Abstract
Format-Preserving Encryption (FPE) for Internet of Things (IoT) enables the data encryption while preserving the format and length of original data. With these advantages, FPE can be utilized in many IoT applications. However, FPE requires complicated computations and these are high overheads on IoT embedded devices. In this paper, we proposed an efficient implementation of Format-preserving Encryption Algorithm (FEA), which is the Korean standard of FPE, and the first-order masked implementation of FEA on both low-end (i.e., AVR microcontroller) and high-end (i.e., ARM processor) IoT devices. Firstly, we show the vulnerability of FEA when it comes to the Correlation Power Analysis (CPA) approach. Afterward, we propose an efficient implementation method and the masking technique for both low-end IoT device and high-end IoT device. The proposed method is secure against power analysis attacks but the performance degradation of masked measure is only 2.53∼3.77% than the naïve FEA implementation.
Highlights
The Correlated Power Analysis (CPA) is one of the Side Channel Attack (SCA) types and is the most effective method, and it has been shown that several block ciphers (e.g., AES, DES [18], PRESENT [19], SIMON [20], LED [21]) are vulnerable [13,22,23,24]
The Correlation Power Analysis (CPA) attack collects the power consumption of the part where the operation is performed with information that can be manipulated and the secret key to be guessed in the encryption algorithm
S-Box, which is used to perform non-linear replacements in block ciphers, becomes more vulnerable to side-channel attacks, such as Differential Power Analysis (DPA) [25]
Summary
FF1 and FF3-1 algorithms use block ciphers as F functions, while the FEA uses its own dedicated functions This feature allows the high-speed encryption than other algorithms designed for the format preserving encryption. When utilizing block ciphers on IoT devices, it is necessary to consider a side-channel attack. IoT devices: In low-end IoT environments, the log/anti-log table based Galois field multiplication is utilized. This approach replaces the complicated multiplication into the simple addition operation. For high-end IoT environments, both S-Box operation and Galois field multiplication are combined and executed at once This approach eliminates unnecessary multiplication operations by considering bits of the removed block at the last stage of the F function. In order to ensure the high performance, we propose the optimized first-order masking technique for the FEA implementation
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have