2. What is Internet of Things?
It’s basically collection of devices that are connected to the Internet and communicate with
other devices.
The term was coined by Kevin Ashton in 1999.
A Coke vending machine at Carnegie Mellon U. is considered as the first IoT device (1982).
4. Why Lightweight Cryptography
Typical IoT devices are resource-constrained. They generally have
lower computational power,
smaller memory size,
lower power consumption,
smaller physical size,
lower price
than full-fledged devices such as PCs, laptops, or tablets. We need cryptography algorithms that
have small footprints and consume low power without sacrificing security.
5. ISO/IEC 29192
Is about standards on lightweight cryptography.
Lightweight cryptography is classified by a combination of the constraints on chip area, energy
consumption, program code and RAM size, communication bandwidth, and execution time.
Defines 80 bits security as the minimum security strength for lightweight cryptography.
Specifies a number of block ciphers, stream ciphers, and hash functions as standards.
Not yet completed. Work still in progress for standards on MAC.
7. PRESENT Block Cipher
Designed for some very specific applications for which AES is unsuitable.
Designed to conform these characteristics:
To be implemented on hardware
For applications that only need moderate security level
For applications that unlikely to encrypt large amount of data
Where physical size, power consumption, and execution time are the primary concerns (after security).
For some applications it is possible that the key will be fixed at the time when the device is
manufactured.
For some applications the cipher will be used to perform encryption only.
Hardware implementation of PRESENT has much higher throughput and requires a half of gates
compared to the implementation of AES with similar key size.
8. SIMON and SPECK Block Ciphers
Flexible secure block ciphers, can perform well on any platform.
64-256 bits key size, bits block size
SIMON is more hardware oriented, SPECK is more software oriented.
Hardware implementation requires less gates than other algorithms.
9. Stream Ciphers
ISO/IEC 29192 specifies two stream ciphers:
Enocoro: 80 or 128 bits key size
Trivium: 80 bits key size
Both of them are hardware oriented.
The literatures do not really explain much about why these algorithms are considered
‘lightweight’ and do not compare them to other algorithms.
10. Hash Functions
ISO/IEC 29192 specifies three hash functions:
PHOTON: permutation size bits and output size bits
SPONGENT: permutation size bits and output size bits
Lesamnta-LW: permutation size 384 bits and outputs size 256 bits
11. SPONGENT Hash Function
Five different hash sizes: 88, 128, 160, 224, 256
Three types pre-image and second pre-image security level:
1) Full pre-image and second pre-image security level
2) Reduced second pre-image security level
3) Reduced pre-image and second pre-image security level
12. Lesamnta-LW Hash Function
Lightweight 256 bits hash function
Has collision, pre-image, and second pre-image security level of at least 2120.
Hardware implementation only requires 8240 gates.
Software implementation only requires 50 bytes of RAM and runs fast on short messages on 8-
bit CPUs.
13. Comparison
Cryptography algorithms designed for IoT are ‘lightweight’ because:
Designed specifically for constrained devices such as RFID tags and networked sensors (hardware
oriented).
Have several security levels that are sufficient to different types of applications.
Designed to process only small amount of data.
Existing popular cryptography algorithms are ‘heavy’ because:
Designed as general-purpose algorithms.
Generally software-oriented.
High security level.
Can process large amount of data.
