CRYPTO-RESISTANT METHODS AND RANDOM NUMBER GENERATORS IN INTERNET OF THINGS (IOT) DEVICES
DOI:
https://doi.org/10.30837/ITSSI.2022.20.022Keywords:
Internet of Things, random number generator, cryptocurrency, cryptanalysis, cryptographic keys, encryption, hashing, Autonomous Boolean Networks, Boolean chaos, statistical tests, cryptoacceleratorsAbstract
Subject of research: crypto-resistant methods and tools of generating random sequences and hardware support of cryptographic transformations in IoT devices. The aim of the article is to study crypto-resistant methods and tools for generating and testing random sequences suitable for use in IoT devices with limited resources; determination of circuit implementations of random sequences hardware generators; formation of conclusions on the use of random number generators (RNG) in cryptographic protection systems of the IoT network. The article solves the following tasks: analysis of methods and hardware for generating random sequences to protect IoT solutions with limited resources; identification of safe and effective technologies for the implementation of RNG; classification of RNG attacks; analysis of the shortcomings of the practical use of statistical test packages to assess the quality of random sequences of RNG; evaluation of the speed of cryptoaccelerators of hardware support for cryptographic transformations; providing practical guidance on RNG for use in resource-constrained IoT devices. Research methods: method of structural and functional analysis of RNG and IoT devices, cryptographic methods of information protection, methods of random sequence generation, method of stability analysis of systems, methods of construction of autonomous Boolean networks and Boolean chaos analysis, methods of quality assessment of random sequences. Results of work: the analysis of technologies and circuit decisions of hardware RNG on characteristics: quality of numbers’ randomness and unpredictability of sequences, speed, power consumption, miniaturization, possibility of integral execution; providing practical recommendations for the use of RNG in cryptographic protection systems of the IoT network. The novelty of the study is the analysis of methods and hardware to support technologies for generating random sequences in the system of cryptographic protection of IoT solutions; classification of attacks on RNG and features of protection against them; identification of effective RNG technologies and circuit solutions for use in low-power IoT devices with limited computing resources; providing practical recommendations for the use of RNG in cryptographic protection systems of the IoT network. The analysis of technologies and circuit solutions allowed to draw the following conclusions: protection of IoT solutions includes: security of IoT network nodes and their connection to the cloud using secure protocols, ensuring confidentiality, authenticity and integrity of IoT data by cryptographic methods, attack analysis and network cryptographic stability; the initial basis for the protection of IoT solutions is the true randomness of the formed RNG sequences and used in algorithms for cryptographic transformation of information to protect it; feature of IoT devices is their heterogeneity and geographical distribution, limited computing resources and power supply, small size; The most effective (reduce power consumption and increase the generation rate) for use in IoT devices are RNG exclusively on a digital basis, which implements a three-stage process: the initial digital circuit, normalizer and random number flow generator; Autonomous Boolean networks (ABN) allow to create RNG with unique characteristics: the received numbers are really random, high speed – the number can be received in one measure, the minimum power consumption, miniature, high (up to 3 GHz) throughput of Boolean chaos; a promising area of ABN development is the use of optical logic valves for the construction of optical ABN with a bandwidth of up to 14 GHz; the classification of known classes of RNG attacks includes: direct cryptanalytic attacks, attacks based on input data, attacks based on the disclosure of the internal state of RNG, correlation attacks and special attacks; statistical test packages to evaluate RNG sequences have some limitations or shortcomings and do not replace cryptanalysis; Comparison of cryptoaccelerators with cryptographic transformation software shows their significant advantages: for AES block encryption algorithm, speeds increase by 10-20 times in 8/16-bit cryptoaccelerators and 150 times in 32-bit, growth hashing of SHA-256 in 32-bit cryptoaccelerators more than 100 times, and for the NMAS algorithm - up to 500 times.
References
Donald Knuth (2011), The Art of Computer Programming, Volumes 1-4A Boxed Set, Third Edition, Reading, Massachusetts: Addison-Wesley, 3168p.
Bruce Schneier (2015), Applied Cryptography: Protocols, Algorithms and Source Code in C, 20th Anniversary Edition. March 784 p.
FIPS PUB 140-2 (2001), "Security Requirements for Cryptographic Modules", Federal Information Processing Standards Publication 140-2, P. 69.
Elaine Barker, John Kelsey, (2012), "Recommendation for Random Number Generation Using Deterministic Random Bit Generators", NIST Special Publication ,No. 800-90A.
Popereshnyak, S.V., Raichev, O.O. (2021), "Research and testing of lightweight pseudo-random number generators for the Internet of Things", Ukrainian scientific journal of information security, Vol. 27 (2), P. 71–78.
Akram, R. N, Markantonakis, K., Mayes, K. (2012), "Pseudorandom Number Generation in Smart Cards: An Implementation, Performance and Randomness Analysis", 5th International Conference on New Tech- nologies, Mobility and Security (NTMS), DOI: https://doi.org/10.1109/NTMS.2012.6208760.
Koning Gans G., Hoepman J.-H., Garcia F. D. A. (2008), "Practical Attack on the MIFARE Classic. CARDIS‘08: Proceedings of the 8th IFIP WG 8.8/11.2", International conference on Smart Card Research and Advanced Applications. Springer, P. 267–282.
Building a Low-Cost White-Noise Generator (2005), "Maxim Integrated. Application note 3469", available at: https://pdfserv.maximintegrated.com/en/an/AN3469.pdf
Sovin, Y. R., Nakonechny, Yu. M., Opirsky, I. R., Stakhiv, M. Yu. (2018), "Analysis of cryptography hardware support in IoT devices", Ukrainian Scientific Journal of Information Security, Vol. 24, Issue 1, P. 36–48.
Anthony Martin, Hugo Zbinden, Nicolas Gisin. (2014), "Quantum random number generation on a mobile phone", available at: http://arxiv.org/pdf/1405.0435v1.pdf
Greg Taylor, George Cox. (2011), "Behind Intel’s new random number generator", IEEE Spectrum. Computing, Hardware. September, available at: http://courses.csail.mit.edu/6.857/2012/files/ieee-spectrum.pdf
Mario Stipčević, Çetin Kaya Koç (2014), "True Random Number Generators. ResearchGate. Open Problems in Mathematics and Computational Science", Р.275–315. DOI: https://doi.org/10.1109/NTMS.2012.620876010.1007/978-3-319-10683-0_12.
David P. Rosin, Damien Rontani, Daniel J. Gauthier, and Eckehard Schöll (2013), Experiments on autonomous Boolean networks, Chaos 23, 025102.
David Rosin. (2015), Dynamics of Complex Autonomous Boolean Networks, Doctoral dissertation Universität, Technische Berlin, available at: https://cpb-us-w2.wpmucdn.com/u.osu.edu/dist/7/38882/files/2016/09/rosin_david-14v7bca.pdf
R. Zhang, H. L. D. De, S. Cavalcante, Z. Gao, D. J. Gauthier, J. E. S. Socolar, M. M. Adams, and D. P. Lathrop (2009), "Boolean chaos" Phys. Rev. E 80 (4), 045202.
Goncharov, S.V. (2021), Generator of truly random numbers, Description of the invention to patent RU2741865C1, Р. 24. available at: https://patents.google.com/patent/RU2741865C1/ru
Gorbenko, Y. I, Shapochka, N.V, Grinenko, T. O, Neyvanov, A. V, Mordvinov, R. I. (2011), "Methods and means of generating pseudo-random sequences", Applied radio electronics: scientific and technical. Magazine, Vol. 10. No. 2. P. 141–152.
DSTU ISO / IEC 11770-1: 2014, Information Technology. Methods of protection, Security key management, Part 1: Structure [to replace DSTU ISO / IEC 11770-1: 2009].
D. P. Rosin, D. Rontani, and D. J. Gauthier (2013), "Ultrafast physical generation of random numbers using hybrid Boolean networks", Phys. Rev. E 87 (4), 040902.
X. Cheng, M. Sun, and J. E. S. Socolar (2013), "Autonomous Boolean modelling of developmental gene regulatory networks " J. R. Soc., Interface 10 (78), 20120574.
Luxiao Sang, Jianguo Zhang, Tong Zhao, Martin Virte, Lishuang Gong, and Yuncai Wang (2020), "Optical Boolean chaos", Optics Express 29296, Vol. 28, No. 20/28. available at: https://opg.optica.org/oe/fulltext.cfm?uri=oe-28-20-29296&id=439748
Mandrona, M., Garasimchuk, O. (2012), "Attacks on pseudo-random number generators", Visn. Nat. Lviv Polytechnic University, No. 741, P. 251–256.
Rock, A. (2005), Pseudorandom Number Generators for Criptographic Applications, Salzbuburg, 57–65 р.
Zenner, E.( 2004), On Cryptographic Properties of LFSR-based Pseudorandom Generators, Mannheim, 102 р.
"Reference manual" (2011), STM32F405xx, STM32F407xx, STM32F415xx and STM32F417xx advanced ARM-based 32-bit MCUs (RM0090), STMicroelectronics, 1316 p.
Sovin, Y. R., Nakonechny, Yu. M., Chinka, V. M., Tyshik, I. Y. (2012), "Testing of the built-in random number generator of microcontrollers of the STM32F4XX family according to the NIST STS method", Lviv Polytechnic National University, Department of Information Protection, Р. 168–175.
Klimushin, P., Solianyk, T., Kolisnyk, T., Mozhaev, O. (2021), "Potential application of hardware protected symmetric authentication microcircuitsto ensure the securityof internet of things", Advanced Information Systems, Vol. 5, No. 3, Р. 103–111.
Klimushyn, P., Solianyk, T., Mozhaev, O., Nosov, V., Kolisnyk, T., Yanov V. (2021), "Hardware support procedures for asymmetric authentication of the internet of things", Innovative Technologies and Scientific Solutions for Industries, No. 4 (18), P. 31–39.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
Our journal abides by the Creative Commons copyright rights and permissions for open access journals.
Authors who publish with this journal agree to the following terms:
Authors hold the copyright without restrictions and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License (CC BY-NC-SA 4.0) that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
Authors are able to enter into separate, additional contractual arrangements for the non-commercial and non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
Authors are permitted and encouraged to post their published work online (e.g., in institutional repositories or on their website) as it can lead to productive exchanges, as well as earlier and greater citation of published work.