ELLIPTIC-CURVE CRYPTOGRAPHY (ECC) AND ARGON2 ALGORITHM IN PHP USING OPENSSL AND SODIUM LIBRARIES

This paper presents the elliptic-curve cryptography (ECC) and Argon2 algorithm in PHP using OpenSSL and Sodium cryptographic libraries. The vital part of this thesis presents an analysis of the efficiency of elliptic-curve cryptography (ECC) and the Argon2 hashing algorithm in the Sodium library, depending on the variation of initiation parameters.


Introduction
The information security, its storage and dissemination is a crucial element of any IT system, regardless of what data the system processes and on what technology it is based on. The Internet users of these IT systems expect the information they provide, especially sensitive information, to be adequately protected.
Currently available programming languages, such as Java, C, Python, Ruby, or PHP are used to build modern IT systems. The choice for a particular programming language depends on many factors, such as the requirements set for programmers, available programming libraries, technical support or its popularity at a time.
The scripting programming language, PHP, was designed to create web applications and generate websites on the server side. For the last 20 years PHP has been extensively developed and is currently the leader (almost 80% [4]) amongst the programming languages, on basis of which all websites are built. The popularity of the PHP language among the programmers around the world is enormous, as evidenced by the ninth position in the TIOBE index [5] (October 2019) and the sixth position in the SPECTRUM [6] ranking (2018). The PHP potential has also been recognised by such Internet giants as Google, Facebook, Yahoo!, Wikipedia or WordPress.
When designing a PHP based IT system to process information, a web developer is equipped with a number of modules and features to facilitate the information security, e.g. the OpenSSL library, that also uses, cryptography of elliptic curves or currently, the RSA algorithm. With PHP 7.2 version, the Sodium crossplatform library and the new Argon2 hashing algorithm are available to programmers. It makes PHP language a safe environment that implements the latest cryptography solutions. This paper presents the findings related to the efficiency of generating cryptographic key using a cryptography of elliptic curves and efficiency of the Argon2 algorithm, depending on the variability of initiating parameters.
The conducted experiments related to the elliptic curve cryptography in IT systems based on PHP 7.2 were aimed at analysing which elliptic curves were the most efficient and could be recommended for using in the production environment.
Since 1985, the theory of ecliptic curves over finite bodies has been applied to several cryptographic issues, such as the distribution of integers into prime factors, primality tests, and the construction of cryptosystems. One of the main reasons for the interest in the cryptology in elliptic curves is that they are the source of a vast number of finite groups equipped with a rich additional algebraic structure. The groups of elliptic curve points are in many aspects similar to multiplicative finite body groups. However, they have two advantages over themthere are more of them and it seems that they provide the same degree of security with a short key length [2,3].
The cryptosystems using elliptic curves were first suggested in 1985 by Victor Miller and Neal Koblitz. Initially, they did not expect that their idea would be used in practical terms, in any case, not earlier than in the distant future. Today, a few years after they had submitted their project, many useful implementations have been in use [2]. The Table 1 shows the recommendations of the National Institute for Standards and Technology (NIST) regarding the public key length. As we can see, the conventional keys of 1024byte and 2048-byte size (value often found in the case of RSA) corresponds to cryptosystems based on elliptic curves with 160-223-byte and 224-255-byte key sizes, respectively. In a fair comparison, the complexity of implementing the cryptosystem should also be taken into account. In practice, however, shorter keys can translate into faster implementations, lower energy consumption, smaller surfaces of silicon, etc. [1].

The course of the experiment
In order to measure the efficiency of the key generation by using elliptic curves, a PHP 7.2 programming language, using the OpenSSL cryptographic library, has been developed. The experiment involved the measurement of time to generate 100 keys for each elliptic curve separately, during a typical operation of the production server.
The efficiency, marked as a performance ratio and expressed as a percentage for each elliptic curve, was calculated by dividing the average generation time by the key length of the elliptic curve. At the end of the experiment, the key performance for each group of elliptic curves was determined by dividing the performance ratio by the number of elliptic curves for that group.

The outcome of the experiment
We can conclude, from the data in Tables 3-8, that the larger the key size, the more time it takes to generate it. Specifically for curves with the key length of 384-511 bytes, the time needed to generate it increases significantly, e.g. for the elliptic curve sect571r1 the time needed was almost 56 milliseconds. PHP Group, which manages the implementation and development of the PHP programming language, based on the NIST recommendation, suggests the use of elliptic curves prime256v1 (NIST P-256) and secp384r1 (NIST P-384).

Fig. 1. Average performance ratio for all analysed groups of elliptic curves
The interesting conclusion of the experiment was the demonstration that Brainpool curves do not differ in efficiency from those recommended by the PHP Group as the most efficient elliptic curves Prime and Secp, and are in the second position between Prime and Secp in the ranking of average performance.

Argon2 algorithm
The Argon2 algorithm became the winner in the contest organised by the Password Hashing Competition [7], lasting from 2013 to 2015. The idea of the contest was to select a hashing algorithm that would be in line with the requirements of the National Institute for Standards and Technology (NIST) in the United States, for AES and SHA-3 algorithm, but more effective and sophisticated. Of the 24 projects submitted, it was the project by Alex Biryukov, Daniel Dinu and Dmitry Khovratovich from the University of Luxembourg in Luxembourg that won the most recognition. The algorithm has been made available on the Internet [7] in the form of the source code in C language.
Argon2 protects against brute-force attacks by using a predefined memory size, GPU usage time and an appropriate degree of Instruction Level Paralleism. It uses three parameters to control: the memory required, execution time and the number of threads used. There are two variants of this algorithm: Argon2i and Argon2d. Argon2i is effective against side-channel attacks because it uses data independent access to memory, which is why it is well suited for password hashing. Argon2d provides better protection against GPU-based attacks.
The Argon2i hashing algorithm has been implemented in PHP, starting from the 7.2 version, as part of the Sodium library. A range of Argon2 algorithms is used in tasks requiring massive storage capacity. It is optimised for x86 architecture and works efficiently on older processors. The key feature of Argon2 is the simultaneous use of multiple processor cores, which, consequently, is an additional protection that prevents a time/memory/date/trade off attack type of intrusion.
Argon2 uses optimally all available memory, Argon2i uses the memory at a speed of two processor cycles per byte, while Argon2d is three times faster. These features, among others, are included in the software used for cryptocurrencies. Argon2 is exceptionally scalable, both in terms of memory and CPU usage, because it can use up to 224 threads simultaneously.

The efficiency of Argon2 algorithm
The efficiency of Argon2 algorithm depends on the technical conditions in which it functions. Primarily, on the speed of the processor and the memory acquired. The performance evaluation will be basically to measure the algorithm's workload time dependent on the initialised parameters. The experiment is carried out on a Dell PowerEdge 1950 serverwith a typical workday load (Web server), with the following parameters:  processor -Intel Xeon E5430 @2.66 GHz, 8CPU; 8GB RAM;  operating system -FreeBSD 11.1 -RELEASE-p10;  Software: o PHP 7.2; php72-sodium-7.2.5; o Sodium librarylibsodium -1.0.16.

The course of the experiment
In the tcsh shell, the Argon2 program was cyclically called with parameters determining the memory acquired, the number of threads and the number of iterations, with the output key length set for all tests to 32 bytes.
The testing procedure had the following pattern: echo -n "PSAEI_w_Gliwicach" | argon2 MySaltPSAEI -v 13 -m 14 -l 32 -i -t 1 -p 1 where MySaltPSAEIthe first parameter specifying grain (salt), v algorithm version number (default 13), mmemory usage in kilobytes, calculated as 2^N, llength of the shortcut at the output, i or d -Argon2i algorithm used or Argon2d, tnumber of iteration, pnumber of threads. Figure 2 shows the results of a typical application of the Argon2 algorithm. As we can see, the algorithm's running time in a single iteration was 0.055 seconds, using 16MB of memory, with the number of threads being one. IAPGOŚ 3/2020 p-ISSN 2083-0157, e-ISSN 2391-6761

Fig. 2. Application of the Argon2 algorithm in the tcsh shell
The next stage of the experiment was the cyclical calling of the hash function from the PHP programming language, using the Argon2i algorithm. The number of iterations for each type of measurement was 10, with the results divided by the number of threads and the amount of the memory used.

The outcome of the experiment
The results of the tests covering the Argon2d and Argon2i algorithms, performed from the systems (console) level, are presented in the Table 9.
The results of the tests covering the Argon2i algorithm, performed from the PHP language level, for one, three and six iterations are presented in the Table 10.

Conclusion
The first aim was to analyse the performance of the elliptic curve cryptography in a programming environment, using the PHP 7.2 version and the OpenSSL library. The findings indicate that the optimal elliptic curve to use in the research environment constructed in this way is the prime256v1 curve with a 1.11% efficiency factor, which corresponds to a security level of RSA 3072 bytes. In the 160 -223 bytes group, the most efficient (with the same ratio) elliptic curves are prime192v1, prime192v2 and prime192v3, in the group of 224 -255 bytes -prime239v1, prime239v2 and prime239v3, in the group of 256 -383 bytes -prime256v1, in group 384 -511 bytes -secp384r1, and in the 512+ bytes group -brainpoolIP512t1.
The second aim was to analyse the performance of the Argon2 hashing algorithm, which is part of the Sodium cryptographic library and utilised both from the system console and the PHP 7.2. version. The time required to perform the hashing operations in the console version are similar to those in the PHP version, with the increase in time and depending on the memory acquired for use by the Argon2 algorithm.
It is also important to note that the algorithm efficiency is largely influenced by the number of threads used. With 1 GB of memory used, six iterations and one thread, the time taken to perform this operation was almost 12 seconds. With four threads, it dropped by almost half and with eight threads it reached just over 4.5 seconds. Of course, the above mentioned example is only a limiting example of the Argon2 algorithm in the production environment, as it is charged with a heavy use of processor power and the memory. The use of 16MB or 32MB memory at three iterations and two threads is the optimal solution in terms of time and the use of hardware resources.