Low-cost Public-key Cryptography for M2M using Scalable Coprocessors

PI: Prof. Bo-Yin Yang    Co-PI: Prof. Chen-Mou Cheng
Intel Champion: Jesse Walker & Meiyuan Zhao

We propose to secure M2M systems using strong, hardware-assisted public-key cryptography (PKC). In contrast to the conventional wisdom that PKC is too "expensive" for M2M sensors, it actually can lower the total cost of ownership because of cost savings in provision, deployment, operation, maintenance, and general management.

Furthermore, PKC can be more energy-efficient because PKC-based security protocols usually involve less communication than their symmetric-key-based counterparts, and communication is getting rela-tively more and more expensive compared with computation. More importantly, recent algorithmic advances have brought several new PKCs that are orders of magnitude more efficient than traditional PKCs such as RSA. These include post-quantum cryptosystems like multivariates and NTRU, a lattice-based cryptosystem. There are also identity-based cryptosystems that admit especially light-weight management but are computationally more expensive compared with the former. It is therefore our goal in this project to demonstrate the feasibility of using hardware-based PKC to provide general data security in M2M applications.

Specifically, we plan to achieve our goal by designing and implementing a complete, proof-of-concept PKC-based system called Hydra. At the core, Hydra will contain a scalable and programmable cryptographic coprocessor. The design is scalable in the sense that it can be scaled down to meet the stringent resource constraints on low-end sensors as well as scaled up to run on high-end sensors and gateways such as those equipped with Intel Atom processors. Such scalability enables design reuse across vertical markets, resulting in further cost reduction. In addition to hardware, Hydra will also contain the accompanying toolchains and software libraries. Together, they enable Hydra to provide basic PKC primitives that guarantee authenticity, confidentiality, integrity, and non-repudiation of the data exchanged between sensors. Based on these primitives, intermediary-level and more advanced services and protocols like multi-way authentication, key management, digital signature, and privacy-preserving discovery can be built. Our demonstration will be driven by realistic requirements and scripts coming from other SIGs.

In addition to fostering synergy across SIGs, this is the best way for us to show that the design effectively achieves our goal and can be applied across multiple vertical markets.

Members

VIEW MORE
楊柏因 Bo-Yin Yang 計畫主持人

Publications

C. Tsai et al., "A 1.96mm2 low-latency multi-mode crypto-coprocessor for PKC-based IoT security protocols", in 2015 IEEE International Symposium on Circuits and Systems (ISCAS), pp. 834-837.

臺大IOX創新研究中心 臺大IOX創新研究中心 臺大IOX創新研究中心

Y. Chang et al., "Hydra: An Energy-Efficient Programmable Cryptographic Coprocessor Supporting Elliptic-Curve Pairings over Fields of Large Characteristics", in Advances in Information and Computer Security, M. Yoshida, K. Mouri, Eds., Cham: Springer International Publishing, 2014, pp. 174–186.

臺大IOX創新研究中心 臺大IOX創新研究中心 臺大IOX創新研究中心

M. P. Lin et al., "Design and implementation of multi-user secure indices for encrypted cloud storage", in 2013 Eleventh Annual Conference on Privacy, Security and Trust, pp. 177-184.

臺大IOX創新研究中心 臺大IOX創新研究中心 臺大IOX創新研究中心