Top

Published in:

2019 | OriginalPaper | Chapter

A Survey on Lightweight Authenticated Encryption and Challenges for Securing Industrial IoT

Authors : Megha Agrawal, Jianying Zhou, Donghoon Chang

Published in: Security and Privacy Trends in the Industrial Internet of Things

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Embedded systems are widely deployed nowadays in various domains like smart cards, automobiles, telecommunications, home automation systems, computer networking, digital consumer electronics, defense and aerospace. IoT is the technology enabling the inter-connection of these embedded devices (composed of sensors, actuators etc.) through the internet to exchange data, optimize processes, monitor devices in order to generate benefits for the industry, the economy, and the end user. These operations typically consists of sensitive or critical information that needs to be protected against outside world. Therefore their security comes as a primary concern. However the main challenges while providing security for these devices are resource constrained environment in terms of computing power, memory capacity, chip area and the power usage. The limited capabilities of these devices necessitate the adoption of Lightweight Cryptography (LWC). Lightweight cryptography is a field dealing with cryptographic algorithms or cryptographic protocols specially designed for the usage in constrained environments which includes RFID tags, contactless smart cards, sensors, embedded systems, health-care devices and so on. This work provides a survey of existing lightweight authenticated encryption algorithms. We surveyed 17 lightweight AE schemes (LWAE), out of which 9 schemes are from the ongoing CAESAR competition.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Advanced Persistent Threats and Zero-Day Exploits in Industrial Internet of Things

next chapter Access Control in the Industrial Internet of Things

Ågren M, Hell M, Johansson T, Meier W (2011) Grain-128a: a new version of grain-128 with optional authentication. IJWMC 5(1):48–59CrossRef

Alemdar H, Ersoy C (2010) Wireless sensor networks for healthcare: a survey. Comput Netw 54(15):2688–2710CrossRef

Atzori L, Iera A, Morabito G (2010) The Internet of Things: a survey. Comput Netw 54(15):2787–2805CrossRef

Aumasson J-P, Knellwolf S, Meier W (2015) Heavy Quark for secure AEAD. https://131002.net/data/papers/AKM12.pdf

Banik S, Maitra S, Sarkar S, Turan MS (2013) A chosen IV related key attack on grain-128a. In: Boyd C, Simpson L (eds) Information Security and Privacy – 18th Australasian Conference, ACISP 2013, Brisbane, 1–3 July 2013. Proceedings. Volume 7959 of Lecture Notes in Computer Science. Springer, pp 13–26

Beaulieu R, Shors D, Smith J, Treatman-Clark S, Weeks B, Wingers L (2013) The SIMON and SPECK families of lightweight block ciphers. IACR Cryptol ePrint Arch 2013:404MATH

Bellare M, Namprempre C (2008) Authenticated encryption: relations among notions and analysis of the generic composition paradigm. J Cryptol 21(4):469–491MathSciNetCrossRef

Bertoni G, Daemen J, Peeters M, Van Assche G, Van Keer R (2016) Ketje v1 http://competitions.cr.yp.to/round1/ketjev11.pdf

Bilgin B, Bogdanov A, Knezevic M, Mendel F, Wang Q (2013) Fides: lightweight authenticated cipher with side-channel resistance for constrained hardware. In: Bertoni G, Coron J-S (eds) 15th International Workshop on Cryptographic Hardware and Embedded Systems – CHES 2013, Santa Barbara, 20–23 Aug 2013. Proceedings. Volume 8086 of lecture notes in computer science. Springer, pp 142–158

10.

Bogdanov A, Knudsen LR, Leander G, Paar C, Poschmann A, Robshaw MJB, Seurin Y, Vikkelsoe C (2007) PRESENT: an ultra-lightweight block cipher. In: Paillier P, Verbauwhede I (eds) 9th International Workshop on Cryptographic Hardware and Embedded Systems – CHES 2007, Vienna, 10–13 Sept 2007, Proceedings. Volume 4727 of lecture notes in computer science. Springer, pp 450–466

11.

Bogdanov A, Knezevic M, Leander G, Toz D, Varici K, Verbauwhede I (2011) Spongent: a lightweight hash function. In: Preneel B, Takagi T (eds) 13th International Workshop on Cryptographic Hardware and Embedded Systems – CHES 2011, Nara, 28 Sept – 1 Oct 2011. Proceedings. Volume 6917 of lecture notes in computer science. Springer, pp 312–325

12.

Bogdanov A, Mendel F, Regazzoni F, Rijmen V, Tischhauser E (2014) ALE: AES-based lightweight authenticated encryption. In: Moriai (2014), pp 447–466MATH

13.

CAESAR (2014) Competition for authenticated encryption: security, applicability, and robustness. http://competitions.cr.yp.to/caesar.html

14.

Cid C, Rechberger C (eds) (2015) 21st International Workshop on Fast Software Encryption, FSE 2014, London, 3–5 Mar 2014. Revised Selected Papers. Volume 8540 of lecture notes in computer science. Springer

15.

De Cannière C (2006) Trivium: a stream cipher construction inspired by block cipher design principles. In: Katsikas SK, Lopez J, Backes M, Gritzalis S, Preneel B (eds) 9th International Conference on Information Security, ISC 2006, Samos Island, 30 Aug – 2 Sept, 2006, Proceedings. Volume 4176 of lecture notes in computer science. Springer, pp 171–186

16.

Dinur I, Jean J (2014) Cryptanalysis of FIDES. In: Cid and Rechberger [14], pp 224–240CrossRef

17.

Dobraunig C, Eichlseder M, Mendel F, Schläffer M (2015) Cryptanalysis of ascon. In: Nyberg K (ed) Topics in Cryptology – CT-RSA 2015, the Cryptographer’s Track at the RSA Conference 2015, San Francisco, 20–24 Apr 2015. Proceedings. Volume 9048 of lecture notes in computer science. Springer, pp 371–387

18.

Dobraunig C, Eichlseder M, Mendel F, Schläffer M (2016) Ascon v1.2. submission to the CAESAR competition: http://competitions.cr.yp.to/round3/asconv12.pdf

19.

Dwivedi AD, Kloucek M, Morawiecki P, Nikolic I, Pieprzyk J, Wójtowicz S (2017) Sat-based cryptanalysis of authenticated ciphers from the CAESAR competition. In: Samarati P, Obaidat MS, Cabello E (eds) Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017) – vol 4: SECRYPT, Madrid, 24–26 July 2017. SciTePress, pp 237–246

20.

Engels DW, Saarinen M-JO, Schweitzer P, Smith EM (2011) The hummingbird-2 lightweight authenticated encryption algorithm. In: Juels A, Paar C (eds) 7th International Workshop on RFID. Security and Privacy, RFIDSec 2011, Amherst, 26–28 June 2011, Revised Selected Papers. Volume 7055 of lecture notes in computer science. Springer, pp 19–31

21.

Ericsson Mobility report (2016). https://www.ericsson.com/res/docs/2016/ericsson-mobility-report-2016.pdf

22.

Fault Based Forgery on CLOC and SILC (2015). https://groups.google.com/forum/#!topic/crypto-competitions/qxORmqcSrY

23.

Feng X, Zhang F (2014) Cryptanalysis on the authenticated cipher sablier. In: Au MH, Carminati B, Jay Kuo C-C (eds) 8th International Conference on Network and System Security, NSS 2014, Xi’an, 15–17 Oct 2014, Proceedings. Volume 8792 of lecture notes in computer science. Springer, pp 198–208

24.

Grosso V, Leurent G, Standaert F-X, Varici K, Durvaux F, Gaspar L, Kerckhof S (2014) SCREAM and iSCREAM: side-channel resistant authenticated encryption with masking. http://competitions.cr.yp.to/round1/clocv1.pdf

25.

Guo J, Peyrin T, Poschmann A (2011) The PHOTON family of lightweight hash functions. In: Rogaway P (ed) 31st Annual Cryptology Conference on Advances in Cryptology – CRYPTO 2011, Santa Barbara, 14–18 Aug 2011. Proceedings. Volume 6841 of lecture notes in computer science. Springer, pp 222–239

26.

Hell M, Johansson T, Meier W (2007) Grain: a stream cipher for constrained environments. IJWMC 2(1):86–93CrossRef

27.

Hirose S, Ideguchi K, Kuwakado H, Owada T, Preneel B, Yoshida H (2012) An AES based 256-bit hash function for lightweight applications: Lesamnta-lw. IEICE Trans 95-A(1):89–99CrossRef

28.

Information technology – automatic identification and data capture techniques – Part 1: security services for RFID air interfaces (2014). https://www.iso.org/standard/61128.html

29.

Information technology – automatic identification and data capture techniques – Part 11: crypto suite PRESENT-80 security services for air interface communications (2014). https://www.iso.org/standard/60441.html

30.

Information technology – automatic identification and data capture techniques – Part 10: crypto suite AES-128 security services for air interface communications (2015) https://www.iso.org/standard/60440.html

31.

Information technology – automatic identification and data capture techniques – Part 12: crypto suite ECC-DH security services for air interface communications (2015). https://www.iso.org/standard/60442.html

32.

Information technology – automatic identification and data capture techniques – Part 13: crypto suite grain-128A security services for air interface communications (2015). https://www.iso.org/standard/60682.html

33.

Information technology – automatic identification and data capture techniques – Part 14: crypto suite AES OFB security services for air interface communications (2015). https://www.iso.org/standard/61130.html

34.

Information technology – automatic identification and data capture techniques – Part 16: crypto suite ECDSA-ECDH security services for air interface communications (2015). https://www.iso.org/standard/61321.html

35.

Information technology – automatic identification and data capture techniques – Part 17: crypto suite cryptoGPS security services for air interface communications (2015). https://www.iso.org/standard/61942.html

36.

Information technology – automatic identification and data capture techniques – Part 19: crypto suite RAMON security services for air interface communications (2016). https://www.iso.org/standard/63176.html

37.

Introduction to the Controller Area Network (CAN) (2016). http://www.ti.com/lit/an/sloa101b/sloa101b.pdf

38.

ISO (2012) ISO/IEC 29192-1:2012, information technology – security techniques-lightweight cryptography – Part 1: general. https://www.iso.org/standard/56425.html

39.

ISO (2012) ISO/IEC 29192-1:2012, information technology – security techniques-lightweight cryptography – Part 2: bloch ciphers. https://www.iso.org/standard/56552.html

40.

ISO (2012) ISO/IEC 29192-1:2012, information technology – security techniques-lightweight cryptography – Part 3: stream ciphers. https://www.iso.org/standard/56426.html

41.

ISO (2013) ISO/IEC 29192-1:2012, information technology – security techniques-lightweight cryptography – Part 3: mechanisms using asymmetric techniques. https://www.iso.org/standard/56427.html

42.

ISO (2016) ISO/IEC 29192-1:2012, information technology – security techniques-lightweight cryptography – Part 3: Hash-functions. https://www.iso.org/standard/67173.html

43.

ISO (2016) ISO/IEC 29192-1:2012, information technology – security techniques-lightweight cryptography – Part 3: mechanisms using asymmetric techniques Amendment I. https://www.iso.org/standard/64591.html

44.

ISO, ISO/IEC 29192-1:2012, information technology – security techniques-lightweight cryptography – Part 3: message authentication codes. https://www.iso.org/standard/71116.html

45.

Iwata T, Minematsu K, Guo J, Morioka S (2014) CLOC: authenticated encryption for short input. In: Cid and Rechberger [14], pp 149–167CrossRef

46.

Iwata T, Minematsu K, Guo J, Morioka S (2014) CLOC: compact low-overhead CFB. http://competitions.cr.yp.to/round1/clocv1.pdf

47.

Iwata T, Minematsu K, Guo J, Morioka S, Kobayashi E (2015) SILC: SImple lightweight CFB. https://competitions.cr.yp.to/round2/silcv2.pdf

48.

Jakimoski G, Khajuria S (2011) ASC-1: an authenticated encryption stream cipher. In: Miri A, Vaudenay S (eds) 18th International Workshop on Selected Areas in Cryptography, SAC 2011, Toronto, 11–12 Aug 2011, Revised Selected Papers. Volume 7118 of lecture notes in computer science. Springer, pp 356–372

49.

Jean J, Nikolic I, Peyrin T (2015) Joltik v1.3. https://competitions.cr.yp.to/round2/joltikv13.pdf

50.

Karakostas B (2013) A DNS architecture for the Internet of Things: a case study in transport logistics. Proc Comput Sci 19:594–601. The 4th International Conference on Ambient Systems, Networks and Technologies (ANT 2013), the 3rd International Conference on Sustainable Energy Information Technology (SEIT-2013)

51.

Khovratovich D, Rechberger C (2013) The LOCAL attack: cryptanalysis of the authenticated encryption scheme ALE. In: Lange T, Lauter KE, Lisonek P (eds) 20th International Conference on Selected Areas in Cryptography – SAC 2013, Burnaby, 14–16 Aug 2013, Revised Selected Papers. Volume 8282 of lecture notes in computer science. Springer, pp 174–184

52.

Leurent G (2015) Differential forgery attack against LAC. In: Dunkelman O, Keliher L (eds) 22nd International Conference on Selected Areas in Cryptography – SAC 2015, Sackville, 12–14 Aug 2015, Revised Selected Papers. Volume 9566 of lecture notes in computer science. Springer, pp 217–224

53.

Li Z, Dong X, Wang X (2017) Conditional cube attack on round-reduced ASCON. IACR Trans Symmetric Cryptol 2017(1):175–202

54.

Li Y, Zhang G, Wang W, Wang M (2017) Cryptanalysis of round-reduced ASCON. SCIENCE CHINA Inf Sci 60(3):38102CrossRef

55.

Liu JK, Baek J, Zhou J, Yang Y, Wong JW (2010) Efficient online/offline identity-based signature for wireless sensor network. Int J Inf Sec 9(4):287–296CrossRef

56.

McGrew D (2015) Low power wireless scenarios and techniques for saving bandwidth without sacrificing security. In: NIST Lightweight Cryptography Workshop, vol 2015

57.

Moriai S (ed) (2014) 20th International Workshop on Fast Software Encryption, FSE 2013, Singapore, 11–13 Mar 2013. Revised Selected Papers. Volume 8424 of Lecture Notes in Computer Science. Springer

58.

National Institute of Standards and Technology (2017) Profiles for the lightweight cryptography standardization process. https://csrc.nist.gov/CSRC/media/Publications/white-paper/2017/04/26/profiles-for-lightweight-cryptography-standardization-process/draft/documents/profiles-lwc-std-proc-draft.pdf

59.

National Institute of Standards and Technology (2017) Report on lightweight cryptography (U.S. Department of Commerce, Washington, D.C.), National Institute of Standards and Technology Internal Report 8114. http://nvlpubs.nist.gov/nistpubs/ir/2017/NIST.IR.8114.pdf

60.

Neves S, Aumasson J-P, Jovanovic P (2014) NORX: parallel and scalable AEAD. https://norx.io/

61.

Neves S, Aumasson J-P, Jovanovic P (2015) NORX8 and NORX16: authenticated encryption for low-end systems. https://eprint.iacr.org/2015/1154.pdf

62.

Pang Z, Chen Q, Tian J, Zheng L, Dubrova E (2013) Ecosystem analysis in the design of open platform-based in-home healthcare terminals towards the Internet-of-things. In: 2013 15th International Conference on Advanced Communications Technology (ICACT), Jan 2013, pp 529–534

63.

Qin E, Long Y, Zhang C, Huang L (2013) Cloud computing and the Internet of Things: technology innovation in automobile service. In: Yamamoto S (ed) Human interface and the management of information. Information and interaction for health, safety, mobility and complex environments. Springer, Berlin/Heidelberg, pp 173–180

64.

Rogaway P, Shrimpton T (2006) Deterministic authenticated-encryption: a provable-security treatment of the key-wrap problem. IACR Cryptol ePrint Arch 2006:221MATH

65.

Roman R, Zhou J, Lopez J (2013) On the features and challenges of security and privacy in distributed Internet of Things. Comput Netw 57(10):2266–2279CrossRef

66.

Saarinen M-JO (2014) Related-key attacks against full hummingbird-2. In: Moriai [57], pp 467–482

67.

Sarkar S, Banik S, Maitra S (2015) Differential fault attack against grain family with very few faults and minimal assumptions. IEEE Trans Comput 64(6):1647–1657MathSciNetCrossRef

68.

Shi Z, Zhang B, Feng D (2015) Practical-time related-key attack on hummingbird-2. IET Inf Secur 9(6):321–327CrossRef

69.

Shirai T, Shibutani K, Akishita T, Moriai S, Iwata T (2007) The 128-bit blockcipher CLEFIA (extended abstract). In: Biryukov A (ed) 14th International Workshop on Fast Software Encryption, FSE 2007, Luxembourg, 26–28 Mar 2007, Revised Selected Papers. Volume 4593 of Lecture Notes in Computer Science. Springer, pp 181–195

70.

Sim SM, Wang L (2017) Practical Forgery Attacks on SCREAM and iSCREAM. http://www1.spms.ntu.edu.sg/~syllab/m/images/b/b3/ForgeryAttackonSCREAM.pdf

71.

Tezcan C (2016) Truncated, impossible, and improbable differential analysis of ASCON. In: Camp O, Furnell S, Mori P (eds) Proceedings of the 2nd International Conference on Information Systems Security and Privacy, ICISSP 2016, Rome, 19–21 Feb 2016. SciTePress, pp 325–332

72.

The Industrial Internet of Things (IIoT): the business guide to Industrial IoT. https://www.i-scoop.eu/internet-of-things-guide/industrial-internet-things-iiot-saving-costs-innovation/

73.

Todo Y, Leander G, Sasaki Y (2016) Nonlinear invariant attack – practical attack on full scream, iscream, and midori64. In: Advances in Cryptology – ASIACRYPT 2016 – 22nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, 4–8 Dec 2016, Proceedings, Part II, pp 3–33

74.

Top 5 applications for the industrial Internet of Things. https://www.raconteur.net/technology/top-5-applications-for-the-industrial-internet-of-things

75.

Wu TD (1998) The secure remote password protocol. In: Proceedings of the Network and Distributed System Security Symposium, NDSS 1998, San Diego. The Internet Society

76.

Wu H (2016) ACORN: a lightweight authenticated cipher (v3). https://competitions.cr.yp.to/round3/acornv3.pdf

77.

Wu H, Huang T (2014) JAMBU lightweight authenticated encryption mode and AES-JAMBU (v1). http://competitions.cr.yp.to/round1/aesjambuv1.pdf

78.

Wu S, Wu H, Huang T, Wang M, Wu W (2015) Leaked-state-forgery attack against the authenticated encryption algorithm ALE. IACR Cryptol ePrint Arch 2015:159MATH

79.

Yeh H-L, Chen T-H, Liu P-C, Kim T-H, Wei H-W (2011) A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 11(5):4767–4779CrossRef

80.

Zhang B, Shi Z, Xu C, Yao Y, Li Z (2014) Sablier v1. https://competitions.cr.yp.to/round1/sablierv1.pdf

81.

Zhang L, Wu W, Wang Y, Wu S, Zhang J (2014) LAC: a lightweight authenticated encryption cipher. http://competitions.cr.yp.to/round1/lacv1.pdf

82.

Zhou H, Liu B, Wang D (2012) Design and research of urban intelligent transportation system based on the Internet of Things. In: Wang Y, Zhang X (eds) Internet of Things. Springer, Berlin/Heidelberg, pp 572–580CrossRef

Title: A Survey on Lightweight Authenticated Encryption and Challenges for Securing Industrial IoT
Authors: Megha Agrawal
Jianying Zhou
Donghoon Chang
Publisher: Springer International Publishing
Book: Security and Privacy Trends in the Industrial Internet of Things
Print ISBN: 978-3-030-12329-1

Electronic ISBN: 978-3-030-12330-7

Copyright Year: 2019
DOI: https://doi.org/10.1007/978-3-030-12330-7_4

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner