Elliptic curve cryptography (ECC) is an approach to public-key cryptography. Its security is based on the complexity of discrete logarithm problem. ECC allows the use of a special format of digital certificates called implicit certificates. An implicit certificate has the characteristic of having very small size which make them very useful in resource constrained environments such as embedded sensor devices.

This article provides an overview of the flow for deriving and delivering implicit certificates by a certification authority.

As seen in the figure below, the certification authority and the entity requesting an implicit certificate exchange information at two stages in the process. First, the entity requesting an implicit certificate communicates an EC ephemeral public key QU to the certification authority, this request must be authenticated and authorized by the CA. Second, when the CA communicates the implicit certificate ICU as well as the private-key reconstruction data to the entity U.

An entity trusted by the final user U can act on its behalf for the issuance and delivery of the implicit certificate. Such entity can be for example a device manufacturer or the provisioning system in a production site. Alternatively, the certification authority may derive the ephemeral EC key pair on behalf the entity U. In this case, the CA securely must deliver the ephemeral key-pair to the the entity representing the final user U.

Legend

-|>|> : Derived from
-|> : Next step in the process
-> : Communication
CA: Cerfification Authority
D,n : EC domain parameters
wCA,WCA: Static EC public key owned by CA
dU,QU: Ephemeral EC key pair owned by entity U used for generating ICU
dCA,QCA: Ephemeral EC key pair owned by CA used for generating ICU
wU, Wu : Static EC public key owned by CA
S : private-key reconstruction data
ICU : Implicit certificate of entity U

• http://secg.org/

Labels: embedded, security