Lightweight Cryptography for Future Smart Networks

We are on the brink of the next major shift in the ICT revolution with the advent of the Internet of Things (IoT) and 5th generation (5G) mobile communications. These will bring a huge change in the connectivity of our digital world and with that a major challenge to security and privacy. In particular, there is an urgent need for cryptographic primitives and protocols which are efficient enough for deployment in the constrained computational scenarios of the IoT and mobile devices. To illustrate this urgency, we mention the recent call for submitting lightweight cryptographic proposals for authenticated encryption and hash functions issued by NIST. The CryptNet project is developing, analysing and evaluating the lightweight cryptographic mechanisms necessary for securing the next generation of communications infrastructure against digital vulnerabilities. The project addresses four fundamental security challenges. Challenge 1 is to design algorithms for data encryption and authentication which are much more efficient than the standards in use today. Furthermore, these algorithms must be combined to form very efficient authentication and key management protocols. Challenge 2 is to find out how to establish trust in environments where devices may lack a permanent connection to the Internet and may be located in adversary-controlled locations. Challenge 3 is how to maintain security for devices which may be deployed for the long term in remote locations without physical access and in the face of new computing capabilities. Finally, Challenge 4 is how to achieve privacy for devices which need to authenticate via untrusted nodes. The project is developing and applying new cryptographic approaches. The project outcomes so far have made significant progress in all four of these challenges. A new hash function and related encryption scheme was submitted to the NIST Lightweight Cryptography standardization process; a new security protocol for 5G security has been published; improved key exchange protocols suitable for establishing keys for IoT devices at a high level of security was developed; understanding of how to design improved lightweight symmetric key primitives has been significantly improved; new efficient key exchange protocols suitable for constrained scenarios have been designed and formally analysed; a promising new computational problem has been discovered leading to a new class of efficient public key algorithms using entropoids; a modular method for designing key exchange protocols safe against quantum computers has been designed; a dynamic key management protocol suitable for lightweight clients has been designed and formally analysed.

Two major advances in networking infrastructure are the emergence of the Internet of Things (IoT) and the development of the fifth generation of mobile networks (5G). These advances are intimately connected, as 5G will play a major role in the mobile IoT, connecting mobile devices at unprecedented rates and scale. Due to the use of IoT for applications transmitting personal data and for control of critical physical infrastructure, security is a critical factor in these new networks. Security in IoT and 5G must be integrated so that devices in the mobile IoT can move seamlessly between use of a variety of networking technologies. Moreover, security solutions must be lightweight so that they can be run on devices with the smallest amount of computing power. Altogether this presents a major security challenge. This project will develop lightweight cryptographic primitives and protocols suitable for practical use in protecting the mobile IoT against the most significant threats. The cryptography team at the Norwegian University of Science and Technology will build upon a wealth of existing knowledge and experience to design new protocols for authentication and key management, together with cryptographic primitives for cryptographic processing of data. Innovations including new incremental cryptography primitives, blockchain-based key management and private identification protocols, will play an important role in this research. Collaboration with European colleagues will ensure that the research maintains broad applicability. We will apply modern analysis methods to obtain theoretical assurance through computational proofs and ensure real-world significance through practical experimentation.