NIST initiates first call for lightweight cryptography to protect IoT devices
The U.S. Commerce Department’s National Institute of Standards and Technology (NIST) recently kicked off an effort to strengthen the cryptographic defense of internet of things (IoT) networked devices against cyberattacks and protect the data created by those innumerable devices.
Within IoT networks, sensors, actuators and other micromachines that function as eyes, ears and hands of the network work on scant electrical power and use circuitry far more limited than the chips found in even the simplest cell phone. These small electronics include keyless entry fobs to cars and the Radio Frequency Identification (RFID) tags used to locate boxes in vast warehouses.
These gadgets are inexpensive to make and will fit nearly anywhere, but common encryption methods to secure them may demand more electronic resources than they possess. As such, NIST is launching an effort to create security solutions to this constraint.
NIST’s lightweight cryptography initiative aims to develop cryptographic algorithm standards that can work within the confines of a simple electronic device. The ultimate goal is to develop lightweight encryption standards that benefit the entire marketplace.
As an initial step, NIST issued the Draft Submission Requirements and Evaluation Criteria for the Lightweight Cryptography Standardization Process as the first draft of its request to seek assistance from the software development community in developing requirements and guidelines for lightweight cryptography solutions.
According to the NIST document, lightweight cryptography is a subfield of cryptography that aims to provide solutions tailored for resource-constrained devices. There has been a significant amount of work done by the academic community related to lightweight cryptography; this includes efficient implementations of conventional cryptography standards, and the design and analysis of new lightweight primitives and protocols.
“The IoT is exploding, but there are tons of devices that have nothing for security,” said NIST computer scientist Dr Kerry McKay.
According to Dr McKay, effective standards must bring a well-defined solution that applies to a wide class of situations—and that made the wording of the request tricky.
“There’s such a diversity of devices and use cases that it’s hard to nail them all down. Our thinking had to be broad for that reason.”
To ensure they were getting off to the right start, Dr McKay and the team members spent four years consulting with industry groups ranging from smart power grid experts to auto manufacturers.
This has led the team to stipulate that submitted algorithms must have been published previously and been analysed by a third party. These solutions typically use symmetric cryptography in which both the sender and recipient have an advance copy of a digital key that can encrypt and decrypt messages.
The NIST team specifies that these algorithms should provide authenticated encryption with associated data (AEAD) in symmetric crypto applications as it allows a recipient to check the integrity of both the encrypted and unencrypted information in a message. It is also stipulated that if a hash function is used to create a digital fingerprint of the data, the function should share resources with the AEAD to reduce the cost of implementation.
Dr McKay said that while the AEAD and hash tools should cover nearly everything that a developer would want to do with symmetric cryptography, she and the team are looking forward to comments from the public on whether the draft’s requirements are sufficient.
“We want the entire lightweight crypto standards development process to be open and transparent, with the public involved at every step, she said.
A Federal Register Notice will soon announce a public comment period so that the community can weigh in on the draft submission guidelines. After the issue of the Federal Register notice, NIST will be accepting comments on the draft for 45 days, and will consider these comments before releasing the formal submissions guideline document. Following its release, NIST anticipates a 6-month submission window for lightweight cryptographic algorithms.
NIST will then form an internal selection panel composed of NIST researchers to analyse the submissions and all of its analysis results will be made publicly available. The initial phase of evaluation will consist of approximately 12 months of public review of the submitted algorithms.