SecureRF, a provider of security solutions for the Internet of Things, has been selected to present their data protection software, Algebraic Eraser, at the National Institute of Standards and Technology (NIST) Lightweight Cryptography Workshop, which runs from July 20 to 21 in Gaithersburg, Maryland. The goal of the workshop is to present solutions for how to secure sensor networks and other low-resource devices.
At the workshop, SecureRF will highlight key findings contained in the report, Algebraic Eraser: A lightweight, efficient asymmetric key agreement protocol for use in no-power, low-power, and IoT devices. According to the report, Algebraic Eraser is designed to work effectively with and provide protection for low-resource devices, which cannot allocate a lot of power or space to data protection. Some examples include radio-frequency identification (RFID), microcontrollers, and integrated circuits.
This makes Algebraic Eraser useful for a number of different industries, including defense, medical, and even the automotive industry. In addition, there are a number of different activities that Algebraic Eraser can carry out. It can be used for authenticating a device on a network, protecting data as it is streamed from one device to another, and encrypting and decrypting data.
“SecureRF is honored to be selected to present what we believe to be a next generation asymmetric security protocol,” SecureRF CEO Louis Parks said in a statement. “The Algebraic Eraser is the world’s first and only linear-in-time algorithm that offers an ultra-low power, very fast security solution to address devices that are part of the Internet of Things. We are excited to have our methods reviewed by NIST and look forward to presenting the details of the Algebraic Eraser to conference attendees.”
There are two main ways to encrypt data: private-key and public-key systems. In a private-key system, two users share the same private key and use it to encrypt data when sending it to each other. However, these secret keys can be easily compromised. This vulnerability led to the discovery of an alternative, called the public-key, or asymmetric system.
Algebraic Eraser is designed to run on such as system. In a public-key system, each user is assigned a specific private key and a mathematically-related public key. When someone wants to send someone else a message, they encrypt their message using the other user’s public key. When the other user wants to decrypt the message, they use the encrypted message and their private key.
The private keys are unique to each user as opposed to shared, making the public-key system more secure. The Diffie-Hellman system, which is what Algebraic Eraser utilizes, further ensures security by having each user encrypt the message using their own private key and the other user’s public key to create a shared and secret key.
“At its core is a highly specialized function (replacing the standard system’s operations), known as E-Multiplication, which brings together these mathematical tools and enables the system to provide high-speed security without overwhelming the memory and power available,” the report stated. “This core function is highly resistant to reverse engineering due to connections with to mathematically intractable problems.”
In 2010, SecureRF was granted US Patent 7,649,999, called “Method and apparatus for establishing a key agreement protocol,” for coming up with a secure method that generates a key in linear time, which allows Algebraic Eraser to run using fewer resources.
The goal of the NIST workshop is to talk about cryptographic software in relation to interconnected devices such as sensor networks. In these types of systems, it is difficult to alter algorithms to be as effective as they are for desktop computers, meaning that they have fewer protections. On July 21, Derek Atkins, chief technology officer of SecureRF, will present the Algebraic Eraser as a quick and efficient solution to this problem.
Security and protection of data is a growing concern, as more and more people transmit secure data through the internet. While most individuals and organizations understand the need for security with computers, SecureRF would like to raise awareness of the fact that sensor systems and other interconnected networks need to be secured.
“As ubiquitous as the Internet is today, it was not until the 1990’s that the necessary security protocols were put in place that enabled users to function securely while online,” SecureRF said in the paper. “For example, the online revolution in the financial sector, e-commerce, and medical records, all rely on the security breakthrough provided by public-key cryptography.”
The report added, “In many respects we are at a similar evolutionary point with embedded systems, wireless sensor networks, and RFID technologies. The solutions that enabled the Internet revolution are not suitable to these low-resource environments; a new generation of public-key infrastructure needs to emerge.”