Mobile ECC (Elliptic Curve Cryptosystem) 2.0 Software


Purpose of this File:

This file promotes the MePKC (Memorizable Public-Key Cryptography), which is aka MoPKC (Mobile Public-Key Cryptography), of Mobile ECC (Elliptic Curve Cryptosystem) software.

To go back to the guide, click here.


Products for Sale in this File:

[1] Patent licensing of 2-dimensional key (2D Key).

[2] Patent licensing of multihash key.

[3] Patent licensing of two-factor multimedia key (Token Key).

[4] Patent licensing of MePKC (Memorizable Public-Key Cryptography).

[5] Patent licensing of MePKC applications in information engineering.

[6] Copyrighted software of 2-dimensional key (2D Key).

[7] Copyrighted software of two-factor multimedia key (Token Key).

[8] Copyrighted software of multihash key.


Part  A :   Introduction


Types of Important Messages in the Electronic Computer Communications :

In this information age, knowledge economy is a new stream of economic system supported by the agricultural economy and industrial economy. The economy of many developed countries has been depending on knowledge economy for quite some times. Knowledge economy means the intangible assets generated from the various intellectual properties (IP) like invention patent, utility model (aka innovation patent), design patent (aka industrial design), plant patent, copyright, trade mark, confidential information, etc.


There are two types of computers: Blank computer and info-computer. Blank computer is a computer with computing capabilities but without informative storage of data in the hard disk drive (HDD). On the other hand, info-computer has lots of informative data stored in the HDD and accessible by the computer network users.


Besides the intangible assets, other important information is personal love affair(s), family relationship, relatives’ relationship, personal and family financial accounts, company financial accounts, friends’ relationship, charity activities, socioeconomic activities, political activities, etc. Messages categorized as the SPECT issues (sensitive, private, exigent, confidential, transcription) need data protection.


Threat to Electronic Computer Communications :

However, the computer communication network, be it LAN and/or Internet, is actually subject to many types of attacks, which can disclose the contents of the messages stored in an info-computer and/or traveling through the communication channel. These attacks are passive attacks like interruption, and active attacks like interruption, modification, and fabrication.


Firewall is not perfect in resisting the hacking. Moreover, network administrator and Internet service providers (ISP) can monitor the traffic of the messages traveling through its network. Some of the legal acts enacted in MY, US and EU for communication monitoring are as follows together with the monitoring HQ (headquarter) technologies:


Malaysian Communications and Multimedia Commission Act 1998 (Act 589)

Akta Suruhanjaya Komunikasi dan Multimedia Malaysia 1998 (Akta 589)




CALEA (Communications Assistance for Law Enforcement Act of 1994)



CALEA the Law



STOA (Scientific and Technological Options Assessment).



U.S. Military Intelligence


Loyola Homepage on Strategic Intelligence


Economic and Competitive Intelligence



Security-(C3I, C4I, C4ISR).



C3I (Command, Control, Communications, Intelligence).

C4I (Command, Control, Communications, Computing, Intelligence).

C4I (Command, Control, Communications, Computers, Intelligence).


C4ISP (Command, Control, Communications, Computers, Intelligence, Support Plans).

C4ISR (Command, Control, Communications, Computers, Intelligence, Surveillance, Reconnaissance).



Demands for Secure Data Communications over the Computer Communications Networks :

Hence, the data in the computer communications networks need some protection features like confidentiality (against interception), authentication (against fabrication), integrity (against modification), non-repudiation, access control, and availability (against interruption).


Symmetric key cryptography is one of the main branches of cryptology and information security to provide these types of services. However, it has key sharing problem and key management problem. Both the sender and receiver have to share the same secret key, where the communication of the secret key through an insecure channel is a problem. Moreover, every pair or group of sender and receiver(s) needs a unique secret key. A huge number of pairs or groups of users create a big key management problem. Let say there are n pairs or groups of users, then it needs n*(n+1)/2 symmetric keys.


Therefore, asymmetric key cryptography or public key cryptography (PKC) is invented to solve the problems of symmetric key cryptography. Here, the beta version of MobileECC uses PKC to provide two main functions: Encryption and Signature.



Part  B :   Secure Computer Communications


Public-Key Cryptography (PKC) :

PKC is a novel invention of cryptography in 1970’s. It provides both the basic functions of encryption and signature. Its main advantage is that it has solved the problem of sharing symmetric key by using a pair of asymmetric key called public key and private key. The public key is publicly disclosed for the public to encrypt a plaintext and to verify a signature. Meanwhile, the private key is used to decrypt a ciphertext and to sign a message. Its security strength depends on the private key size, which has to be at 160 bits for protection by 2010, 192 bits for a protection of 10 years, 224 bits for a protection of 20 years, 256 bits for a protection of 30 years, and so on.


MobileECC :

This is a cryptographic PKC software using memorizable public-key cryptography (MePKC) or mobile public-key cryptography (MoPKC). There are two main functions, i.e. encryption scheme and signature scheme. Its novel features are memorizability and mobility of private key. The private key can be created using an at least 160-bit passphrase or at least 2 units of self-created Chinese language password.


For private key optimization of 192-bit Mobile ECC software, when this software is used together with 2D key input method, there is a memory optimization to minimize the memorizable size of private key. Firstly, a 128-bit 2D secret is created using 2D key to act as the token password in the 2-factor multimedia key method. Secondly, an at least 192-bit multimedia data file can be used as software token to be encrypted and stored in a USB flash drive as token ciphertext. The token password (i.e. 2D key secret) and token plaintext, after the optional processes of multihash key, can generate a secret to act as a 192-bit private key secret in the 192-bit Mobile ECC. Whenever there is a need, get the USB flash drive storing the token ciphertext, decrypt it using the token password (i.e. 2D key secret), and select the hash iteration of multihash key to create a slave key.


How to Use MobileECC :

[1] The manual of MobileECC can be downloaded here.

[2] The software of MobileECC can be downloaded here.

[3] My public key file can be downloaded here. and I can be requested to be an introducer of the web of trust.

[4] The required Microsoft .NET Framework Version 1.1 Redistributable Package (23698KB) or better from Microsoft is at here.


Public Key File :

[1] My public key file, i.e. Kok-Wah Lee @ Xpree Jinhua Li’s, can be downloaded here.

[2] Here, I can be requested to be an introducer for a Web of Trust or you may form a trust web on your own.

[3] If you need to upgrade your public key file into public key certificate, please send your public key file with filled in details to me

via email at <kokwah [at]>.

[4] For other methods on how to exchange the public key files among multiple users, please refer to the manual here.



Donation for the Product Development Costs of MePKC Applications :

If you think that you would like to help funding the product development costs of MePKC applications, please feel free and happy to make some donations.


Please click the button in the table below this webpage for your generous donation.


For a minimum donation amount of USD$1, the net donation after the deduction of commission fees is ((1-5.4%)*USD$1 – USD$0.30) = USD$0.646.


When you are using IE as web browser, and if you have problem to connect to the PayPay online payment, please go to toolbar for “Tools” > “Internet Options” > “Privacy” > “Settings” > “Low” to reset the cookies settings.


The commission fees to be paid to the PayPal, Inc., USA, are listed here for PayPal personal account & premier/business account.


For PayPal personal account, the commission fees are (5.4% + USD$0.30).


For domestic transactions within Malaysia of PayPal premier/businees account, the commission fees are (3.4% + USD$0.30) for monthly sales within USD$0-3000, (2.9% + USD$0.30) for monthly sales within USD$3000-10000, (2.7% + USD$0.30) for monthly sales within USD$10000-100000, and (2.4% + USD$0.30) for monthly sales more than USD$100000.


For cross-border transactions outside Malaysia of PayPal premier/businees account, the commission fees are (3.9% + USD$0.30) for monthly sales within USD$0-3000, (3.4% + USD$0.30) for monthly sales within USD$3000-10000, (3.2% + USD$0.30) for monthly sales within USD$10000-100000, and (2.9% + USD$0.30) for monthly sales more than USD$100000.


The FOREX commission fees for multiple currency transactions are 2.5%.


Thanks for your donation. J



Sale Commissions:

To promote sale, agent(s), who can realize any sale contract and licensing agreement for the products and services in this business, will be compensated by a minimum commission rate of 2% throughout the validity of the business.


Intellectual Property:

[1] Kok-Wah Lee. (2008, July 25). Methods and systems to create big memorizable secrets and their applications in information engineering. Malaysia Patent Application PI 2008xxxx, MyIPO, Filing Date: 25 July 2008.


Download the Software:

Copyrighted Software


Fee (SGD$)


[0]  Mobile ECC 2.0 Free Edition <click here>


Fully Memorizable Private Key Using 2D Key




Optional Partially Memorizable Private Key Using 2-Factor Multimedia Key






E. & O. E. = Errors and Omissions Exempted


E. & O. E., + E. = Errors and Omissions Exempted, plus Estimations



Created on 26 January 2008

Updated on 04 June 2009