(M2M) Communications - Bisec 2013

lettucestewElectronics - Devices

Nov 21, 2013 (3 years and 6 months ago)

202 views

Komunikacija
mašina
-
mašina
javnim kanalima: Koncept i izazovi
bezbednosti


Miodrag Mihaljevi
ć

i
Zoran Ognjanovi
ć



Matemati
č
ki institut SANU


BISEC 2013

Beograd, 19. jun 2013.


World Wide Security and Mobility Conference 2013,

Atlantic City, USA

Speakers provide a "big picture" view of the cyber security and mobility
challenges that lie ahead, while laying the groundwork for some serious
problem solving.

Summary


Cyber security as well as secure
deployment of Smart Grid require
extensive employment of
cryptographic techniques.


In order to achieve the security goals
a preference is employment of
provably secure cryptographic
techniques, and this request is
particularly important within the
critical information
-
communication
infrastructures.


On the other hand, the security
mechanisms imply certain overheads
to the main functionality of a system,
and minimization of the overheads
including the ones implied by the
employed cryptographic techniques
is required.


In order to reduce the entire
overheads, cryptographic techniques
with minimized implementation
complexity, computational complexity
and energy consumption are
welcome.


Machine
-
to
-
Machine (M2M)
communications appear as an
important scenario and model of
communications, and it is
anticipated that in a nearby future
M2M communications are
expected to be the dominant ones.





Accordingly, this talk address a
number of issues regarding design
and applications of light
-
weight
and provable secure cryptographic
techniques suitable for M2M
communications scenarios

Roadmap


M2M paradigma


Partikularni tehnicki elementi


Max
-
Min cilj: “Maksimizacija” bezbednosti i
“minimizacija” troskova


Okvir za Max
-
Min cilj


Ilustrativni tehnicki elementi



I. M2M paradigma



Machine
-
to
-
Machine (M2M)
Communications



According to:

M. Dohler, D. Boswarthick and Jesús Alonso
-
Zárate,


Machine
-
to
-
Machine in

Smart Grids & Smart Cities: Technologies, Standards, and Applications”,

Tutorial Globecom 2012, Anaheim, California, USA, 3 December 2012

II. Partikularni tehnicki
elementi


M2M komunikacije

According to:

M. Dohler, D. Boswarthick and Jesús Alonso
-
Zárate,


Machine
-
to
-
Machine in

Smart Grids & Smart Cities: Technologies, Standards, and Applications”,

Tutorial Globecom 2012, Anaheim, California, USA, 3 December 2012

III. Motivation and Impacts

Minimization of the Costs

&


Maximization of the Security

Towards

Secure and Light
-
Weight

Security Mechanisms

Minimization of the Costs

&

Maximization of the Security

Motivation for the Work (1)

Information
-
Communication Technologies (ICT)

Based SOCIETY

security

cost

other …

ICT Society

CONCERNS

Motivation for the Work (2)

security

cost

other …

M2M comm.

CONCERNS


M2M communications

Motivation for the Work (3)

security

cost

other …

M2M comm.

Infrastructure

CONCERNS


M2M communications Infrastructure

Business & Social Significant Research

Business & Social Impacts


Note that provable
security is an issue with
high social impact
because of the
potential
disastrous implications
of the security
vulnerabilities



With
NOT provably
secure

primitive in use, it
is possible that a
not
-
publicly reported
weaknesses exist which
open a door for the
misuse

with severe
social impacts.


Minimization of the
cost appears as a
consequence of
minimization the
security overheads
and it is of high social
interest because it
contributes to
general
goal of the resources
savings.

Minimization of the Security Costs



Secure

System

SECURITY OVERHEADS

Minimization of Security Overheads

Implied by Cryptography

Illustrative Example (1)

Cost of
one


encryption/decryption:

-

0.001 EUR


Cumulative cost

of


bilion


encryption/decryption:


1.000.000 EUR


Illustrative Example (2)


Even in Smart Grid
power consumption
could be a critical
issue.


Elements for
information
-
communication
infrastructure
protection require
D.C. power.


There are is a huge
number of tiny
sensors which should
be powered by the
batteries.


A.C. to D.C.
converters are too
expensive.

Potential Disastrous Impacts of Advances in Cryptanalysis

and Heavy Employment of Cryptography

JEOPARDAZED

M2M services


BREAKABLE

Security Mechanisms

Heavy Overheads

WASTING of Resources

INCREASING COSTS

Heuristically Secure

Cryptography

Complex

Cryptographic

Techniques

Reduction of the Overheads
Implied by Security Mechanisms


Significant amount
of the overheads
appears from the
cryptographic
primitives
.


Accordingly,
Light
-
Weight
Cryptographic
Primitives appears
as ones of top
interest
.


On the Security Overheads


Security requirements

regarding
information
-
communications
infrastructures and embedded
devices could imply a
significant
overhead

to the system with
impacts on the entire system
performance.



Extensive
encryption/decryption and
authenticity control
, and
cumulative overhead implied by
these processing could be very
significant and restrictive factor
on the system functionality and
its overall performance
.


Components of the
considered overhead
include:

-
implementation overhead,

-
computational
(processing) overhead
and

-
power consumption
overhead.


IV. Framework

for achieving our goals and

a novel technology

"Light
-
Weight and Highly Secure
Cryptographic Techniques

for Reduction of the Security
Overheads"

-

Some elements of the Novel
Technology
-


Goals of the Advanced Construction

Advanced Cryptographic Primitives (for Encryption, Authentication, …)

Provable Secure

Light
-
Weight

Reduced

Security

Risks

Reduced

Security

Costs


Reduced

-

Power Consumption

-

Implementation Resources

-
Computational Overhead

Framework and Goals of a Novel Technology

Construction of the

cryptographic
techniques

employing


pseudorandomness
,


randomness

and


dedicated coding
.


“a novel paradigm”


Provide reduction of the
security overheads
regarding:


-

implementation
complexity
,


-

computational
complexity,

and


-

power consumption



Provide
provable
security.

Light
-
Weight Cryptography


An important option, for
reducing the overheads
implied by security and to
enhance security, is
employment of
dedicated
and provable secure light
-
weight cryptographic
techniques

which take into
account
features of the
implementation
environment,

(and
particularly communication
noise).


Goals:


advanced algorithms for
cyber security



dedicated light
-
weight and
provably secure symmetric
and public key
cryptographic techniques
for encryption and
authentication based on
pseudorandomnes,
randomness and
dedicated coding


dedicated key
management

Elements of a Framework for Light
-
Weight Cryptographic Primitives


(i) Joint addressing the overall overheads
regarding implementation, processing for the
security purposes and additional energy
consumption;


(ii) Employment of homophonic coding for
enhancing hardness of the underlying LPN
problem and security against active attacks;


(iii) Employment of the environmental noise for
enhancing security and to reduce the overheads.

Novel Technology Against Existing
Ones


Practical light
-
weight
cryptographic
primitives based on
randomized
algorithms
.


Randomization
provides framework
for
provable
security
.


Traditional light
-
weight cryptographic
primitives are based
on
deterministic

algorithms.


Security is based on
heuristics

and the
“expected”
computational
complexity

arguments.

Application of the Novel
Technology

Anywhere

when the

requirements are:


low implementation
overhead,


low computational
overhead


low power
consumption
overhead


Smart Grid


Information
-
Communication
Infrastructure for
Energy Systems


Smart Home/Town


Health & Medical


(Cybersecurity)

V. Illustrative Technical
Elements

of the Addressed Framework

Two “Methodological Elements”

for Construction of

Provable Secure and Light
-
Weight

Cryptographic Primitives


The LPN
Problem



Dedicated
Coding

V.1 The LPN (Learning Parity in Noise) Problem



The construction and security evaluation of cryptographic
primitives can be significantly related to the LPN problem.


The LPN problem has recently found many applications in
cryptography as the hardness assumption underlying the
constructions of "provably secure" cryptographic schemes
like encryption or authentication protocols.



Being
provably secure means that the scheme comes
with a proof showing that the existence of an efficient
adversary against the scheme implies that the
underlying hardness assumption is wrong.




LPN based schemes have received remarkable attention
implied by theoretical and practical reasons.

The LPN Problem Issues


On the theoretical side,
LPN based schemes
offer a very strong
security guarantee.


The LPN problem is
equivalent to the
problem of decoding
random linear codes
,
a problem that has
been extensively
studied in the last half
century.


On the practical side,
LPN based schemes
are often extremely
simple and efficient
in terms of code
-
size
as well as time and
space requirements
.


This makes them
prime candidates for
light
-
weight devices
like RFID tags, which
are too weak to
implement standard
cryptographic
primitives like the AES.


The LPN Problem

(an illustrative formulation)

=

+

x

secret

noise

(unknown)

known binary vector


known binary matrix

Underlying Problem of the LPN

linear
-
f1(x
1
, x
2
, …, x
K
)

= z
1

linear
-
f2(x
1
, x
2
, …, x
K
)

= z
2

linear
-
fN(x
1
, x
2
, …, x
K
)

= z
N



O S

V Y

E S

R T

D E

E M

F

I

N

E

D

noisy variables

K << N

Thank You Very Much for the
Attention,


and

QUESTIONS Please!