Security assurance schemes for IoT devices - Security Assurance Scheme Research Team | Cyber Physical Security Research Center

Lightweight Cryptography

When ensuring the security of embedded devices, which play an important role in various IoT applications, implementation resource constraints in software and hardware are issues. Expectations for security countermeasure technology, which is a technology that can be implemented with low resources even for RFID tags and inexpensive microcontrollers, which are difficult to handle with conventional general-purpose encryption, have increased.

Many IoT devices that have been attracting attention in recent years can support computing and communication functions. However, these devices need to address security issues. These issues with such devices have recently opened up an active area of research called "lightweight cryptography." The challenge in this area is to design crypto primitives or protocols that must be implemented under resource limits (CPU/memory usage).

On the other hand, designing secure cryptography is a difficult research subject. Since 2005, significant progress has been made in cryptanalysis for cryptographic technologies (hash functions) such as MD5 and SHA-1, which have applications such as data authentication and key management and form the basis of equipment and system security. In response to such cryptanalysis trends, NIST held a SHA-3 competition in 2007, conducted an open evaluation through open recruitment, and selected a cryptographic technology with high expectations for security.

There are hardware and software in the implementation form of cryptographic technology, and the implementation environment is diverse. For example, cost constraints may require implementation on an 8-bit CPU, or power savings may be required. Lightweight cryptography can be regarded as a technology for special purposes, and when compared with the widely used general-purpose cryptography such as AES, it is required in the target application and mounting environment without significantly reducing the security. Achieving the performance that can be achieved is the research subject of lightweight cryptography. As a solution to the problem, we are working on building an attacker model and formulating a methodology to strictly prove safety on that model.

With the progress of IoT, various applications and implementation environments are expected, and we believe that the need for lightweight cryptography is also increasing. In order to meet the expectations of industry and society, we are promoting the development of "lightweight cryptography" technology that can be installed in IoT devices with high security even with limited mounting resources, and international standardization in ISO / IEC JTC1 SC27, etc. .

Paper

Yuhei Watanabe, Hideki Yamamoto, Hirotaka Yoshida: Towards Minimizing RAM Requirement for Implementation of Grain-128a on ARM Cortex-M3. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 103-A(1): 2-10 (2020)
Yuhei Watanabe, Hideki Yamamoto, Hirotaka Yoshida: Lightweight Crypto Stack for TPMS Using Lesamnta-LW. Secur. Commun. Networks 2020: 5738215:1-5738215:12 (2020)
Shoichi Hirose, Yu Sasaki, Hirotaka Yoshida: Lesamnta-LW Revisited: Improved Security Analysis of Primitive and New PRF Mode. ACNS (1) 2020: 89-109
Martin Hell, Thomas Johansson, Willi Meier, Jonathan Sönnerup, Hirotaka Yoshida: An AEAD Variant of the Grain Stream Cipher. C2SI 2019: 55-71
Shoichi Hirose, Hidenori Kuwakado, Hirotaka Yoshida: Authenticated Encryption Based on Lesamnta-LW Hashing Mode. ICISC 2019: 52-69
Shoichi Hirose, Hidenori Kuwakado, Hirotaka Yoshida: A Pseudorandom-Function Mode Based on Lesamnta-LW and the MDP Domain Extension and Its Applications. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 101-A(1): 110-118 (2018)
Shugo Mikami, Hirotaka Yoshida, Dai Watanabe, Kazuo Sakiyama: Correlation Power Analysis and Countermeasure on the Stream Cipher Enocoro-128v2. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 96-A(3): 697-704 (2013)
Shoichi Hirose, Kota Ideguchi, Hidenori Kuwakado, Toru Owada, Bart Preneel, Hirotaka Yoshida: An AES Based 256-bit Hash Function for Lightweight Applications: Lesamnta-LW. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 95-A(1): 89-99 (2012)
Shoichi Hirose, Kota Ideguchi, Hidenori Kuwakado, Toru Owada, Bart Preneel, Hirotaka Yoshida: A Lightweight 256-Bit Hash Function for Hardware and Low-End Devices: Lesamnta-LW. ICISC 2010: 151-168
Hirotaka Yoshida, Dai Watanabe, Katsuyuki Okeya, Jun Kitahara, Hongjun Wu, Özgül Küçük, Bart Preneel: MAME: A Compression Function with Reduced Hardware Requirements. CHES 2007: 148-165