Prior to 2007

Cryptography: Who will protect you from ubiquitous computing?

Upon hearing the word cryptography, one might innocently associate it with encryption, thereby assuming that the research performed relates to the familiar protection of private data on computers and wireless networks. Walking into the CRIS lab then, one may expect extensive electronic equipment. Yet one will find only a few computers and many desks.

Please note the image:CRIS lab members (L-R) Ph.D students Jens-Peter Kaps, Serdar Pehlivanoglu, Selcuk Baktir, with Professors Berk Sunar and Wenjing Lou.

CRIS Mission

The mission of the CRIS group is to address both short-term and long-term challenges encompassing a multitude of interconnected security problems spanning across several disciplines. Most recently, the laboratory is focused on developing new security technologies to ensure the safety of all facets of the communication infrastructure bridging the gap between cutting edge research and solid engineering practices, thus providing the perfect setting for the education of next generation security experts and cryptographers.

One of the most recent missions of the CRIS lab researchers involves research and development projects that will provide security for ultra-low power devices. In particular, low-power devices are the core of ubiquitous computing, a fancy way for describing the not-so-futuristic idea of computing existing everywhere. For example, ultra low-power devices can be found in the wireless distributed sensor networks that have already been implemented in wildlife monitoring and military target tracking. Devices such as these wireless sensors operate on micro-Watts, a power level by comparison that is orders of magnitude lower than that employed by a typically cell phone. Another example of low-power devices are RFIDs [sidebar] which are currently being introduced in the consumer supply chain. Since the power resources of these devices are so limited, providing security is a significant challenge.

The bottom line? Some level of security is imperative and obviously needed. The primary difficulty rests in the limited power resources of the device. In particular, research is currently being conducted to challenge the assumption that public key cryptography is not possible in ultra-low power devices like RFIDs. Challenges such as this are being tested by members of the CRIS lab where for example, they are working to improve the energy efficiency of existing algorithms and to develop new, energy and algorithmically efficient algorithms.

Public-key algorithms are particularly intriguing as a CRIS research focus in part because they are based on arithmetic in large rings or finite fields with very long numbers ranging up to 1000 bits. Improving the overall efficiency of these algebraic algorithms for embedded applications where computational power and storage is limited is the basis of one specific topic of research.

Research is also being performed to develop faster yet area efficient arithmetic architectures. A relatively new cryptographic scheme based on elliptic curves has recently emerged and is the foundation for this research project. Elliptic curve Crypto algorithms have important benefits compared to traditional systems because they allow for keys in the range of 150-250 bits. A faster execution time with a comparable security level is the result. The CRIS lab is concentrating on the development of fast software algorithms and fast and efficient hardware architectures for elliptic curve Crypto algorithms.

Funding

The CRIS laboratory is supported by three major grants totaling over one million dollars. From the National Science Foundation, the CRIS lab has received an Information Technology Research Award for $436,000 over three years. Dr. Sunar has also received a prestigious National Science Foundation Faculty Early Career Development (CAREER) award of $330,000 for five years. Finally, additional funding comes from a collaboration between Intel Corporation and WPI's CRIS lab for research into implementing cryptographic security features for network processors.

Conferences and Publications

CRIS lab research and development is made public through a number of venues, perhaps the most well known being the nationally recognized and WPI initiated Workshop on Cryptographic Hardware and Embedded Systems (CHES). The most recent and 7th annual CHES workshop was sponsored by CRIS/WPI and held in Boston in August, 2004. More than two hundred participants attended the workshops, bringing together top researchers from industry, academic, and government organizations.

Professor Sunar serves on the CHES Steering Committee and organized the recent CHES 2004 conference. Sunar is also co-editor for CHES 2005 to be held in Edinburgh Scotland. In addition to being Director of the CRIS lab, Professor Sunar also advises senior projects at General Dynamics in Needham as an introduction for undergraduate students to engineering design in cryptography.

CRIS lab collaborators include Professor William Martin of the Mathematical Sciences department and ECE Professor Wenjing Lou who is particularly interested in network security technologies.

For Further Reading

Check out the CRIS Lab Web site.

At least one (of many) interesting references for ubiquitous computing as it particularly relates to hand held devices. There are numerous other references on the web to ubiquitous computing as well.

A general references to cryptography can be found at many links, including a general overview and an elliptic curve cryptography tutorial. For the more esoteric future of cryptography, check out this quantum computing tutorial.

Those interested in quantum cryptography are directed to the January 2005 issue of Scientific American for an interesting review and update on the status of this exciting and emerging technology.

Finally, take a look at the low power cryptography research being performed at WPI.

Acknowledgements

Many thanks to WPI undergraduate ECE student Valery Sheridan for researching and writing this article.

RFID

RFID stands for Radio Frequency Identification Devices and refers to the tiny device that is similar to a price tag or barcode on a product in stores. The optimistic future of RFID applications involves the attachment to all products in a store, enabling a store to have 100% knowledge of stock and inventory. RFIDs would enable one to pay for products and services using a card that never leaves one's pocket. RFIDs mean stock levels kept to a minimum and shortened lead times, leading to an elimination of cost of every level and a reduction in prices.

Since RFIDs rely on a wireless connection, without security the privacy of the consumer and retailer are at risk. Without security criminal activity would not be limited to just theft identity but also include being able to read credit card numbers and tracking individuals as they go about their daily activities. For retailers, the risk is just as great. By imitating the electronic signals of all kinds of products, criminals would be able to virtually counterfeit by disguising empty pallets of product as full. Also, by meshing interference with an RFID base station, a hacker could confuse a store's inventory system. Clearly, low power and efficient security mechanisms for systems such as RFID are critically important.

The CRIS laboratory has taken on the challenge of developing a full set of cryptographic functions optimized for these ultra-low power devices. Read more about ultra-low power devices...

 

June 1, 2005