摘 要:
随着物联网的快速发展,受限设备的安全性受到了严重的挑战,轻量级密码作为受限设备的主要安全措施受到越来越多研究人员的关注。针对轻量级密码的设计策略、安全性和实现性能问题的研究进展作了综述。阐述了轻量级密码常用的设计策略及设计中的关键问题,并对当前典型和常见的轻量级密码从原理、实现机制等诸多方面进行了分析和讨论。归纳总结了轻量级密码安全分析的常用方法,并强调了旁路攻击的威胁与加入防护机制时应注意的问题;从轻量级密码性能的各项重要指标的角度详细对比和分析了现有的轻量级密码算法,指出了面向硬件和面向软件实现的轻量级密码各自适用的场合;最后进一步指明了当前轻量级密码研究中尚未解决的一些难题和未来可能发展的方向。结合轻量级密码自身特征和其应用的环境等特点,指出轻量级密码安全性和实现性能的综合评估是未来值得不断深入研究的问题。
关键词:轻量级密码;安全分析;性能评估;受限设备
中图分类号: TP391
文献标志码:A
英文标题
Review on lightweight cryptography suitable for constrained devices
英文作者名
YANG Wei1*, WAN Wunan1, CHEN Yun2, ZHANG Yantao2
英文地址(
1.College of Information Security Engineering, Chengdu University of Information Technology, Chengdu Sichuan 610225, China;
2.Applied Cryptography Institute, Chengdu University of Information Technology, Chengdu Sichuan 610225, China
英文摘要)
Abstract:
With the rapid development of the Internet of Things (IoT), security of constrained devices suffer a serious challenge. LightWeight Cryptography (LWC) as the main security measure of constrained devices is getting more and more attention of researchers. The recent advance in issues of lightweight cryptography such as design strategy, security and performance were reviewed. Firstly, design strategies and the key issues during the design were elaborated, and many aspects such as principle and implementation mechanisms of some typical and common lightweight cryptography were analyzed and discussed. Then not only the commonly used cryptanalysis methods were summarized but also the threat of side channel attacks and the issues should be noted when adding resistant mechanism were emphasized. Furthermore, detailed comparison and analysis of the existing lightweight cryptography from the perspective of the important indicators of the performance of lightweight cryptography were made, and the suitable environments of hardwareoriented and softwareoriented lightweight cryptography were given. Finally, some uesolved difficult issues in the current and possible development direction in the future of lightweight cryptography research were pointed out. Considering characteristics of lightweight cryptography and its application environment, comprehensive assessment of security and performance will be the issues which worth depth researching in the future.
英文关键词Key words:
LightWeight Cryptography (LWC); cryptanalysis; performance evaluation; constrained device
0 引言
随着信息技术、计算机技术以及微电子技术的高速发展,计算和通信功能已经可以在更小、更低端的嵌入式设备中实现。这类微型嵌入式设备的典型代表有智能卡、射频识别(Radio Frequency Identification, RFID)标签、无线传感器、个人数字助理终端(Personal Digital Assistant, PDA)等,它们因为只有有限的计算能力、存储空间和能量来源而被称为资源受限设备,简称受限设备。近两年物联网的发展,使得这类受限设备的应用越来越广泛,而许多应用会涉及一些敏感的金融交易、健康监控或生物统计数据,为了给这类受限设备所存取、传输的信息提供合适的安全保护,轻量级密码(LightWeight Cryptography,LWC)应运而生,并成为密码学的一个研究热点。
轻量级密码是依据密码的应用环境、实现时的资源需求而提出的一个概念。轻量级是相对于普通密码提供的安全保护级别和实现所需资源而言的。以RFID标签和无线传感器为例,这些小型嵌入式设备不同于传统的台式机和高性能计算机,计算能力相对较弱,可用存储较小,且多为电池供电,对能耗、成本要求十分严格。低端的RFID标签大概有1000~10000GE(GE为等效门数,表示独立于制造技术的数字电路复杂性的度量单元),其中可用于实现安全组件的只有200~2000GE [1],这使得许多在设计时没有考虑受限设备情况的优秀的传统密码如AES、IDEA并不适用于这些设备。因此设计专门适用于资源受限设备的密码算法成为必然要求。近几年,随着物联网的安全问题成为重要的研究课题,很多轻量级密码算法,包括轻量级分组密码、流密码、公钥密码和Hash函数被提出。相关领域的学者也开始对轻量级密码进行大量研究,这些研究主要集中在轻量级密码的设计、安全性分析以及实现性能评估等方面。本文对轻量级密码的研究进展进行归纳总结,首先阐述了轻量级密码设计时的侧重点、设计目标和关键问题,随后对一些典型的轻量级对称密码、非对称密码和Hash函数进行分类介绍;其次简要阐述了轻量级密码的安全分析目的和常用方法,着重强调了轻量级密码应注意防范旁路攻击;接着介绍对轻量级密码进行实现性能评估的目的,以及在评估硬件实现性能和软件实现性能时所采用的衡量指标,并指出了不同实现的轻量级密码的适用场合;最后提出轻量级密码的一些亟待研究的问题和应用前景。
