Designing lightweight cryptography for the IoE

This entry was posted on Tuesday, September 15th, 2015.

Ernest Worthman of Semiconductor Engineering recently noted that we have entered an age where technology is expected to do more, faster, anonymously, and often invisibly.

“It’s supposed to use less power, with smaller footprints, unobtrusively and intuitively,” he explained. “And all that needs to be protected with cryptography.”

Hardware-based encryption market revenue to hit $36.4 billion

However, as Simon Blake-Wilson, VP of products and marketing for Rambus‘ Cryptography Research Division points out, “the lower the security level, the more has to be compromised.”

To mitigate the effects of that compromise, says Worthman, the industry is developing and implementing lightweight ciphers, cryptography primitives and lightweight processor cores.

“There are a lot of MPU architectures that exist in the archives that have the potential to serve as lightweight crypto processors,” he told Semiconductor Engineering. “However, it seems to be difficult to bring together the right compact core and a workable instruction set architecture (ISA) that is both compact, and code-efficient enough to run on the core.”

As such, the semiconductor industry is currently exploring the possibility of employing non-standard approaches.

“Standard cryptography approaches on light devices are not feasible, mainly because the pin count is so restricted, the amount of power they draw, and the amount of energy available to them,” said Pankaj Rohatgi, director of engineering at Rambus’ Cryptography Research Division. “[Nevertheless], the need for IoE devices, especially in sensors and tags, is mushrooming and the awareness of cryptography for these devices is growing as well.”

As Blake-Wilson points out, one has to look at three things when designing lightweight cryptography for the IoE.

“[These include] the algorithms used, how to securely implement them, and, finally, how one manages those algorithms and the keys. When you look at lightweight cryptography for the IoE, you have to look at those three areas.”

Chowdary Yanamadala, VP of business development at ChaoLogix, expressed similar sentiments.

“No matter how light the chips are, there are two security features that they must contain—encryption and authentication.”

Fortunately, progress is being made, despite the myriad of challenges associated with building lightweight cryptography processors for the IoT.

According to Worthman, one potential solution could focus on designing a custom hardware platform, which would likely be most suitable for high-value targets. Meanwhile, a software-centric approach would allow hardware platforms to implement a wide range of cryptographic options. Nevertheless, as Worthman explains, a software approach would be “computationally burdened,” which often translates into sub-par performance.

“So the development has been around finding the magic bullet that brings hardware and software together to create a practical platform,” he added.

Interested in learning more? The full text of Ernest Worthman’s “Lightweight Cryptography For The IoE” is available on Semiconductor Engineering here.