skip to Main Content

Circumventing Cryptography’s Achilles’ Heel

In the wake of the IoT, new approaches to security, including Physically Unclonable Functions, are called for.

main_01

All modern digital security systems are based on cryptographic algorithms. Cryptographic algorithms scramble data, turn it into gibberish, then unscramble it later, for instance at the other end of a communication line. Usually, these algorithms use secret keys to determine how the scrambling is done.

Because security does not depend on the secrecy of the algorithm used but on the secret key that controls the algorithm, this approach makes it much easier for researchers and users to scrutinize these algorithms and discover any flaws. As a result, cryptographic algorithms have become very good. However, the secret keys have become the Achilles’ heel of modern cryptography. They form a “Trust Anchor” on which security systems are built, but if/when the keys are compromised, the entire chain of trust breaks down like a house of cards.

Today’s “gold standard” for key management is a centralized system that uses Secure Elements (usually smartcard chips) to provide tamper-resistant key storage. Using this model, manufacturers have programmed billions of payment cards, SIM cards, ID cards and mobile phones with unique keys.

This centralized key management model has been very effective, but it also has some problems that make it less suitable in the IoT world.

Read on about what are the issues with today’s solution and how new technologie can provide a robust and scalable alternative.

By Dr. Pim Tuyls, Intrinsic-ID

Continue reading on Embedded Systems engineering

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top