Enhancing e-commerce security using elliptic curve cryptography

Javed R. Shaikh, Ravinder Kumar, Maria Nenova, Georgi Iliev and Hitesh Singh

Over the past few years, the percentage of customers using electronic commerce (E-commerce) is increasing rapidly. E-commerce transaction security is a major concern for E-commerce websites along with its customers. The basic requirements for any E-commerce transaction are privacy, authentication, integrity and non-repudiation. To fulfil the E-commerce security requirement mentioned above, Rivest, Shamir, and Adelman (RSA) cryptography algorithm is widely used. In case of RSA with security requirement, key size is increasing proportionally. Large key size in RSA makes it inappropriate in environments where processing speed, storage, bandwidth, or power consumption is a major constraint. Due to these limitations of RSA algorithm, a new public key cryptography scheme known as the Elliptic Curve Cryptography (ECC) is emerging as a good option for RSA. In this paper ECC performance is analyzed in terms of computation time taken by elliptic curve when used for the ECC application. For the analysis of ECC different key sizes are considered. This paper explains by comparison how ECC is better than the traditional RSA. To improve the security in E-commerce business general security model is proposed by considering the ECC. The proposed E-commerce system is suitable in the constrained applications which have computation speed, bandwidth and storage as its major constraint. In proposed security model along with the payment information, customers purchase order information is also secured.

Download PDF: 
DOI: http://dx.doi.org/10.24327/ijcar.2017.5342.0701