Rapid advancement in highly constrained devices is making a great impact on our daily lives. From smartwatches to autonomous cars, everything is connected and becoming intelligent day by day. The Internet of Things is contributing extensively and offering an optimistic future to all stakeholders, from researchers to endpoint consumers. Gartner’s research predicted that more than 20 billion devices would be connected and used by the end of the year 2020.
Internet of things is a network of different sizes of units, i.e., objects, sensors, data processing and storage devices, and communication devices. These entities are connected to the internet and controlled or monitored through devices like mobile or computer applications. This model brings a great challenge in maintaining security goals, i.e., confidentiality, integrity, authentication, non-repudiation, and availability, as most of the devices are resource limited.
According to the Gartner research, more than 25% of identified attacks in enterprises will involve IoT. Deployment of IoT devices comes with the responsibility to protect the devices and personal data collected by the devices and preserve the user’s privacy.
As many devices are getting connected using different platforms and frameworks, the attack risk increases.
The major security issues linked with the IoT ecosystems are:
- Point of Vulnerability for the connected devices due to weak encryption and the possibility of the backdoor.
- The current ecosystem is not ready to store the large amount of data generated by the IoT devices. Another major issue is the authentication process.
- A side-channel attack on the IoT is one of the major challenges.
- Attack on the hardware to get unauthorized data access.
While talking about IoT devices’ security, standard cryptographic algorithms can’t fulfill the need as IoT uses constrained devices. Constrained devices have limited power, energy, and memory; hence, they can’t process and store heavy cryptographic algorithms.
To reduce the computational efforts needed to obtain desired security, a new cryptography branch is emerging in the last few decades: Lightweight cryptography. Lightweight cryptography is an encryption method that features small features, and it is pointed at expanding the implementation to the constrained devices: i.e., low power consumption, low power, small size.
As IoT is vast and in demand, lightweight cryptography also has lots of attention from security experts. NIST has launched the competition on Lightweight cryptography and is still in pursuit. NIST is also in the making of standardizing lightweight cryptography.
To motivate researchers, research scholars, students, industry experts in India, NCoE-DSCI has launched the 12 months long lightweight cipher design challenge. In this one-year-long challenge, NCoE-DSCI has also organized webinars and workshops from well-known researchers from this field to train newbies. This challenge is well received by the cryptography community and received an overwhelming response to the challenge. The winners’ cipher will get a chance to make an industry prototype.
To evaluate this cipher challenge, a strong Jury panel from academia and industry across the globe is set up. We are encouraging the crypto community to take part in the lightweight cipher challenge.
To give more visibility to lightweight cryptography, DSCI will host a session on “LWC: Securing IoT data and communication…Lightweight crypto innovation for the IoT age” at #AISS2020.