Challenges of Cryptography for Low-energy Devices in the IoT
Many Internet of Things (IoT) devices have constraints on the amount of energy available to them. Examples include wireless sensors, RFID tags, NFC tags, smart cards and machine-to-machine (M2M) microcontrollers. Like most other connected devices, they need to be secured by cryptography that provides fast identification, authentication and data protection. However, while their low-energy usage confers many advantages in design and applicability, it is also the source of some unique security challenges.
Limited Energy Use and Storage
“Constrained” IoT devices have far lower energy use and storage capabilities than larger machines. For example, while a laptop computer uses 60 watts of power and smartphones typically require 5-12 watts, an average wireless sensor receives just 1 milliwatt. And some types of RFID tags rely on power levels that are significantly lower, in the 1–10 microwatt range.
These low-energy environments are so constrained that commonly-implemented RSA and Diffie-Hellman-type public-key cryptography protocols (e.g. ECC) either can’t address the power constraints, or their performance is so slow that the devices are unsuitable for real-world activities. Furthermore, limited energy storage on some devices results in a finite amount of runtime available to complete all operations, placing additional constraints on the resources available to run a protocol.
Limited RAM and ROM
Low-energy devices also tend to be small, and this represents yet another security challenge. Products like smart lighting, fitness trackers, smartwatches and tire pressure monitoring sensors are designed to have the lowest profile possible to satisfy marketing or engineering needs. These devices have very limited RAM and ROM available for cryptography.
Steep as these challenges are, solutions exist. SecureRF offers several cryptographic methods that can demand as little as 0.7% of the energy and 5-50% of the RAM and ROM required by elliptic curve methods. In addition, gates required for hardware implementations can be reduced by 30% or more as compared to ECC.
To learn how we can secure your low-energy IoT devices or hear about our cryptographic solutions, please contact us or read our white paper on lightweight cryptography, presented at the NIST Workshop in October, 2016.