IoT機器向けの軽量化暗号実装技術とユーザ生体継続認証への応用

2019 Fiscal Year Annual Research Report

• Project/Area Number: 19J15225
• Research Institution: The University of Aizu
• Principal Investigator: ZHOU LU 会津大学, コンピュータ理工学研究科, 特別研究員(DC2)
• Project Period (FY): 2019-04-25 – 2021-03-31
• Keywords: IoT Security / Authentication in IoT

Outline of Annual Research Achievements

During the past year, our research focuses to resolve the above two problems in IoT systems. According to the research plan proposed in the proposal, this year our research focuses on solving the first problem, for how to design secure lightweight cryptography primitives that achieve fewer memory consumption and resistant to key leakage attack in IoT systems, we have re-designed and implemented several Elliptic Curve Cryptographic primitives and achieved the best results compared to existing other schemes. Then, we studied the authentication problems in the emerging IoT-cloud circumstance, and presented a novel authentication scheme for IoT-based architectures combined with cloud servers. To pursue the best efficiency, lightweight crypto-modules, such as one-way hash function and exclusive-or operation, are adopted in our authentication scheme.

Current Status of Research Progress

2: Research has progressed on the whole more than it was originally planned.

Reason

We have achieved some good resulted as we proposed in the research plan. We redesigned some existent techniques to fit the low-end IoT platform, namely 8-bit AVR processors, and our implementations evaluated on the desired platform show that the SM2 algorithms have competitive efficiency and security with NIST, which would work well to secure the IoT world.

We achieved IoT-compatible authentication cryptographic protocols for IoT devices, we studied lightweight certificateless signature schemes. We presented a lightweight cryptographic protocol integrating certificateless signature and bilinear pairing crypto-primitives. This research result was accepted and published by journal of ACM Transactions on Embedded Computing Systems.

Strategy for Future Research Activity

I will still keep working on efficient and secure implementation of IoT library for the Internet of Things. Concrete tasks: optimize public-key primitives (TEGLV curve-based), implement secret-key primitives (AES), and hash functions (SHA) for resource constraint IoT devices, design efficient side-channel resistant countermeasures, write two research papers. I will also spend more time in researching and developing secure control of IoT. research on the design of an efficient and robust machine-to-machine authentication system and a biometric-based continuous authentication system.

Research Products

• [Journal Article] Lightweight Implementations of NIST P-256 and SM2 ECC on 8-bit Resource-Constraint Embedded Device (2019)
  • Author(s): Zhou Lu、Su Chunhua、Hu Zhi、Lee Sokjoon、Seo Hwajeong
  • Journal Title: ACM Transactions on Embedded Computing Systems Volume: 18 Pages: 1～13
  • DOI: https://doi.org/10.1145/3236010
• [Journal Article] A Lightweight Cryptographic Protocol with Certificateless Signature for the Internet of Things (2019)
  • Author(s): Zhou Lu、Su Chunhua、Yeh Kuo-Hui
  • Journal Title: ACM Transactions on Embedded Computing Systems Volume: 18 Pages: 1～10
  • DOI: https://doi.org/10.1145/3301306
• [Journal Article] Lightweight IoT-based authentication scheme in cloud computing circumstance (2019)
  • Author(s): Zhou Lu、Li Xiong、Yeh Kuo-Hui、Su Chunhua、Chiu Wayne
  • Journal Title: Future Generation Computer Systems Volume: 91 Pages: 244～251
  • DOI: https://doi.org/10.1016/j.future.2018.08.038