Personal data stored on electronic health cards needs to be still secure in many years’ time. However, once quantum computers exist, this is no longer guaranteed for the asymmetric techniques that are currently in use.

In order to test cryptographic techniques for microdevices, the researchers develop the central components of the devices and implement them on evaluation platforms. With their aid, they are able to demonstrate that attackers would not be able to achieve their aim even under optimal lab conditions.

Today, long-term secure cryptographic techniques are integrated in a wealth of everyday items such as in electronic key-lock systems.

1/3

Cryptography for microdevices Data protection against the threats of tomorrow

To implement secure encryption techniques, which would protect from quant computer attacks, is a challenge. There is little space and the devices should not cost too much.

Cryptography is subdivided in the two categories symmetric and asymmetric techniques; the latter are considerably more complex because of their underlying mathematical structures. In symmetric techniques, sender and receiver use the same key to encrypt a message and to subsequently decrypt it. In asymmetric techniques, on the other hand, sender and receiver use different keys that are linked via a mathematic relationship.

Asymmetric encoding techniques are required for many applications with advanced security requirements, for example those for digital signatures.

Asymmetric cryptography uses code pairs made up of two components. One component of the code is public, the other is secret. Both codes are closely linked in mathematical terms; but due to a difficult mathematical problem, it is impossible to reconstruct the private code by using the public component. A message that Alice sends to Bob can be encrypted with Bob’s public code. In order to decode it, Bob’s private code is required, which, however, is known only to him.

The asymmetric techniques that are in use today would no longer be secure if quantum computers existed. Under the umbrella of the EU project Post-Quantum Cryptography, researchers are therefore searching for new cryptographic solutions and implementations. Four categories of mathematic techniques are suited for the purpose: code-based cryptography, lattice-based cryptography as well as cryptography on the basis of systems of multivariate-quadratic equations or cryptographic hash functions.

To this end, the team headed by Prof Dr Tim Güneysu, in close collaboration with the Chair for Embedded Security, has initially identified and analysed promising techniques for implementing them into microdevices, such as hardware chips and Smartcards.

Tim Güneysu is expert for cryptographic techniques for electronic microdevices.

“As yet, we have mostly excluded hash-based cryptography from our studies, because implementation techniques have been thoroughly analysed to date,” says Güneysu. Cryptography via multivariate-quadratic equation systems are not a main aspect of the research, either. The reason is: “The security status of some of the proposed systems has not yet been fully understood. Therefore, we consider it difficult to raise acceptance for several of these systems in practical applications,” explains Güneysu.

Some of the multivariate-quadratic techniques had been introduced as quickly as they were subsequently broken. Accordingly, it is a risk to invest a lot of effort into optimising methods of this category for microdevices.

Techniques with high potential

The IT security expert considers lattice-based and code-based cryptography promising. Not only do those techniques offer the potential to protect from quantum computer attacks, the team has also demonstrated that they can be efficiently implemented in microdevices.

The challenge: to an extent, the new techniques demand for complicated algorithmic computations and large keys, which increase system costs significantly – a major problem if the technology is supposed to be deployed in small and cost-efficient computational systems.

Implementing secure encryption techniques that would protect from quantum computer attacks into microdevices poses a major challenge.

In order to tackle this problem, the researchers deploy alternative representations of those cryptographic techniques, which introduce, for example, structures in the codes aiming at reducing the overall key size. They also optimise algorithmic computations by tailoring them to the target platform. Depending on which technique they used, the researchers were able to consolidate complex steps with other computations or even omitted some of them without reducing the security margin offered by the cryptographic technique.

This is how the team from Bochum has demonstrated that a first step is taken so that today’s microdevices with constrained processor technology can securely communicate, anticipating the upcoming threats in the era of quantum computers.

Download high-resolution images

Conditions of use

The images are free to use for members of the press, provided the relevant copyright notice is included. The images may be used solely for press coverage of Ruhr-Universität Bochum that relates solely to the contents of the article that includes the link for the image download. By downloading the images, you receive a simple right of use for one-time reporting. Saving the images for other purposes or further processing of the images that goes beyond adapting them to the respective layout requires an extended right of use. Should you therefore wish to use the photos in any other way, please contact redaktion@ruhr-uni-bochum.de

I accept the conditions of use.