Lightweight S Stream C Cipher Scheme f for R Resource- - - PowerPoint PPT Presentation

lightweight s stream c cipher scheme f for r resource
SMART_READER_LITE
LIVE PREVIEW

Lightweight S Stream C Cipher Scheme f for R Resource- - - PowerPoint PPT Presentation

Sep 15, 2022 19 likes •150 views

Lightweight S Stream C Cipher Scheme f for R Resource- Constrained I IoT D Devices WIMOB 2019 October 21st 23rd, 2019 Casa Convalescncia, Barcelona, Spain Authors: Hassan Noura, Raphal Couturier, CongDuc Pham and Ali Chehab

slide-1
SLIDE 1

Lightweight S Stream C Cipher Scheme f for R Resource- Constrained I IoT D Devices

WIMOB 2019 – October 21st – 23rd, 2019 Casa Convalescència, Barcelona, Spain Authors: Hassan Noura, Raphaël Couturier, CongDuc Pham and Ali Chehab Presented on October 22nd, 2019 by Prof. Congduc Pham

  • Prof. Congduc Pham

http://www.univ-pau.fr/~cpham Université de Pau, France

IoT – from idea to reality

slide-2
SLIDE 2

2

  • Prof. Congduc Pham

http://www.univ-pau.fr/~cpham

Needs, constraints, cost, design approach, control mechanism

Challenge: Bridging the digital divide

Deploying IoT in Africa

[technology does not automatically or inevitably improve people's lives; creative solutions must be contextually grounded and designed in response to on-the-ground needs]

From Bill & Melinda Gates foundation, Global Grand Challenges

slide-3
SLIDE 3

3

  • Prof. Congduc Pham

http://www.univ-pau.fr/~cpham

IoT security

⊙ Introducing security/encryption can dramatically impact the IoT system performance

⊙ Higher computation ⊙ Additional delays ⊙ Higher energy consumption, thus decreasing lifetime

⊙ Innovative IoT systems can have larger amount of data to send

⊙ Image IoT devices 10-15kms

slide-4
SLIDE 4

4

  • Prof. Congduc Pham

http://www.univ-pau.fr/~cpham

Requires a large number of rounds and operations such as AES (Advanced Encryption Standard) because round functions are usually static

Symmetric cryptographic algorithms

slide-5
SLIDE 5

5

  • Prof. Congduc Pham

http://www.univ-pau.fr/~cpham

Proposed approach

⊙ Lightweight Stream Cipher: dynamic key derivation function

slide-6
SLIDE 6

6

  • Prof. Congduc Pham

http://www.univ-pau.fr/~cpham

Cipher scheme

⊙ LSC's Cipher scheme is divided into two sub-functions

⊙ RoundFunction ⊙ Update-RM

Only once

slide-7
SLIDE 7

7

  • Prof. Congduc Pham

http://www.univ-pau.fr/~cpham

LSC's main advantages

⊙ LSC is based on the dynamic key dependence approach and therefore can use only one iteration which requires less computation and resources ⊙ LSC also avoids chaining and diffusion operations to further reduce the computational complexity ⊙ LSC updates the cryptographic primitives after each encrypted/decrypted block to provide a higher security level ⊙ Minimum effect of error propagation as LSC encrypts 1 block at a time instead of 2 blocks ⊙ Overall, it can result in simpler implementation

slide-8
SLIDE 8

8

  • Prof. Congduc Pham

http://www.univ-pau.fr/~cpham

Analysis

⊙ Security analysis

⊙ Randomness analysis ⊙ Key sensitivity ⊙ Message sensitivity

⊙ Performance analysis

⊙ Using low-end microcontroller: 8- bit ATmega328P, 2K RAM, 8MHz ⊙ Using high-end micro-controller: 32-bit Cortex-M4, 96K RAM, 48MHz

⊙ Comparison between

⊙ AES (multi-round) ⊙ Speck (multi-round, light) ⊙ LSC (single-round, light)

56° lens 76° lens 116° lens

+

RX Pin 1 GND MOSI UART1 ucamII Pin 1 MISO CS SCK SCK CS 3.3v 3.3v RAW TX
slide-9
SLIDE 9

9

  • Prof. Congduc Pham

http://www.univ-pau.fr/~cpham

Randomness analysis

Two different tests can be applied to quantify the randomness level, which are : the correlation between adjacent elements the difference between the

  • riginal and encrypted

The encrypted message should reach a high level of randomness

cipher scheme reaches the independence if and only if it satisfies Diff ≈50%

TestU01 practrand

slide-10
SLIDE 10

10

  • Prof. Congduc Pham

http://www.univ-pau.fr/~cpham

Key sensitivity

⊙ Difference in percentages between the encrypted messages, if

  • ne bit differs in the secret key (i.e. our dynamic key)

⊙ The desired value is 50% difference at the bit level.

% 100 level bit in

  • f

Length in s

  • ccurrence

bit

  • f

Counts ´ = Y Y KS

Key Nonce

slide-11
SLIDE 11

11

  • Prof. Congduc Pham

http://www.univ-pau.fr/~cpham

Message sensitivity

⊙ LSC uses a dynamic key approach which changes cipher primitives for each input message ⊙ Identical messages will then be encrypted under different dynamic keys and consequently different encrypted messages will be

  • btained (difference close

to 50%)

Cipher

M K

Cipher

' M K

C

' C Y

% 100 level bit in

  • f

Length in s

  • ccurrence

bit

  • f

Counts ´ = Y Y PS

slide-12
SLIDE 12

12

  • Prof. Congduc Pham

http://www.univ-pau.fr/~cpham

Performance

264 472 704 928 1160 1376 1608 1832 2040 2264 2496 2736 2952 3168 3392 2496 4968 7464 9944 1214614912173921987222352248322730429784322803476037256 1984 3944 5784 7616 9472 11312131761499216832186802054422384242162607227888

10000 20000 30000 40000 16 32 48 64 80 96 112 128 144 160 176 192 208 224 240 Encryption time in us Message size in bytes

LSC vs AES vs Speck on Arduino ProMini Encryption time

LSC AES SPECK

10 18 26 32 41 48 55 63 71 78 86 93 101 108 115 287 574 857 1143 1427 1715 1998 2283 2568 2855 3139 3426 3709 3995 4282 8 15 22 30 37 44 50 61 66 73 80 87 95 101 109

1000 2000 3000 4000 5000 16 32 48 64 80 96 112 128 144 160 176 192 208 224 240 Encryption time in us Message size in bytes

LSC vs AES vs Speck on Teensy32 Encryption time

LSC - 48MHz AES - 48MHz SPECK - 48MHz

9.45 10.53 10.60 10.72 10.47 10.84 10.82 10.85 10.96 10.97 10.94 10.89 10.93 10.97 10.98 7.52 8.36 8.22 8.21 8.17 8.22 8.19 8.18 8.25 8.25 8.23 8.18 8.20 8.23 8.22

10 20 16 32 48 64 80 96 112 128 144 160 176 192 208 224 240 Message size in bytes

LSC vs AES & SPECK on Arduino Encryption time ratio

AES-LSC ratio SPECK-LSC ratio

28.70 31.89 32.96 35.72 34.80 35.73 36.33 36.24 36.17 36.60 36.50 36.84 36.72 36.99 37.23 0.80 0.83 0.85 0.94 0.90 0.92 0.91 0.97 0.93 0.94 0.93 0.94 0.94 0.94 0.95

20 40 16 32 48 64 80 96 112 128 144 160 176 192 208 224 240 Message size in bytes

LSC vs AES & SPECK on Teensy32 Encryption time ratio

AES-LSC ratio SPECK-LSC ratio

slide-13
SLIDE 13

13

  • Prof. Congduc Pham

http://www.univ-pau.fr/~cpham

Conclusions

⊙ an efficient lightweight stream cipher scheme (LSC) was proposed for tiny IoT devices ⊙ existing standard ciphers are not adapted for these devices since a higher number of round iterations is required to reach the desired security level (because of static round function) ⊙ LSC is based on the dynamic key dependence approach to reach a good balance between security level and device’s performance ⊙ statistical tests and experimentations on real IoT hardware show that LSC is a promising candidate for resource-constrained IoT ⊙ outperforming traditional AES in terms of encryption/decryption time as well as the more recent Speck algorithm on low-end microcontrollers