The National Institute of Standards and Technology (NSIT) is proposing the creation of a new cryptography method to better protect devices with RFID tags and embedded tags, including IoT smart products.
The IoT Devices Are a New Security and Privacy Challenge
The Internet of Things (IoT) revolution has made security and privacy issues a real concern for individuals and businesses. This is why the National Institute of Standards and Technology (NIST) has proposed a draft report for lightweight cryptography for IoT devices and related products. The experts state that it is challenged to apply contemporary standards to small devices. Nowadays the trade off between security, performance and resource management is targeted at desktop and server computing which makes them inefficient when implemented for resource-constrained devices.
The latest lightweight cryptography proposals are targeted mainly to such low-performing products. The main concerns are power management and performance as the small embedded devices have only limited capabilities.
The use of cryptographic security systems ensures that notifications and access to IoT devices are trusted. These measures may protect users from malicious attacks from criminals where false notifications can be provided to the user in a phishing attack. If the IoT device uses cryptographic security, then the user would have to authenticate in a suitable manner before he can receive the information thus rendering all other information false.
The lightweight block ciphers feature the following characteristics: smaller block size to conserve memory, smaller key size, simpler rounds and a simpler key scheduling. The NIST target a rational balance between security strength (should be at least 112 bits), flexibility (the algorithms should be usable across different platforms), low-performance overhead for cryptography functions, ciphertext expansion, side channel and fault attack. Also, the draft proposes limits on the number of plain text – cipher text pairs and related-key attacks. The report continues with sample profiles and test cases.