Elliptic Curve Cryptography (ECC) for Host Identity Protocol (HIP)

We compare computational resources required for handling control plane of the Host Identity Protocol (HIP) using Rivest-Shamir-Adleman (RSA) versus Elliptic Curve Cryptography (ECC) encryption algorithms with keys of equivalent strength. We show that servers would establish almost three times more HIP connections per second when ECC is used for generating the session key. For devices with low computational power such as Nokia N810 Internet Tablet, the use of ECC would notably reduce the delay to establish a HIP association. Unless compatibility with legacy RSA/DSA-only systems is needed, the Host Identity may be an ECC key as well, but such a modification would bring only 50 percent additional performance with the current default keys. However the situation becomes different under higher security requirements when employing ECC for the host identification boosts the performance more than four times, and we consider ECC Host Identities desirable in that case.