Cryptology ePrint Archive: Report 2019/840

A Study on the Applicability of the Lesamnta-LW Lightweight Hash Function to TPMS

Yuhei Watanabe and Hideki Yamamoto and Hirotaka Yoshida

Abstract: The Tire Pressure Monitoring System (TPMS) is used to monitor the pressure of the tires and to inform the driver of it. This equipment is mandatory for vehicles in US and EU. To ensure the security of TPMS, it is important to reduce the cost of the cryptographic mechanisms implemented in resourced-constrained devices. To address this problem, previous work has proposed countermeasures employing lightweight block ciphers such as PRESENT, SPECK, or KATAN. However, it is not clear to us that any of these works have addressed the issues of software optimization that considers TPMS-packet protection as well as session key updates for architectures consisting of the vehicle TPMS ECU and four low-cost TPM sensors equipped with the tires. In this paper, we propose to application of the ISO/IEC 29192-5 lightweight hash function Lesamnta-LW to address this issue. Our approach is to apply the known method of converting Lesamnta-LW to multiple independent pseudo-random functions (PRFs) in TPMS. In our case, we generate five PRFs this way and then use one PRF for MAC-generation and four for key derivation. Although we follow the NIST SP 800-108 framework of converting PRFs to key derivation functions, we confirm the significant advantage of Lesamnta-LW-based PRFs over HMAC-SHA-256 by evaluating the performance on AVR 8-bit micro-controllers, on which we consider simulating TPMS sensors. We expect that our method to achieve multiple-purposes with a single cryptographic primitive will help to reduce the total implementation cost required for TPMS security.

Category / Keywords: secret-key cryptography / TPMS, 8-bit micro-controllers, FELICS, Lesamnta-LW, PRF, KDF

Original Publication (in the same form): escarAsia 2018

Date: received 18 Jul 2019

Contact author: yuhei watanabe at aist go jp

Available format(s): PDF | BibTeX Citation

Version: 20190719:134751 (All versions of this report)

Short URL: ia.cr/2019/840


[ Cryptology ePrint archive ]