Singapore Institute of Technology
Browse

Design and Implementation of Certificateless Cryptography for IoT Applications

Download (1.03 MB)
conference contribution
posted on 2023-10-30, 01:13 authored by Neam Fares, Bo Wang, Spiridon BakirasSpiridon Bakiras

This work introduces a cryptographic module for IoT devices that addresses the security vulnerabilities that come with their widespread adoption. Four core cryptographic mod- ules are implemented, including data confidentiality, message integrity, authentication, and secure communication channels. Specifically, the SHA-256 hashing and AES128-CBC/GCM cipher modules are very efficient, with an execution time of just a few μs. For the key exchange functionality, we opted to leverage Elliptic Curve Cryptography (ECC) and, in particular, the BLS12-381 curve, because it enables the implementation of certificateless public-key cryptography. We demonstrate the performance of the Hash to Curve and pairing operations that are required by both the BLS12-381 digital signature scheme and the session key agreement protocol. The pairing operation consists of two main steps, namely, the Miller loop and the final exponentiation. On a 10 MHz clock frequency (simulated in FPGA), a pairing operation between two elliptic curve points takes around 3.68s to complete. Under the BLS12-381 digital signature scheme, the module for signing messages takes 0.76s, while the module for verifying signatures takes 7.35s. Finally, we identified that the parallel point-scalar multiplication technique was the most efficient, and the module for generating a session key on an IoT node takes around 4.03s. To summarize, this paper highlights the importance of addressing the security risks associated with IoT devices and presents a low-cost implementation of hardware- based cryptography for achieving robust security.

History

Journal/Conference/Book title

IEEE International Midwest Symposium on Circuits and Systems (MWSCAS), AUG 6-9 2023, Phoenix, Arizona, USA.

Publication date

2023-08-06

Version

  • Post-print

Rights statement

© 2023 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

Usage metrics

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC