Lightweight Cryptography
Assignment Description
The majority of modern cryptographic algorithms were designed for desktop/server environments, many of these algorithms could not be implemented in the low-power devices used in applications such as automotive systems, sensor networks, healthcare, distributed control systems, the Internet of Things (IoT), cyber-physical systems, and the smart grid. Security and privacy is important in all of these areas. The lightweight cryptography has the goal of providing cryptographic solutions that need to maintain the resource vs security constraint.
In this context write a report including the following sections:
A. Introduction about the lightweight cryptography and its goals
B. The potential security threats in systems using low-power devices
C. The working mechanism of lightweight cryptography
D. Performance metrics (Hardware-specific metrics and Software-specific metrics)
E. Lightweight cryptographic algorithms
F. Current and Future challenges in lightweight cryptography
G. Conclusion
H. References(IEEE Style)
Instructions:
Do not use Wikipedia as a source or a reference
Must consider at least five current references from journal/conference papers and books. Must follow IEEE referencing style.
Make sure you properly reference any diagrams/ graphics used in the assignment.
Introduction to Lightweight Cryptography and Its Goals
cryptography is the science of concealing important information from unauthorized personal. Advancing technology has immensely contributed to the growth of modern cryptography where it now intersects with other disciplines such as mathematics, electrical engineering and computer science (Aghaie, Kermani & Azarderakhsh, 2018). However, conventional cryptography techniques such as Hashing, encryption and signing do well on systems with a high processing and memory capabilities, they fail to work well in a world where sensor networks and embedded systems are commonly used (Aghaie, Kermani & Azarderakhsh, 2018). As such, the adoption of lightweight cryptography is meant to solve some of the challenges associated with traditional cryptography. Some of these challenges includes constrains that are associated with the physical size, memory limitations, energy drain and its processing requirements. The goal of modern lightweight cryptography is to eliminate these challenges which is what this paper purposes to discuss.
The Potential Security Threats in Systems Using Low-Power Devices
Most internets of things devices are often lowered powered devices which can present a huge security threat. However, as the world becomes interconnected electronic devices the need to have more low powered devices is investable. Unfortunately, these devices present a huge security threat to users because they are deployed in an environment that can be regarded as complex due to its uncontrollable nature.
Many low power devices have limited memory, storage and processing capabilities which allows them to operate when running on low power such as the use of batteries. However, despite these devices offering conveniences because majority of them are mobile, they do pose a serious security threat. For instances, security measures that apply encryption are not suitable for these devices because their low power cannot allow they to perform complex tasks such as encryption and decryption which would often use a lot of power (Alippi, Bogdanov & Regazzoni, 2014). To counter these threats, such devices apply lightweight encryption algorithms but they do not offer enough security measures. For instance, these limitations expose these devices to various security threats like power analysis attacks that are often used to reverse engineer their algorithms (Alippi, Bogdanov & Regazzoni, 2014). As such, low powered devices are often exposed to the risks of numerous cyber attacks due to the vulnerability caused by the limitations that come with low power supply.
One of the ways to overcome security threats on any electronic devices is by ensuring that regular software updates are done. However, low powered devices do not have enough storage and memory capacity to accommodate these updates (Buchanan & Asif, 2017). Under such circumstances, low powered devices are often exposed to numerous attacks because they can no longer be updated regularly as required. Today, manufacturers are opting to install automatic update features into modern electronic devices to enhance their security (Buchanan & Asif, 2017). However, given the limited storage and memory capacity of most low powered devices, adopting such measures may not be very effective because of the devices will not have enough power to carry out these automatic updates (Buchanan & Asif, 2017). As such, electronic devices end up becoming vulnerable to different security threats.
The Working Mechanism of Lightweight Cryptography
The working mechanisms of lightweight cryptography involve optimization of encryption algorithms using standard cryptographic procedures so that it can be applicable to low powered devices. For instance, running Advanced Encryption Standard on an internet of things devices may be very costly while at the same time a lot power may be drained (Joseph Sekar & Balasubramanian, 2017). As such, to overcome such challenge, a similar technology that allows for the application of Advanced Encryption Standard needs to be applied, such that it can occupy less memory and storage capacity space so as to ensure that device security functionalities are intact.
Light-weight cryptography utilizes different components of a cryptography system. One of these components is the Light-Weight Block Cipher which focuses on the implementation of a lighter version of the original block cipher so that it can fit into low-powered devices (Joseph Sekar & Balasubramanian, 2017). Another component is the Light-weight Stream Cipher which works well with a stream cipher because it is able to generate a secret and stream key as an initialization vector during data transmission. The designs for this type of light weight cryptography include Feedback shift register which enhances the security of a given device (Joseph Sekar & Balasubramanian, 2017). Though these components are preferred for light-weight crypto algorithms while using very little memory overheads, they still expose low-powered devices to different security threats (Joseph Sekar & Balasubramanian, 2017).
Performance Metrics
A lightweight cryptography system is comprised of a Gate Equivalent Measure (GE) which is used to compare between different light weight crypto implementations (Ranasinghe, 2008). For instance, by applying NAND gate, a two input system, that applies a very tiny logic gate. Using this system, the smallest Advanced Encryption Standard implementation takes about 2500 GE (Ranasinghe, 2008). However, 200–2000 GE is the most appropriate for RFID devices with a low cost. Because of these parameters, it makes it really difficult to implement sophisticated encryption algorithms on RFID devices (Ranasinghe, 2008). To solve this challenge, modern light- weight cryptography is preferred because it is able to perform encryption within 1000 GE (Ranasinghe, 2008).
Lightweight Cryptographic Algorithms
Most low-powered devices operate under an internet of things environment. As such, these devices tends to limited interns of their memory, power consumption and battery life which can often be a major security concerns because they are unable to support applications and operations promote modern security and privacy procedures. The application of lightweight cryptography is seen as a solution to some of these challenges because they help minimize the amount of threat. One such algorithm is the cipher structure which focuses on the implementation of a lighter version of the original block cipher so that it can fit into low-powered devices (Joseph Sekar & Balasubramanian, 2017). Another commonly used algorithm is the Stream Cipher which works well with a stream cipher because it is able to generate a secret and stream key as an initialization vector during data transmission (Joseph Sekar & Balasubramanian, 2017). In both cases, the algorithms used in lightweight cryptography have Feedback shift register which enhances the security of a given device. A challenging aspect of these algorithms is that their designs are in such a way that they occupy the smallest space and size possible in order to satisfy a given market need, which implies that they tend to low RAM and ROM for cryptography (Ranasinghe, 2008). This means that when such devices are subjected to operations that require quick and fast processing of information and data, they tend to be slow to execute different operations. As such, unable to support applications and operations promote modern security and privacy procedures.
Current and Future Challenges in Lightweight Cryptography
The biggest challenge affecting lightweight cryptography is that most devices using this technology have limited energy supply. Just like other electronically connected devices, devices applying lightweight cryptography also need to protect from different security threats by ensuring that there is quick identification and authentication of data as a protective measure. In other words, though the internets of things devices have a design that promotes their usage and applicability, these designs often pose a lot of security challenges.
Another challenge is that they tend to have very limited RAM and ROM which can be a huge security challenge. For instance, electronic products like fitness trackers, sensors that monitor tire pressure, smart watches and smart lighting grid systems often apply the lightweight cryptography technology (Ranasinghe, 2008). The designs of these products are in such a way that they occupy the smallest space and size possible in order to satisfy a given market need, which implies that they tend to low RAM and ROM for cryptography (Ranasinghe, 2008). This means that when such devices are subjected to operations that require quick and fast processing of information and data, they tend to be slow to execute different operations (Ranasinghe, 2008). As such, this lapse in the execution of different processes can be used by attackers as security bleach because they can take advantage of such a situation.
Given the fact that low-powered devices have limited memory, storage and processing capabilities they do pose a serious security threat. For instances, security measures that apply encryption are not suitable for these devices because their low power cannot allow they to perform complex tasks such as encryption and decryption which would often use a lot of power (Ranasinghe, 2008). To counter these threats, such devices apply lightweight encryption algorithms but they do not offer enough security measures (Ranasinghe, 2008). For instance, these limitations expose these devices to various security threats like power analysis attacks that are often used to reverse engineer their algorithms. As such, low powered devices are often exposed to the risks of numerous cyber attacks due to the vulnerability caused by the limitations that come with low power supply.
Conclusion
From the foregoing, though tlow-powered devices have a design that promotes their usage and applicability, these designs often pose a lot of security challenges. Ordinary cryptography techniques such as Hashing, encryption and signing do well on systems with a high processing and memory capabilities, they fail to work well in a world where sensor networks and embedded systems are commonly used. As such, the adoption of lightweight cryptography is meant to solve some of the challenges associated with the traditional cryptography. The working mechanisms of lightweight cryptography involve optimization of encryption algorithms using standard cryptographic procedures so that it can be applicable to low powered devices. Light-weight cryptography utilizes different components of a cryptography system. One of these components is the Light-Weight Block Cipher which focuses on the implementation of a lighter version of the original block cipher so that it can fit into low-powered devices. Another component is the Light-weight Stream Cipher which works well with a stream cipher because it is able to generate a secret and stream key as an initialization vector during data transmission. However, even with these components in place, devices using light-weight cryptography technology are still vulnerable to different security bleaches. As such, users of these devices should be conversant about these dangers.
References
Aghaie, A., Kermani, M. M., & Azarderakhsh, R. (2018). Comparative realization of error detection schemes for implementations of mixcolumns in lightweight cryptography. Proceedings of the 15th ACM International Conference on Computing Frontiers – CF 18. doi:10.1145/3203217.3203258
Alippi, C., Bogdanov, A., & Regazzoni, F. (2014). Lightweight cryptography for constrained devices. 2014 International Symposium on Integrated Circuits (ISIC). doi:10.1109/isicir.2014.7029580
Buchanan, W. J., Li, S., & Asif, R. (2017). Lightweight cryptography methods. Journal of Cyber Security Technology, 1(3-4), 187-201. doi:10.1080/23742917.2017.1384917
Joseph, M., Sekar, G., & Balasubramanian, R. (2017). Distinguishing Attacks on (Ultra-)Lightweight WG Ciphers. Lecture Notes in Computer Science Lightweight Cryptography for Security and Privacy, 45-59. doi:10.1007/978-3-319-55714-4_4
Ranasinghe, D. C. (2008). Lightweight Cryptography for Low Cost RFID. Networked RFID Systems and Lightweight Cryptography, 311-346. doi:10.1007/978-3-540-71641-9_18