[Resource Topic] 2024/1128: Cryptiny: Compacting Cryptography for Space-Restricted Channels and its Use-case for IoT-E2EE

Resource No category
#1

Welcome to the resource topic for 2024/1128

Title:
Cryptiny: Compacting Cryptography for Space-Restricted Channels and its Use-case for IoT-E2EE

Authors: Liron David, Omer Berkman, Avinatan Hassidim, David Lazarov, Yossi Matias, Moti Yung

Abstract:

We present a novel cryptographic paradigm denoted cryptiny:'' Employing a single cryptographic value for several security goals, thus compacting’’ the communication sent over a space-restricted (narrow) channel, while still proving security. Cryptiny is contrary to the classical cryptographic convention of using a separate cryptographic element for each security goal.

Demonstrating the importance of cryptiny, we employ it for securing a critical IoT configuration in which a broadcasting ``thing’’ (called beacon) operates within stringent bandwidth constraints. In this setting, a compact BLE-broadcasting beacon lacking Internet connectivity efficiently directs brief (non fragmented) messages to its remotely pre-paired owner in real-time. Communication transpires through BLE-to-IP gateway devices denoted observers, (typically smartphones in the beacon’s vicinity), and subsequently via a cloud app server. The gateway device as well, piggybacks on the transmission a secure and private message to the owner. This configuration is a generic setting for the current and future IoT real-time ecosystems, where billion of owners, beacons, and observers operate.

The configuration instances (analogous to TLS instances over the Internet) imposes high security and privacy demands. We prove that our cryptiny-based protocol for securing the above configuration achieves CCA-secrecy for the beacon’s and the observer’s messages with backward and forward security for the observer’s message, as well simultaneously achieving mutual privacy for beacons and for observers. Achieving backward and forward security is important since beacon devices may be far from their owners for a long duration and may be passively tampered with. In addition, for the backward security proof we develop a new encryption scheme we call shifted-DHIES'' (SDHIES’’ for short), which generalizes DHIES. An interesting feature of SDHIES is that encryption is performed with a function of the public key rather than the public key itself.

ePrint: https://eprint.iacr.org/2024/1128

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .