Hitachi, Ltd. and KU Leuven, Belgium, announced that Chaskey, the jointly developed message authentication technology for small IoT devices, was adopted as international standard for lightweight cryptography ISO/IEC 29192-6, after obtaining final approval from the International Organization for Standardization (ISO). The standardization was made possible with the cooperation of the National Institute of Advanced Industrial Science and Technology (AIST). Chaskey enables high-speed processing with less memory than other cryptographic technologies. The standard enables the introduction of security to small components of critical infrastructure and vehicle systems resulting in an overall more secure infrastructure.
The development of IoT technology has connected a broad range of devices to the Internet, which has enabled convenient and ubiquitous access to information. However, this has also led to an increased need for security management, to prevent the leakage of information and to protect the privacy of users. During the last years, ISO has been working the standard ISO/IEC 29192 that specifies lightweight cryptography for small IoT devices. In order to manage IoT systems safely in real time, there is a need for fast and authenticated transfer of sensor and control information in order to enable correct and in-time control decisions. However, computational and memory resources in small IoT devices are limited. This creates a need for new cryptographic algorithms that are fast and that require limited memory. Together Hitachi and KU Leuven have developed the Chaskey algorithm that can protect authenticity of information in small IoT devices. Chaskey requires five time less memory and reportedly is two to seven times faster than current standards. Chaskey can be characterized as follows.
1. Parameter selection technology that realizes high speeds with various CPUs
Chaskey utilizes the ARX design that uses the basic operations present in every CPU. The ARX design yields a small memory footprint and uses operations that are aligned with the register size of the CPU. The KU Leuven has developed a special tool that allows to fine-tune the parameters of the algorithm to achieve high-speed processing with 8-bit to 32-bit CPUs present in small IoT devices.
2. Construction of message authentication function suited to IoT data processing
With IoT systems, there is a need for low latency data processing of short strings for sensor data and control commands. There is also a need to quickly change cryptographic keys, which is known as key agility. It has been shown that the Even-Mansour technique developed for block ciphers can be used in Chaskey to achieve fast and secure key expansion resulting in a very high key agility.
Starting with Chaskey, Hitachi and KU Leuven will apply cryptographic technology to innovative products and will continue their research collaboration on critical infrastructure security in order to create a safe and secure digital society.