A Low Power Security Architecture for Mobile Commerce

+ IHP, Im Technologiepark 25, Frankfurt (Oder), Germany [email protected] Abstract: Mobile devices have limited resources in terms of computational power and energy. With the up-coming wireless Internet a lot of new applications that require security and privacy will be deployed. The exhaustive use of encryption mechanisms will drain down the battery within short time. In this article we present a security architecture that enables mobile devices to negotiate the cipher mechanisms with the infrastructure. Thus, the mobile devices are enabled to exploit the differences in the computational effort required for public and private key operations of RSA and elliptic curve cryptography (ECC). The benefit of this approach is that the mobile only has to execute RSA public key and EC private key operations. We present measurements for a given scenario, showing that by exploiting the differences in the computational effort of RSA and ECC, the computational burden on the mobile can be reduced by up to forty seven times.