More secure Internet of Things using robust encryption algorithms against side channel attacks

There are many recent revolutionary advances in information technology that include: wireless communication, the spread of mobile devices, and the Internet-of-Things (IoT). IoT will have an important role in connecting almost everything (mobile devices, cameras, home appliances, healthcare devices, military equipments, …, etc) to the Internet via different communication technologies such as Wi-Fi. This connection will have impact on many sectors of our life such as industry, economy, social life, and ICT sector. Moreover, there will be huge amounts of data (including financial and medical records for example) transmitted between those devices and the non-secure Internet. Some of these data might be very sensitive and their privacy and security must not be compromised. Here comes the need for Cryptographic systems to protect the vital data. There are many hardware and software implementations for the symmetric and asymmetric cryptographic algorithms such as AES, Elliptic Curve Cryptography, and RSA. And since we are talking about protecting physical devices connected to the Internet, we think that the hardware cryptosystems are more useful to be used in this case. In this paper, we introduce the IoT concept, applications, and challenges facing IoT. Then, we present the recent timing and fault Side Channel Attacks on cryptosystem implementations for the most secure encryption algorithms (AES, ECC, and RSA). Also, the countermeasures to protect these cryptosystems from such attacks are also presented.

[1]  Seungjoo Kim,et al.  RSA Speedup with Residue Number System Immune against Hardware Fault Cryptanalysis , 2001, ICISC.

[2]  Hisayoshi Sato,et al.  Exact Analysis of Montgomery Multiplication , 2004, INDOCRYPT.

[3]  Kouichi Itoh,et al.  A Practical Countermeasure against Address-Bit Differential Power Analysis , 2003, CHES.

[4]  Antoine Joux,et al.  Fault Attacks on RSA Signatures with Partially Unknown Messages , 2009, CHES.

[5]  Hala Tawalbeh,et al.  Lightweight Crypto and Security , 2017 .

[6]  David Vigilant,et al.  RSA with CRT: A New Cost-Effective Solution to Thwart Fault Attacks , 2008, CHES.

[7]  Yaser Jararweh,et al.  Large Scale Cloudlets Deployment for Efficient Mobile Cloud Computing , 2015, J. Networks.

[8]  Evangelos N. Gazis,et al.  Short Paper: IoT: Challenges, projects, architectures , 2015, 2015 18th International Conference on Intelligence in Next Generation Networks.

[9]  Xiao Hui Guo Application Models of IOT , 2013 .

[10]  Kevin Ashton,et al.  That ‘Internet of Things’ Thing , 1999 .

[11]  Yaser Jararweh,et al.  Energy Optimisation for Mobile Device Power Consumption: A Survey and a Unified View of Modelling for a Comprehensive Network Simulation , 2016, Mob. Networks Appl..

[12]  Lo'ai Tawalbeh,et al.  Resilience Mobile Cloud Computing: Features, Applications and Challenges , 2015, 2015 Fifth International Conference on e-Learning (econf).

[13]  D. Sylvester,et al.  IoT design space challenges: Circuits and systems , 2014, 2014 Symposium on VLSI Technology (VLSI-Technology): Digest of Technical Papers.

[14]  Yaser Jararweh,et al.  An integrated radix-4 modular divider/multiplier hardware architecture for cryptographic applications , 2012, Int. Arab J. Inf. Technol..

[15]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[16]  Xu Bing Key IOT Technology and Application Research , 2014 .

[17]  Adnan Abdul-Aziz Gutub,et al.  Efficient FPGA Implementation of a Programmable Architecture for GF(p) Elliptic Curve Crypto Computations , 2010, J. Signal Process. Syst..

[18]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[19]  Fahd M. Al-Dosari,et al.  A Secure Cloud Computing Model based on Data Classification , 2015, ANT/SEIT.

[20]  Yaser Jararweh,et al.  Trust delegation-based secure mobile cloud computing framework , 2017, Int. J. Inf. Comput. Secur..

[21]  Loizos Heracleous,et al.  A strategic view on smart city technology: The case of IBM Smarter Cities during a recession , 2014 .

[22]  Eui-Nam Huh,et al.  Cloud of Things: Integrating Internet of Things and cloud computing and the issues involved , 2014, Proceedings of 2014 11th International Bhurban Conference on Applied Sciences & Technology (IBCAST) Islamabad, Pakistan, 14th - 18th January, 2014.

[23]  Muhammad Waseem,et al.  A Review on Internet of Things (IoT) , 2015 .

[24]  Marc Joye,et al.  Protections against Differential Analysis for Elliptic Curve Cryptography , 2001, CHES.

[25]  Jean-Sébastien Coron,et al.  Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems , 1999, CHES.

[26]  Jean-Pierre Seifert,et al.  A new CRT-RSA algorithm secure against bellcore attacks , 2003, CCS '03.

[27]  Fahd M. Al-Dosari,et al.  Efficient Software-Based Mobile Cloud Computing Framework , 2015, 2015 IEEE International Conference on Cloud Engineering.

[28]  Marimuthu Palaniswami,et al.  Internet of Things (IoT): A vision, architectural elements, and future directions , 2012, Future Gener. Comput. Syst..

[29]  A TawalbehLo'ai,et al.  Hardware Design and Implementation of ElGamal Public-Key Cryptography Algorithm , 2010 .

[30]  Moad Yassin Mowafi,et al.  Use of elliptic curve cryptography for multimedia encryption , 2013, IET Inf. Secur..

[31]  Saadeh Sweidan,et al.  Hardware Design and Implementation of ElGamal Public-Key Cryptography Algorithm , 2010, Inf. Secur. J. A Glob. Perspect..