algebraic erasertm benefits and implementation of public ...appinions survey/forbes article july 8,...
TRANSCRIPT
June 24th, 2015
Algebraic EraserTM
Benefits and Implementation of Public Key Security forRAIN Tags
Louis Parks CEOMike McGregor COO
World’s first “Linear-in-Time” Security Methods
Addressing
Authentication and Data ProtectionFor the
Internet of Things
“10 Most Influential Internet of Things Companies”Appinions Survey/Forbes Article July 8, 2014
“Cool Vendor in Mobile Security and Internet of Things Security”Gartner, April 23 2015
SINET 16 – Top Emerging Cybersecurity CompaniesSINET November 2014
Counterfeit Tags
Securing Tags• Tags Identify Things
E.g. Supply chain asset value : target for counterfeiting, relabeling, returns etc…Ensure asset is credentialed and within it’s digital rights at the time of identification
• Tags Measure Things
Temperature, force, acceleration, biometrics, light, location, passage through an automotivetoll or access point, etc. Often highly private and havesignificant financial information is associated with the measurementEnsure integrity of measurements while transferring privately, and provably unaltered
• Tags Do ThingsAccess financial accounts, monitor health, operate valves in industrial plants, open accesspoints e.g. car doors, homes, office buildings, etc.Ensure properly credentialed authentic device has the ability to do these things
Securing the Internet of Things
Symmetric – Private Key
“One Private Key”
Symmetric/Private-Key Deployment“Pre-Shared” Keys
Challenge:- Securely distribute Keys- Secure all databases- Single breach – System compromised
Asymmetric MethodExchange Public Keys
16
YX
9Public
Private
Tag Reader
Asymmetric MethodCalculate Shared Secret
16
YX
9Public
Private
Tag Reader
= 34#D82 = 34#D82
Is it really your Tag?
9Public
Key
Tag Reader
CertificateAuthority
“Signs”Tag Public Key ‘9’
9X& X&
CertificateAuthority“Verifies”
Tag Public Key ‘9’
Trusted Identity: Digital Certificate
IC Public Key
Hashed intoSignatures
TAG ID(Photo Optional)
Signaturefrom Manufacturer(plus notations)
Additional Signatures (Optional)
Notations include:• Product Info• Expiry Date• Lot, Serial, Etc.• Geo location data• Package Quantity• Etc.
KeyID
Asymmetric: Diffie- Hellman
Asymmetric: Algebraic Eraser™ (AEDH)
Linear versus Quadratic
Algebraic Eraser
Security Strength
Number ofBit Operations
Per Second(Time)
ComputingThreshold
RSA ECC
EmbeddedSystem
Implementation results
Example ECC v AE ASIC, AMBA 3.0 Lite results
ECC 283 AE B16F256
AE ImprovementClockCycles
Gates Figure ofMerit
ClockCycles
Gates Figure ofMerit
164,823 29,458 4.86E+09 71.7x
85,367 77,858 6.65E+09 3,352 20,206 6.77E+07 98.1x
70,469 195,382 1.38E+10 203.3x
Example Passive RAIN AEDH Implementation
Gates Current Consumption Key Size Computation Timing
< 8K ~12uA 344 Bits 1.897ms to 4.332ms
Algebraic Eraser™
16
Key agreement, the Algebraic Eraser™and Lightweight Cryptography, AmericanMathematical Society : AlgebraicMethods in Cryptography, Vol 418, 2006.
Analysis: Several published (Israeli,Stevens,..) All defeated.
Under review by:
ISO (SC31/WG7, SC27)
IETF (CFRG)
NIST – accepted to July conference
NSA – invited presentation
Secure Supply Chain Solutions
Keeping it Real™
Authenticate – Market - Control
V-Cloud(optional)
Productwith
LIME Tag
OperationsCenter
(Optional)
Reader
Track, Trace,Chain-of-Custody
Global Solution for Global Brands
“Offline (Walmart) Test”
Can you use your reader offlineand still securely identify andauthenticate your product?
Secure IoT Supply Chain
Chain of Custody
SecureRF Packaging Distributor CustomerFoundry
InitialSecure
Sign Cert1/Root
AuthenticateCreate
Sign Cert2
AuthenticateRead/Update
Sign Cert3
AuthenticateRead
AuthenticateRead/Update
Sign Cert4
Cert1
Cert1+Cert2
Cert1+Cert2+Cert3
Cert1+Cert2+Cert3+Cert4
Cert1+Cert2+Cert3+Cert4+Cert5
Veridify Dashboard
Summary
• Security that addresses IoT today
• Public-Key method for RAIN tags that fits
• Supports Authentication and Encryption
• RAIN Solutions for Passive and BAP
• Support/Licensing for your RAIN solutions
• Broad Partner Application Opportunities
SecureRF Corporation100 Beard Sawmill Road, Suite 350, Shelton, CT 06484
Mike McGregorVoice: (203) 227-3151 x1335
Mobile: 408-420-5048Email: [email protected]
Louis ParksVoice: (203) 227-3151 X1301
Mobile: (203) 451-3920Email: [email protected]