Cryptographic Protocols for Confidentiality, Authenticity and Privacy on Constrained Devices

Abstract

Cyber security and privacy protection play a crucial role in modern communication systems. While it is relatively easy to secure classical networks, it is a hard problem to provide even basic security properties, such as confidentiality, integrity, authenticity and privacy, in heterogeneous networks that involve devices with restricted resources. In these environments, such as industrial networks, sensor networks or IoT networks, the protection of user data is still very low. In this paper, we present the design of cryptographic protocols that provide the crucial security and privacy-protection features while they’re fully implementable on constrained devices. First, we present a computationally efficient scheme for the establishment of a secure channel on a device with almost no cryptographic support and very low computational and memory resources. Second, we present a privacy-enhancing scheme for achieving so-called anonymous authentication, that is the verification of user authorization without disclosing her identity. Also in this case we use only very limited support of cryptographic operations and computational resources. Besides the full cryptographic description, we also show the benchmarks based on our implementation of protocols and the way of integration into real-world applications.