Cryptology ePrint Archive: Report 2016/982
Securing Systems with Scarce Entropy: LWE-Based Lossless Computational Fuzzy Extractor for the IoT
Christopher Huth and Daniela Becker and Jorge Guajardo and Paul Duplys and Tim Güneysu
Abstract: With the advent of the Internet of Things, lightweight devices
necessitate secure and cost-efficient key storage. Since traditional
secure storage is expensive, the valuable entropy could originate from
noisy sources, for which fuzzy extractors allow strong key derivation.
While providing information-theoretic security, fuzzy extractors require
large amount of input entropy to account for entropy loss in the key
extraction process. It has been shown by Fuller et al.  that the entropy
loss can be reduced if the requirement is relaxed to computational
security based on the hardness of the Learning with Errors problem.
Using this computational fuzzy extractor, we show how to construct a
device-server authentication system providing outsider chosen perturbation
security and pre-application robustness. We present the first implementation
of a lossless computational fuzzy extractor where the entropy
of the source equals the entropy of the key on a constrained device.
The implementation needs only 1.45KB of SRAM and 9.8KB of Flash
memory on an 8-bit microcontroller. We compare our implementation to
existing work in terms of security, while achieving no entropy loss.
Category / Keywords: implementation / Computational fuzzy extractor; Learning with errors; Authentication system; Implementation
Date: received 11 Oct 2016
Contact author: christopher huth at de bosch com
Available format(s): PDF | BibTeX Citation
Version: 20161015:190825 (All versions of this report)
Short URL: ia.cr/2016/982
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]