curve attributes : Step 4: Exchange shared keys
m=4, f = x^4+x+1,a=1,b=1,Curve: y² + xy = x³ + x² + 1 , Step 5: Generate common key
Point P = (g9|g12), Point Q = (g6|g3), Point R = P + Q = Key = sA*QB and key=sB*QA S= (5,0)
(g5|g10)
2.4 Elliptic Curve Digital Signature Algorithms (ECDSA)
2.3 ECDH – Elliptic Curve Diffie Hellman Initially, the Elliptic Curve Digital Signature Algorithm was
proposed in 1992 by Scott Vanstone. Three kinds of
Elliptic Curve Diffie Hellman (ECDH) represents an Elliptic algorithm are derived from ECDSA as follows: key
Curve variant of using the standard Diffie Hellman generation, signing, and verification. Algorithm ECDSA is
algorithm. ECDH performs with a key agreement [9] [10]. It the elliptic curve analogue of the Digital signature algorithm.
enables two parties to establish between the public key and To resolve the issues of ECDLP arise from the hardness of
the private key to exchange the shared key. Afterward, by ECDSA. The main benefit of ECDSA is to achieve the same
using the shared key considers a key or the derived key and security level as with DSA, however with smaller keys. By
performs to encrypt subsequent communications using a using smaller keys can also be evaluated more rapid
symmetric-key cipher. For authentication purpose, each key calculations and smaller public keys to pass around. A public
pair of one of the party is trusted by using other party so as to and private key utilize to perform the signing process and
provide secure authentication. Therefore, the systematic verification process by computing the key generation
efforts are seem to be performed for providing a very faster algorithm. The signing procedure is completely executed to
public key cryptosystem and concurrently this scheme should generate the actual digital signature. At last procedure, the
be a very practical and protective, for the most constrained verification process controls or performs to prove the
environments. authenticity of the signature. In ECDSA, that has a
alternative approach of the Digital Signature Algorithm
For example, a shared secret key is exchanged between E and (DSA) that works on elliptic curve groups. A signed message
F by using EC - Diffie hellman, both of EC domain is transmitted from A to B and they have to agree up on
parameters to agree up or to be obtained. Both sender and Elliptic Curve domain parameters. A private key dA and a
receiver contain a key pair which consists of a private key public key QA = dA * G where G is the generator point, an
and a public key. A private key is randomly selected integer elliptic curve domain parameter [11]. The algorithm is
less then n, where n is the order of the curve and another described by the following steps.
public key is randomly selected as Q= d*G (G is the ECC Domain Parameters
generator point). Let (dE, QE) be the private-public key pair The elliptic curve domain parameters are determined a finite
of E and (dF, QF) be the private-public key of F. field over arithmetic operations for utilizing these public key
cryptographic schemes. ECC domain parameters over Fq
 E Computes KE= (XE, YE) = dE * QF (where Fq is either Fp and F2m) are a septuple:
 F Computes KF= (XF, YF) = dF * QE T = (q,FR,a,b,G,n,h)
 Given that dE * QF = dEdF G= dFdE G = dF * QE. Consisting of a number q specifying a prime power (q = p or
Hence KE= KF and hence XE =XF q = 2m), an indicator FR (field representation) of the method
 (Where G represents generator point) used for representing field elements ε Fq, two field elements a
 Thus the shared secret is KE. and b ε Fq , that specify the equation of the elliptic curve E
over Fq.
Diffie–Hellman key exchange system Using ECC ECDSA Key Generation
• Initially, Alex and Benny first select a finite field Fp and The user A follows these steps where p is a large prime:
an elliptic curve E defined over it (E(Fp)). • Select a random integer d ∈ [1, n - 1].
• Compute Q = d x P.

© 2015-19, IJARCS All Rights Reserved 209

 D. Pharkkavi et al, International Journal of Advanced Research in Computer Science, 9 (3), May-June 2018 206-213

• The public and private keys of the user A are Q and Calculate a 'hash value' f (message representative) from
d, respectively. message M, using the chosen hash function SHA-1.
The other parties can check if the public key is valid by; f =
• Checking that Q ≠ 0. 856854001393991768291128146113162782518412554266
• Checking that xQ and yQ are properly represented • ECDSA SIGNATURE as follows:
elements of Fq. G has the prime order r and the cofactor k (r*k is the number
• Checking that Q is on the elliptic curve defined by a of points on E):
and b. k =1
• Checking that nQ = Q. Point G on curve E (described through its (x,y) coordinates):
If any of these checks fail the public key Q is invalid, Gx =
otherwise Q is valid. The following procedure describes how 1102820037495488564763485335411862045779050615048
to generate the signature. 81242240149511594420911
ECDSA Signature Generation Gy =
The user A signs the message m using the following steps 8690784074355093787473518737930588685002103849460
• Select a pseudorandom integer k ∈ [1, n - 1]. 40694651368759217025454
• Compute k x P = (x1, y1) and r = x1 mod n. r =
If x1 ∈, GF(2k), it is assumed that x1 is represented 8834235323891921647916487503603088848075503416916
as a binary number. 27752275345424702807307
If r = 0 then go to Step 1. The secret key s is the solution of the EC discrete log
problem W=x*G(x unknown)
• Compute k-1 mod n.
• Compute s = k-1(H(m) + d • r) mod n.
S=0X23017D41791ABDC1867EADB3C88B623DA0A4CE
Here H is the secure hash algorithm SHA-1.
B6C4160E063A27B2504DD
If s = 0 go to Step 1.
• The signature for the message m is the pair of Signature:
integers (r, s). c=
ECDSA Signature Verification 3628209355218032483221434350260779959994806489516
The user B verifies A’s signature (r, s) on the message m by 73113245353131958670779
applying the following steps: d=
• Verify that r and s are integers in the interval [1,n- 7480480454485725687888160399199812797787830106401
1]. 92427515171177419114296
• Compute c = s-1 mod n and H(m). • ECDSA VERIFICATION as follows:
• Compute u1 = H(m) • c mod n and u2 = r • c mod n. If c or d does not fall within the interval [1, r-1] then the
• Compute u1 x P + u2 x Q = (x0, y0) and v = x0 mod signature is invalid:
n. c and d fall within the required interval [1, r-1].
• Accept the signature if v = r. Calculate the number h = d^(-1) mod r:
Example h =
• ECDSA Key Generation 4293383948764973994857292206205978050702175550742
Signature originator: parkavi parkavi 905649742351881512371
Domain parameters to be used 'EC-prime239v1': Calculate the number h1 = f*h mod r:
Chosen signature algorithm: ECSP-DSA with hash function h1 =
SHA-1 2364638068208155833677398177922325281631193284117
Size of message M to be signed: 5 bytes 31596206743501995551606
Bit length of c + bit length of d = 477 bits Calculate the elliptic curve point P = h1 G + h2 W
Message m = "INDIA" Calculate the number h2 = c*h mod r:
00000 49 4E 44 49 41 INDIA h2 =
Elliptic curve E described through the curve equation: y^2 = 2645163497884801966700411372268530350144764792861
x^3 + ax + b (mod p) : 99650036313546186557595
a = (If P = (Px, Py) = (inf, inf) then the signature is invalid):
8342353238919216479164875036030888531447659725296 Px =
0362792450860609699836 3628209355218032483221434350260779959994806489516
b = 73113245353131958670779
7385252174069924173485960880387817241648609717970 Py =
98971891240423363193866 6943330783255021339129620529806079907208126039380
Private key = 1521284887 58098391829104469112407
Public key W=(Wx,Wy) (W is a point on the elliptic curve) Convert the group element Px (x co-ordinates of point P on
of the signature originator: elliptic curve) to the number i:
Wx = i =
1224700832616806964197507145004472595357380527708 3628209355218032483221434350260779959994806489516
5576222307449754331974 73113245353131958670779
Wy = Calculate the number c' = i mod r:
1368450552316907669838123190207900378191236323047
3532860089313480758778

© 2015-19, IJARCS All Rights Reserved 210

 D. Pharkkavi et al, International Journal of Advanced Research in Computer Science, 9 (3), May-June 2018 206-213

c' = algorithm will be known to all. This algorithm is always a

3628209355218032483221434350260779959994806489516 better choice to have a big key size and also we should keep
73113245353131958670779 in mind the computational load after we increase the key size.
If c' = c then the signature is correct; otherwise the signature ECC based algorithms provide helps using a lesser key size
is invalid: compared to other cryptographic technique and still holds at
high level security. The key length of our implementation we
have used a 160 to 192 bit, which is quit better to protect
III.EXPERIMENTAL RESULTS against naive attack. The key length is increased for better
security by using the encryption and decryption process. The
Performance and analysis measurements has utilized on the ECC, RSA, ECDH and ECDSA algorithms can provide to
Amazon EC2 environment. The Nimbus toolkit installed and determine the length of the encryption keys and an arbitrary
affords an infrastructure as a cloud service to its client level of security used for each algorithm. Tables represent the
through Amazon EC2 WSDL or WSRF-based web service required key length using different encryption algorithms in
APIs. Nimbus is free software as well as subject to the order to complete a level of security similar to the RSA key
requirements and open-source software of the Apache length provided by 1024-bit RSA encryption. The times for
License version 2. Nimbus Infrastructure is an open source key generation, signature, and verification algorithms have
S3-compatible or EC2 Infrastructure-as-a-Service. computed with comparable key sizes for RSA, ECC, ECDH
Particularly, the main targeting features of interest to the and ECDSA. The results of the report showed that ECDSA
scientific community such as best-effort allocations, batch outperformed RSA in both key and signature generations.
schedulers, proxy credentials, etc. Our performance result However, ECDSA was capable to verify messages much
has some values for utilizing all the Single-Job benchmarks faster than RSA. The key sizes ranged from 1024 to 15360
and in particular time. Optimizations, tuning the benchmarks bits for RSA and 163 to 571 bits for ECDSA algorithms. In
process were compiled using JAVA command-line ECDSA key generation are consistently faster than those of
arguments. Moreover, we did not use any instance-dependent RSA. By the last comparison, RSA has taken a total of
optimizations or additional architecture. 1142.5455 seconds while ECDSA lasted 315.5778 seconds,
significantly faster. Meanwhile, the signature generation had
Moreover, an ECC or a RSA standard server certificates are slightly different results. RSA started out by executing faster
configured by using a SSL handshake between a server and a than ECDSA. However, as the bit sizes for each increased,
client. After that the test methodology is planned to RSA has shown to slow down as ECDSA sped up and
determine the relative differences. The primary difference is surpassed its counterpart on the final execution. Finally, with
articulated because of the public-key cryptographic signature verification, ECDSAs times are considerably
algorithms as considered in ECC or RSA based algorithms. quicker than RSAs, times and barely increased as the size of
For that reason, the key exchange is performed on the option key lengths grew.
of ephemeral ECDH that have to keep and forward the Table 1: Time Complexity (MS) Comparison of RSA
secrecy on that it affords and we do see a popular move and ECC based Algorithms
towards this as well performed.
Time Complexity(MS)
The SSL handshake also includes and completes the
Key size RSA ECC ECDH ECDSA
operations which are identified in the table on Public Key (RSA:ECC:ECDH
Cryptographic Operations. In this environment model, it has :ECDSA)
reputation gaining and is simply run the tests available public 1024:163:128:163 212.4521 149.6712 125.4155 114.3564
information to enable the reader to repeat same tests: 2048:224:160:233 542.4123 237.6034 189.2541 125.2457
Amazon EC2. This kind of the test is simultaneously loaded 3078:256:192:283 678.9623 456.0023 242.2564 179.2563
to the server by running the same transaction repetitively 7680:384:224:409 817.3245 779.2342 369.1248 298.5447
through multiple clients and gathering latency (response 15360:521:256:571 1142.5455 854.5878 410.2565 315.5778
time) and throughput at the client desktop. It enables setup on
the Red Hat Enterprise Linux Server release 6.3 64 bit with
our application, High-CPU Extra Large Instance (c1.xlarge)
and the Linux.

By applying test data the security algorithms is evaluated in

terms of the execution time required to store or retrieve the
text data at cloud. The Simulation program accepts inputs:
Algorithm and data block. Subsequent to a successful
execution i.e. encryption and decryption process generate an
efficient result. After the successful encryption/decryption
process the analytical table is created. To make sure that all
the data are processed in the right way. Basically, it is depend
upon execution time (Encryption and Decryption time) as
parameters.

A cryptographic technique depends a lot on the size of the Figure 1: Time Complexity (MS) Comparison of RSA,
key used for security purpose. The Encrypt/Decrypt ECC, ECDH and ECDSA

© 2015-19, IJARCS All Rights Reserved 211

 D. Pharkkavi et al, International Journal of Advanced Research in Computer Science, 9 (3), May-June 2018 206-213

Table 2: Execution Times for Key Generation and

Encryption (MS) Comparison of RSA and ECC based
Algorithms
Execution Times for Key Generation and Encryption(MS)
Key size RSA ECC ECDH ECDSA
(RSA:ECC:ECDH
:ECDSA)
1024:163:128:163 54.6534 48.2548 46.8545 40.8454
2048:224:160:233 78.2545 55.0485 49.5455 47.4748
3078:256:192:283 98.3523 87.8455 59.0174 56.4854
7680:384:224:409 112.2545 96.5452 69.1484 67.5454
15360:521:256:571 153.8767 106.0457 78.1254 73.8458

Figure 3: Execution Times for Decryption (MS)

Comparison of RSA, ECC, ECDH and ECDSA

Table 4: Execution Times for Signature verification (MS)

Comparison of RSA and ECC based Algorithms
Execution Times for Signature verification(MS)
Key size RSA ECC ECDH ECDSA
(RSA:ECC:ECDH:
ECDSA)
1024:163:128:163 37.0523 31.9875 29.5457 24.2568
2048:224:160:233 44.2545 39.5784 34.9854 31.5896
Figure 2: Execution Times for Key Generation and 3078:256:192:283 56.2556 43.8795 41.2578 39.4112
Encryption (MS) Comparison of RSA, ECC, ECDH and 7680:384:224:409 69.6723 57.9821 52.6541 43.8854
15360:521:256:571 110.2443 73.6942 69.8754 55.9558
ECDSA

Figure 1 and Table 1 shown Time Complexity of Security

Algorithms (RSA, ECC, ECDH and ECDSA), Figure 2 and
3, Table 2 & 3 shown, Encryption and decryption
performance for the various algorithms are difficult to
measure and are heavily influenced by system architecture
and software/hardware optimizations. ECC offers
dramatically superior key pair generation performance
compared to RSA, with the large primes generated for RSA
requiring several orders of magnitude more time when
compared to a much smaller ECC key, especially at RSA bit
lengths of 1024 and above RSA encryption is generally
slightly lesser than ECC, while ECC decryption may be
several times faster than RSA, although both are generally
efficient enough not to provide a practical system bottleneck.
The ECDH and ECDSA method is assumed to offer a similar
processing time as RSA due to similarities in algorithm
implementation but will likely take longer due to the multiple
exchanges involved.
Figure 4: Execution Times for Signature verification
Table 3: Execution Times for Decryption (MS)
(MS) Comparison of RSA, ECC, ECDH and ECDSA
Comparison of RSA and ECC based Algorithms
Figure 4 and Table 4 shown Signature Verification of
Execution Times for Decryption(MS)
Key size RSA ECC ECDH ECDSA
algorithms and key pair generation algorithm of ECDSA
(RSA:ECC:ECDH: needs a random number to be generated. Using this random
ECDSA) number as seed private keys is generated. Similarly secret
1024:163:128:163 56.3429 49.8785 44.2645 39.4587 integer ‘K’ generated during signature verification algorithm
2048:224:160:233 76.2545 70.0124 58.1247 46.2147 should also be random in nature. An attacker can exploit this
3078:256:192:283 95.6955 89.0525 61.2565 57.9876
7680:384:224:409 106.2541 98.0214 97.7249 79.6589
vulnerability if the algorithm used to generate the random
15360:521:256:571 123.5455 101.4521 99.7854 89.6987 number is not cryptographically secure i.e. it should be
unpredictable. So probability of any given value being

© 2015-19, IJARCS All Rights Reserved 212

 D. Pharkkavi et al, International Journal of Advanced Research in Computer Science, 9 (3), May-June 2018 206-213

selected should be very small. As a future scope of our [4]. Sana Belguith et al. [2015] Enhancing Data Security in
proposed work cryptographically secure random number Cloud Computing Using a Lightweight Cryptographic
should be included while generating private keys. Algorithm. The Eleventh International Conference On
Autonomic and Systems. 98– 103.
[5]. Tembhurne S et al. [2015] An Improvement In Cloud Data
IV.CONCLUSION
Security That Uses Data Mining. International Journal of
Advanced Research in Computer Engineering &
Encryption and decryption algorithms play an important role Technology 4: 2044– 2049.
in data security on cloud. Various encryption algorithms have [6]. Nikhitha K, Navin K S. [2015] A Survey On Various
been proposed to make cloud data secure, vulnerable and Encryption Techniques For Enhancing Data Security In
gave concern to security issues and challenges. In this paper Cloud. International Journal of Advanced Research Trends
the comparisons have been made between RSA and ECC in Engineering and Technology 194– 197.
Based algorithms (ECC , ECDH and ECDSA) to find the [7]. S. Maria Celestin Vigila , K. Muneeswaran
which one is best security algorithm, which has to be used in “Implementation of Text based Cryptosystem using Elliptic
cloud computing for making cloud data secure and not to be Curve Cryptography”, IEEE Sep-2009, pp. 82-85.
hacked by attackers. According to the experimental results [8]. Abhuday Tripathi, and Parul Yadav, “Enhancing Security
of Cloud Computing using Elliptic Curve Cryptography,
ECDSA is best for the remaining algorithms such as RSA, International Journal of Computer Applications, 57(1),
ECC and ECDH. The future scope of this work is to find 2012, 0975-8887.
out an efficient proposed novel algorithm to make the more [9]. Sherif El-etriby, Eman M. Mohamed,Modern Encryption
secure than ECDSA. Techniques for Cloud Computing,proceedings of the
informatics and systems 8th international
V.REFERENCES conference(page:cc-1-cc-6 year :2012 ISBN: 978-1-4673-
0828-1)
[1]. Garfinkel, S.L; “Public Key Cryptography”, Computer, [10]. Mandeep Kaur, Manish Mahajan, “Using encryption
IEEE, Volume: 29, Issue: 6, June 1996. Algorithms to enhance the Data Security in Cloud
[2]. Periyanatchi S, Chitra.K. [2015] Analysis on Data Security Computing”, International Journal of Communication and
in Cloud Computing-A Survey. International Conference Computer Technologies,Vol.12, Issu.3,pp 56-59,2013
on Computing and Intelligence Systems 04:1281 – 1284. [11]. Julio Lopez and Ricardo Dahab- Fast Multiplication
[3]. CharanjeetKaur et al. [2015] Data Security Algorithms In on Elliptic Curves over GF(2m) without
Cloud Computing: A Review. International Journal For Precomputation, Springer.
Technological Research In Engineering 2:372– 375.

ABOUT THE AUTHORS

D.Pharkkavi received her M.Phil University, Tirunelveli in the year 2014. He received his
Degree from Tiruvalluvar University, M.Phil Degree from Bharathidasan University, Trichy in the
Vellore in the year 2013. She has year 2005. He received his M.C.A Degree from Madras
received her M.C.A Degree from Anna University, Chennai in the year 2000. He is working as HOD
University, Chennai in the year 2012. Cum Professor, PG and Research Department of Computer
She is pursuing her Ph.D (Full-Time) Science, Sri Vijay Vidyalaya College of Arts & Science,
Degree at Sri Vijay Vidyalaya College of Arts & Science, Dharmapuri, Tamilnadu, India. He has above 15 years of
Dharmapuri, Tamilnadu, India. Her areas of interest include experience in academic field. He has published 4 books, 26
Cloud Computing and Mobile Computing. papers in International Journals and 28 papers in National &
International Conferences so far. His areas of interest include
Computer Networks, Grid Computing, Cloud Computing and
Dr.D.Maruthanayagam received his Ph.D Mobile Computing.
Degree from Manonmaniam Sundaranar

© 2015-19, IJARCS All Rights Reserved 213