Tiny keys hold big secrets: On efficiency of Pairing-Based Cryptography in IoT

Abstract

Pairing-Based Cryptography (PBC) is a sub-field of elliptic curve cryptography that has been used to design ingenious security protocols including Short Signatures (SS), Identity-Based Encryption (IBE), and Attribute-Based Encryption (ABE). These protocols have extremely promising applications in diverse scenarios, including Internet of Things (IoT), which usually involves computing devices with limited processing, memory, and energy capabilities. Many studies in the literature evaluated the performance of PBC on typical IoT devices, giving promising results, and showing that a large class of constrained devices can run PBC schemes. However, in the last years, new advancements in Number Field Sieve algorithms threatened the security of PBC, so that all protocols must be re-parametrized with larger keys to maintain the same security level as before. Therefore, past literature reporting PBC performance on IoT devices must be redone because optimistic, and it is not clear whether present IoT devices will bear PBC. In this paper we evaluate the performance of some prominent PBC schemes on a very constrained device, namely the Zolertia RE-Mote platform, which is equipped with an ARM Cortex-M3 processor. From our experiments, the usage of IBE and SS schemes is still possible on IoT devices, but the security level is limited to 80 or 100 bits. Reaching greater security levels leads to higher execution times, which might not be compatible with many IoT applications. The usage of ABE is efficient only with IoT-oriented schemes, which offer good performance at the cost of a limited policy expressiveness.