Tiny Security : Evaluating energy   use for security in an IoT application

Söderquist, Mårten

January 2019

IoT devices are   increasingly used in the process of gathering scientific data. In   environmental monitoring IoT devices can be used as remote sensing devices to   collect information about e.g. temperature. To keep data reliable, various   security aspects have to be considered. Constrained devices are limited by   memory size and battery life, a security solution has to be developed with   this in mind. In this study an IoT security solution was developed in collaboration   with a research group in environmental science at Umeå University. We   selected commonly used algorithms and compared them with the goal to provide   authentication and integrity for an IoT application, while minimizing energy   use running on an Atmega 1284P. The results showed that the encryption   algorithm AES-256-GCM is a good choice for a total security solution.   AES-256-GCM provides authenticated encryption with additional data while, in   relation to the other tested algorithms, using energy at a low level and   leaving a small program size footprint.

Security

constrained device

AES

IoT

sensors

AEAD

ATmega1284P

ACORN128

Software Engineering

Programvaruteknik

Bezpečná autentizace a klíčový management v Internetu věcí / Secure Authentication and Key Management in the Internet of Things

Škunda, Patrik

January 2018

This thesis deals with issues of secure authentication and key management in the Internet of Things. It describes basic protocols used in IoT, cryptographic primitives, communication technologies in IoT and end elements. It also includes a measuring the performance of cryptographic primitives on Raspberry Pi and selecting the appropriate LPWAN simulation technology. The conclusion of the work is devoted to the simulation of a LoRaWAN network

Implementing and Evaluating the Quantum Resistant Cryptographic Scheme Kyber on a Smart Card / Implementering och utvärdering av den kvantresistenta kryptoalgoritmen Kyber på ett smartkort

Eriksson, Hampus

January 2020

Cyber attacks happen on a daily basis, where criminals can aim to disrupt internet services or in other cases try to get hold of sensitive data. Fortunately, there are systems in place to protect these services. And one can rest assured that communication channels and data are secured under well-studied cryptographic schemes. Still, a new class of computation power is on the rise, namely quantum computation. Companies such as Google and IBM have in recent time invested in research regarding quantum computers. In 2019, Google announced that they had achieved quantum supremacy. A quantum computer could in theory break the currently most popular schemes that are used to secure communication. Whether quantum computers will be available in the forseeable future, or at all, is still uncertain. Nonetheless, the implication of a practical quantum computer calls for a new class of crypto schemes; schemes that will remain secure in a post-quantum era. Since 2016 researchers within the field of cryptography have been developing post-quantum cryptographic schemes. One specific branch within this area is lattice-based cryptography. Lattice-based schemes base their security on underlying hard lattice problems, for which there are no currently known efficient algorithms that can solve them. Neither with quantum, nor classical computers. A promising scheme that builds upon these types of problems is Kyber. The aforementioned scheme, as well as its competitors, work efficiently on most computers. However, they still demand a substantial amount of computation power, which is not always available. Some devices are constructed to operate with low power, and are computationally limited to begin with. This group of constrained devices, includes smart cards and microcontrollers, which also need to adopt the post-quantum crypto schemes. Consequently, there is a need to explore how well Kyber and its relatives work on these low power devices. In this thesis, a variant of the cryptographic scheme Kyber is implemented and evaluated on an Infineon smart card. The implementation replaces the scheme’s polynomial multiplication technique, NTT, with Kronecker substitution. In the process, the cryptographic co-processor on the card is leveraged to perform Kronecker substitution efficiently. Moreover, the scheme’s original functionality for sampling randomness is replaced with the card’s internal TRNG. The results show that an IND-CPA secure variant of Kyber can be implemented on the smart card, at the cost of segmenting the IND-CPA functions. All in all, key generation, encryption, and decryption take 23.7 s, 30.9 s and 8.6 s to execute respectively. This shows that the thesis work is slower than implementations of post-quantum crypto schemes on similarly constrained devices.

post-quantum

cryptography

lattice-based cryptography

quantum-resistant

Kyber

constrained device

performance

evaluation

implementation

Communication Systems

Kommunikationssystem