Lattice-Based Public Key Cryptosystem for Internet of Things Environment: Challenges and Solutions

Due to its widespread popularity and usage in many applications (smart transport, energy management, ${e}$ -healthcare, smart ecosystem, and so on), the Internet of Things (IoT) has become popular among end users over the last few years. However, with an exponential increase in the usage of IoT technologies, we have been witnessing an increase in the number of cyber attacks on the IoT environment. An adversary can capture the private key shared between users and devices and can launch various attacks, such as IoT ransomware, Mirai botnet, man-in-the-middle, denial of service, chosen plaintext, and chosen ciphertext. To mitigate these security attacks on the IoT environment, the traditional public key cryptographic primitives are inadequate because of their high computational and communication costs. Therefore, lattice-based public-key cryptosystem (LB-PKC) is a promising technique for secure communication. We discuss the taxonomy of two major problems, namely, the shortest path and the closest path problems with respect to the applicability of lattice-based cryptographic primitives for IoT devices. Moreover, we also discuss various LB-PKC techniques, such as NTRU, learning with errors (LWEs), and ring-LWE (R-LWE) which are often used to solve shortest path and lattice NP-hard problems in a polynomial time. We further classify the R-LWE into three categories, namely identity-based encryption, homomorphic encryption, and secure authentication key exchange. We describe the operations and algorithms adopted in each of these encryption mechanisms. Finally, we discuss the challenges, open issues, and future directions for applying LB-PKC in the IoT environment.

[1]  Sherali Zeadally,et al.  Taxonomy and analysis of security protocols for Internet of Things , 2018, Future Gener. Comput. Syst..

[2]  Chris Peikert,et al.  A Toolkit for Ring-LWE Cryptography , 2013, IACR Cryptol. ePrint Arch..

[3]  Ragib Hasan,et al.  HSC-IoT: A Hardware and Software Co-Verification Based Authentication Scheme for Internet of Things , 2017, 2017 5th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud).

[4]  Zhe Liu,et al.  Securing Edge Devices in the Post-Quantum Internet of Things Using Lattice-Based Cryptography , 2018, IEEE Communications Magazine.

[5]  Ravi Kumar,et al.  A sieve algorithm for the shortest lattice vector problem , 2001, STOC '01.

[6]  Rutvij H. Jhaveri,et al.  Survey of Various Homomorphic Encryption algorithms and Schemes , 2014 .

[7]  Abderrahmane Nitaj,et al.  Quantum and Post Quantum Cryptography , 2012 .

[8]  Vikram Singh A Practical Key Exchange for the Internet using Lattice Cryptography , 2015, IACR Cryptol. ePrint Arch..

[9]  Minqing Zhang,et al.  An efficient CCA-secure cryptosystem over ideal lattices from identity-based encryption , 2013, Comput. Math. Appl..

[10]  Craig Costello,et al.  Post-Quantum Key Exchange for the TLS Protocol from the Ring Learning with Errors Problem , 2015, 2015 IEEE Symposium on Security and Privacy.

[11]  William Whyte,et al.  NTRUSIGN: Digital Signatures Using the NTRU Lattice , 2003, CT-RSA.

[12]  Chris Peikert,et al.  On Ideal Lattices and Learning with Errors over Rings , 2010, JACM.

[13]  Chris Peikert,et al.  Lattice Cryptography for the Internet , 2014, PQCrypto.

[14]  Joseph H. Silverman,et al.  NTRU in Constrained Devices , 2001, CHES.

[15]  David A. Cooper,et al.  Quantum resistant public key cryptography: a survey , 2009, IDtrust '09.

[16]  Sherali Zeadally,et al.  Cybersecurity and Privacy Solutions in Smart Cities , 2017, IEEE Communications Magazine.

[17]  Lin Li,et al.  Comparison analysis and efficient implementation of reconciliation-based RLWE key exchange protocol , 2017, IACR Cryptol. ePrint Arch..

[18]  Joel J. P. C. Rodrigues,et al.  LaCSys: Lattice-Based Cryptosystem for Secure Communication in Smart Grid Environment , 2018, 2018 IEEE International Conference on Communications (ICC).

[19]  Daniele Micciancio Lattice-Based Cryptography , 2011, Encyclopedia of Cryptography and Security.

[20]  Michael Naehrig,et al.  A Comparison of the Homomorphic Encryption Schemes FV and YASHE , 2014, AFRICACRYPT.

[21]  Ashok Kumar Das,et al.  LSCSH: Lattice-Based Secure Cryptosystem for Smart Healthcare in Smart Cities Environment , 2018, IEEE Communications Magazine.

[22]  Miklós Ajtai,et al.  Generating Hard Instances of Lattice Problems , 1996, Electron. Colloquium Comput. Complex..

[23]  Joseph H. Silverman,et al.  NTRU: A Ring-Based Public Key Cryptosystem , 1998, ANTS.

[24]  Mauro Conti,et al.  A Survey on Homomorphic Encryption Schemes , 2017, ACM Comput. Surv..

[25]  J. Cheon,et al.  Survey on Identity based and Hierarchical Identity based Encryption Schemes , 2016 .

[26]  Jintai Ding,et al.  A Simple Provably Secure Key Exchange Scheme Based on the Learning with Errors Problem , 2012, IACR Cryptol. ePrint Arch..

[27]  Noah Stephens-Davidowitz,et al.  Discrete Gaussian Sampling Reduces to CVP and SVP , 2015, SODA.

[28]  Chris Peikert,et al.  An Efficient and Parallel Gaussian Sampler for Lattices , 2010, CRYPTO.

[29]  Miklós Ajtai,et al.  The shortest vector problem in L2 is NP-hard for randomized reductions (extended abstract) , 1998, STOC '98.

[30]  Hwajeong Seo,et al.  Efficient Software Implementation of Ring-LWE Encryption on IoT Processors , 2020, IEEE Transactions on Computers.

[31]  Chao Gao,et al.  Security Vulnerabilities of Internet of Things: A Case Study of the Smart Plug System , 2017, IEEE Internet of Things Journal.

[32]  Dan Boneh,et al.  Efficient Lattice (H)IBE in the Standard Model , 2010, EUROCRYPT.

[33]  Chris Peikert,et al.  Public-key cryptosystems from the worst-case shortest vector problem: extended abstract , 2009, STOC '09.