漫談輕量級密碼學標準發展與實現

物聯網（Internet of Things, IoT）的普及為生活帶來便利，但也因為物聯網設備公開部署及無線傳輸的特性，產生了其他安全問題。傳統加密標準難以或不可能在資源受限的設備中實現，即使勉強實現，它們的性能也可能無法被接受，因此發展可在資源受限的設備執行的輕量級密碼學演算法實有其必要性及迫切性。有鑑於此，美國國家標準暨技術研究院（National Institute of Standards and Technology, NIST）於2018年正式向世界徵求輕量級密碼學演算法，預期於2022年確立輕量級密碼學標準。本文目的在說明傳統密碼演算法在資源受限設備上實現的限制、輕量級密碼學演算法需求的重點及NIST目前制定輕量級密碼學標準的發展，並以目前進入最後決選的ASCON輕量級加密演算為範例進行實現，說明如何在一個物聯網的應用中實現一個符合輕量級密學標準的演算法，以保護物聯網中訊息傳遞的安全。

關鍵字

物聯網安全；密碼學標準；輕量級密碼學；物聯網加密；資源受限設備

並列摘要

The proliferation of the Internet of Things (IoT) brings convenience to life, but also creates other security concerns due to the nature of open deployment and wireless of IoT devices. Traditional encryption standards are difficult or impossible to implement in resource-constrained devices, and even if they do, their performance may be unacceptable, so the development of lightweight cryptographic algorithms that can be executed in resource-constrained devices is necessary and urgent. The National Institute of Standards and Technology (NIST) of the United States therefore officially solicited lightweight cryptography algorithms in 2018, and is expected to complete the establishment of lightweight cryptography standards in 2022. The purpose of this paper is to explain the limitations of traditional cryptographic algorithms on resource-constrained devices, the focus of lightweight cryptographic algorithm requirements, and the development of NIST's current lightweight cryptography standards. The lightweight encryption algorithm ASCON is implemented as an example to illustrate how to implement an algorithm that conforms to the lightweight cryptography standards in an IoT application to protect the security of message transmission in the IoT.

並列關鍵字

IoT security ； cryptography standards ； lightweight cryptography ； IoT encryption ； resource-constrained devices

參考文獻

Ge M., Hong J. B., Alzaid H., and Kim D. S., 2017, “Security modeling and analysis of cross-protocol IoT devices,” paper presented at the IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Sydney, Australia. doi:10.1109/Trustcom/BigDataSE/ICESS.2017.350

Hatzivasilis G., Fysarakis K., Papaefstathiou I., and Manifavas C., 2018, “A Review of Lightweight Block Ciphers,” Journal of Cryptographic Engineering, 8(2), 141-184. doi:10.1007/s13389-017-0160-y

Ronen, E., and Shamir, A., 2016, “Extended Functionality Attacks on IoT Devices: The Case of Smart Lights,” paper presented at the IEEE European Symposium on Security and Privacy (EuroS&P), Saarbruecken, Germany. doi:10.1109/EuroSP.2016.13

Singh S., Sharma P. K., Moon S. Y., and Park J. H., 2017, “Advanced Lightweight Encryption Algorithms for IoT Devices: Survey, Challenges and Solutions,” Journal of Ambient Intelligence & Humanized Computing. doi:10.1007/s12652-017-0494-4

Turan M. S., McKay K. A., Çalık Ç., Chang D., and Bassham L, 2019, Status Report on the First Round of the NIST Lightweight Cryptography Standardization Process (NISTIR 8268). doi:10.6028/NIST.IR.8268

延伸閱讀

樊國楨（1999）。虛擬社會資訊安全機制初探－從密碼模組領域認證體系談起。內部稽核，(30)，1-21。https://doi.org/10.7100/IA.199911.0001
張進宣（2018）。差分移相量子密鑰分發實驗架構之研析〔碩士論文，國立清華大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0016-1803201914461371
Ting, W. C. (2009). 無線射頻標籤輕量化認證協定之研究 [doctoral dissertation, National Tsing Hua University]. Airiti Library. https://www.airitilibrary.com/Article/Detail?DocID=U0016-1111200916110815
Hao, P. H. (2014). A Domain-Specific Language for Efficient Cryptographic Engineering [master's thesis, National Taiwan University]. Airiti Library. https://doi.org/10.6342/NTU.2014.00553
Garcia, G. G., Espinoza, R. A. F., Recillas, H. T., Aguilar, A. V., & Torres, G. A. (2016). A Lightweight Digital Signature Cryptographic Protocol for Authentication and Integrity Based on Location. Research Journal of Applied Sciences, Engineering and Technology, 12(5), 550-555. https://doi.org/10.19026/rjaset.12.2578

全文下載

主題瀏覽