An Energy-Efficient Reconfigurable DTLS Cryptographic Engine for End-to-End Security in IoT Applications

Technology

The novel DTLS cryptographic engine implements security procedures in IoT devices with a decrease in energy and memory expenditure due to its unique ability to implement software and hardware-based security protocols. The hardware system contains energy-efficient accelerators for cryptographic components, such as Advanced Encryption Standard (AES) and Elliptic Curve Cryptography (ECC), to secure the stored data and protect its communication channels with other IoT devices. These accelerators provide significant energy savings and enhanced performance on implementations of DTLS, allowing IoT devices to perform security protocols at a more constant rate and offer a robust security guarantee. The device also contains an optimized hardware implementation of the DTLS protocol, with a dedicated state machine to enable the reduction of code and memory used for security procedures. With lower demand for code and memory, IoT devices focus on their dedicated application programs and, in turn, increase their overall performance.

In addition, the device is capable of implementing DTLS and other security protocols by interfacing with a general-purpose processor, e.g., RISC-V, which instructs specific software to execute these procedures. Thus, this technology is revolutionary in that it facilitates the implementation of end-to-end security on resource-constrained IoT devices through easy on-chip integration of the hardware accelerator. As a result, this technology serves as a practical solution for data and communications security in a wide range of industry sectors that are growingly relying on IoT devices for data collection and distribution.

Problem Addressed

The Internet of Things (IoT) is a network of physical devices that are always connected to the internet- collecting and distributing data. Today, a broad number of economic sectors utilize IoT technologies due to their ability to provide relevant information about the performance of an activity, needed to be monitored and controlled at a distance. For example, medical professionals may use body sensors to observe a patient's condition remotely and in real-time. However, this constant collection of data makes IoT technologies attractive and vulnerable to security threats. Thus, it is essential to ensure data and communication security between the users and cloud servers through end-to-end security. One of the most well-known security protocols is datagram transport layer security (DTLS), which uses cryptographic techniques to authenticate the two user endpoints and establishes shared secret keys to encrypt data. While DTLS is an ideal solution for IoT security, deploying this technique exclusively in software results in a higher CPU and memory usage and prolonged connection time, leading to poor performance in IoT devices. To address these challenges, the inventors have developed a DTLS engine capable of accelerating demanding computational components, such as cryptographic functions, within the physical device. This feature allows for low power and memory consumption, resulting in enhanced security and performance of IoT devices.

Advantages

• Enables two orders of magnitudes in energy savings
• Reduces program code and memory usage by approximately an order of magnitude
• Increases overall IoT device performance
• Enhances data and communication security
• Useful for data-sensitive applications, such as in healthcare and automotive