Efficient coding for small devices

Created by Aeneas Rooch | |   Transfer

Controlling the heating while on the move or locking the door wirelessly - networked devices offer fascinating possibilities, but must be protected against hacker attacks.

A car key is an inconspicuous object, but it contains complicated mathematics: After all, if you open your car by radio from a few steps away, you want to be sure that criminals won't be able to intercept the radio signal and play the command to open the car even without the key; that's why the communication between the car and the car key is encrypted using mathematical methods.

A car key, however, is not a high-performance computer: with its cheap chip and small battery, it cannot manage complicated calculations. It is therefore a hardship case for IT experts like Prof. Dr. Gregor Leander.

The professor of IT security specializes in lightweight cryptography and develops economical encryption methods at the RUB. They can be used in small, cheap sensors and chips where only little computing power and electricity are available - for example in the window frame, in the thermostat knob or in the car key. Yet they are secure.

"It's not a problem to find a secure or a simple encryption method," the scientist says. "But the secure methods are mostly complicated, and the simple methods are mostly insecure. So the challenge is to create both at the same time: security and simplicity."

That sounds obvious, but it's not: "Super-bad algorithms are often used in industry," Gregor Leander complains. He and his colleagues want to remedy the situation.

Making messages unintelligible

Cryptography is about altering a message so that the result is no longer understandable to outsiders, but insiders can translate it back. Every message is represented in the computer by a sequence of the digits zero and one, bits. The goal in cryptography is to convert a given sequence of zeros and ones according to a certain procedure.

The procedure comprises, on the one hand, an encryption rule, a general instruction that is generally known; on the other hand, a key, a special supplement to the rule that looks different in each individual case and should remain as secret as possible. The clever combination of the rule and the key is what makes an encryption method good and secure.

Block ciphers as an encryption method

Gregor Leander is specifically concerned with symmetric encryption methods, in which both the sender of a message and the recipient possess the key needed to encrypt and decrypt the message. "In practice, virtually all data is encrypted using symmetric methods," says the IT scientist, "because they are very fast. Only for exchanging the key between sender and receiver do you use other methods."

Among symmetric encryption methods, Gregor Leander focuses on block ciphers, in which the message to be encrypted is divided into blocks and the encryption takes place block by block. The blocks each have a fixed length. Often, the encryption on such a block consists of several rounds: A block consisting of the digits zero and one is thus changed several times in succession according to a certain rule using the key.

"For one thing, this is easy to program," explains Gregor Leander. "In addition, when we use a procedure according to this pattern, we can better see why it works, that is, why it is secure."

Since the encryption scheme is common knowledge, the goal for attackers is to figure out the key. Theoretically, this is possible through blunt trial and error. This is because the key also has a fixed length and, from the computer's point of view, is also just a sequence of the digits zero and one.

Cracking codes by trial and error

If you know a plaintext and what the encryption scheme has made of it, you just have to put every possible key in front of the encryption scheme - that is, every possible sequence of zeros and ones of the length of the key - until you find the key that turns the known plaintext into the known ciphertext.

In practice, to prevent attackers from doing just that, one selects keys that are so long that trying through all possible sequences of bits would take an inconceivably long time. But a code can be cracked not only by trial and error, but also by clever analysis. Here, attackers look for shortcuts, so to speak, i.e. mathematical simplifications that allow finding the secret key without trying through all possibilities.

An example of such a mathematical shortcut is the linear cryptanalysis. Here, the attacker tries to approximate the encryption method by a linear, or very simple, function.

In addition to developing new encryption methods, Gregor Leander's work is therefore also about better understanding in general what makes symmetric encryption methods secure: "The challenge for us is to invent methods that cannot be easily seen through," says the researcher.

For example, Gregor Leander and his colleagues invented the "Present" encryption method. The International Organization for Standardization, or ISO, has since recognized it as a standard. The message to be encrypted is divided into blocks of 64 bits, i.e. a sequence of 64 ones and zeros. These 64 bits are in turn considered in sections of four bits each.

First, the four zeros and ones in each section are changed according to a certain recipe. Then all 64 bits are shuffled. Then the next round begins, in which the bits are again first changed in blocks of four and then shuffled in the whole block of 64, and so on. Both the changing of the blocks of four and the shuffling of the 64 digits must meet certain requirements so that the procedure, although it sounds so simple, is safe.

Noise data as wildly as possible

On the one hand, the changes should be as little linear as possible, that is, in a sense, they must not be too simple. On the other hand, the swapping must be as wild as possible, so that characters from the beginning are also swapped with characters from the end and not only characters from the nearest neighborhood change places. The goal is that after several rounds of these simple operations, the message is alienated as much as possible in an opaque way.

Gregor Leander works closely with researchers and experts from the engineering sciences. He considers interdisciplinary collaboration to be extremely important. After all, in order to deliver the right mathematics for low-cost and energy-constrained applications, he needs to understand what low-cost and energy-constrained actually mean in terms of hardware. After all, his algorithms can be used in a wide range of practical applications.

More security for small things

For example, not only a car key uses low-cost cryptography, but also a pacemaker: It can be set by radio, and of course the communication here must also be secured. Like the car key, the pacemaker does not have a powerful computer for encryption, and there is merely a small battery.

"Dick Cheney, the former Vice President of the USA, allegedly had the remote control function of his pacemaker deactivated out of fear of an attack by radio," reports Gregor Leander. The IT scientist himself is more relaxed about this, although he sees a lot of catching up to do: "In practice, insecure algorithms are often used."

Yet lightweight cryptography is a key challenge in Industry 4.0, which requires intelligent, networked systems for production and logistics. For example, radio tags, or RFID for radio-frequency identification, not only serve as anti-theft devices, but are also used to track packages and tag animals. They are used in passports and ID cards and can be found in the form of contactless smart cards for buses and trains. The encryption methods Gregor Leander is developing can serve all these purposes.

 

Click here for the original article from the RUB news.

Prof. Dr. Gregor Leander
© Roberto Schirdewahn
To Top