Towards lightweight Identity-Based Encryption for the post-quantum-secure Internet of Things

Identity-Based Encryption (IBE) was introduced as an elegant concept for secure data exchange due to its simplified key management by specifically addressing the asymmetric key distribution problems in multi-user scenarios. In the context of ad-hoc network connections that are of particular importance in the emerging Internet of Things, the simple key discovery procedures as provided by IBE are very beneficial in many situations. In this work we demonstrate for the first time that IBE has become practical even for a range of embedded devices that are populated with low-cost ARM Cortex-M microcontrollers or reconfigurable hardware components. More precisely, we adopt the IBE scheme proposed by Ducas et al. at ASIACRYPT 2014 based on the RLWE problem for which we provide implementation results for two security levels on the aforementioned embedded platforms. We give evidence that the implementations of the basic scheme are efficient, as for a security level of 80 bits it requires 103 ms and 36 ms for encryption and decryption, respectively, on the smallest ARM Cortex-M0 microcontroller.

[1]  Sorin A. Huss,et al.  On the Design of Hardware Building Blocks for Modern Lattice-Based Encryption Schemes , 2012, CHES.

[2]  Frederik Vercauteren,et al.  Compact Ring-LWE Cryptoprocessor , 2014, CHES.

[3]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[4]  Frederik Vercauteren,et al.  Compact Hardware Implementation of Ring-LWE Cryptosystems , 2013, IACR Cryptol. ePrint Arch..

[5]  Phong Q. Nguyen,et al.  BKZ 2.0: Better Lattice Security Estimates , 2011, ASIACRYPT.

[6]  Tim Güneysu,et al.  Towards Practical Lattice-Based Public-Key Encryption on Reconfigurable Hardware , 2013, Selected Areas in Cryptography.

[7]  Peter W. Shor,et al.  Algorithms for quantum computation: discrete logarithms and factoring , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[8]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2005, STOC '05.

[9]  Chris Peikert,et al.  On Ideal Lattices and Learning with Errors over Rings , 2010, JACM.

[10]  Xiaotie Deng,et al.  TinyPairing: A Fast and Lightweight Pairing-Based Cryptographic Library for Wireless Sensor Networks , 2010, 2010 IEEE Wireless Communication and Networking Conference.

[11]  Clifford C. Cocks An Identity Based Encryption Scheme Based on Quadratic Residues , 2001, IMACC.

[12]  Frederik Vercauteren,et al.  Efficient software implementation of ring-LWE encryption , 2015, 2015 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[13]  Zhe Liu,et al.  Efficient Ring-LWE Encryption on 8-Bit AVR Processors , 2015, CHES.

[14]  Léo Ducas,et al.  Efficient Identity-Based Encryption over NTRU Lattices , 2014, ASIACRYPT.

[15]  Oded Regev,et al.  Lattice-Based Cryptography , 2006, CRYPTO.

[16]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[17]  Ricardo Dahab,et al.  TinyPBC: Pairings for authenticated identity-based non-interactive key distribution in sensor networks , 2008, 2008 5th International Conference on Networked Sensing Systems.

[18]  Thomas Poppelmann,et al.  Area optimization of lightweight lattice-based encryption on reconfigurable hardware , 2014, 2014 IEEE International Symposium on Circuits and Systems (ISCAS).

[19]  Chris Peikert,et al.  Better Key Sizes (and Attacks) for LWE-Based Encryption , 2011, CT-RSA.

[20]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[21]  Tim Güneysu,et al.  High-Performance Ideal Lattice-Based Cryptography on 8-Bit ATxmega Microcontrollers , 2015, LATINCRYPT.