Cryptiny: Compacting Cryptography for Space-Restricted Channels and its Use-case for IoT-E2EE

Liron David; Omer Berkman; Avinatan Hassidim; David Lazarov; Yossi Matias; Moti Yung

Paper 2024/1128

Cryptiny: Compacting Cryptography for Space-Restricted Channels and its Use-case for IoT-E2EE

Liron David

, Weizmann Institute of Science and Google

Omer Berkman

, The Academic College of Tel-Aviv Yaffo and Google

Avinatan Hassidim

, Bar-Ilan University and Google

David Lazarov, Google

Yossi Matias

, Tel-Aviv University and Google

Moti Yung

, Columbia University and Google

Abstract

We present a novel cryptographic paradigm denoted ``cryptiny:'' Employing a single cryptographic value for several security goals, thus ``compacting'' the communication sent over a space-restricted (narrow) channel, while still proving security. Cryptiny is contrary to the classical cryptographic convention of using a separate cryptographic element for each security goal. Demonstrating the importance of cryptiny, we employ it for securing a critical IoT configuration in which a broadcasting ``thing'' (called beacon) operates within stringent bandwidth constraints. In this setting, a compact BLE-broadcasting beacon lacking Internet connectivity efficiently directs brief (non fragmented) messages to its remotely pre-paired owner in real-time. Communication transpires through BLE-to-IP gateway devices denoted observers, (typically smartphones in the beacon's vicinity), and subsequently via a cloud app server. The gateway device as well, piggybacks on the transmission a secure and private message to the owner. This configuration is a generic setting for the current and future IoT real-time ecosystems, where billion of owners, beacons, and observers operate. The configuration instances (analogous to TLS instances over the Internet) imposes high security and privacy demands. We prove that our cryptiny-based protocol for securing the above configuration achieves CCA-secrecy for the beacon's and the observer's messages with backward and forward security for the observer's message, as well simultaneously achieving mutual privacy for beacons and for observers. Achieving backward and forward security is important since beacon devices may be far from their owners for a long duration and may be passively tampered with. In addition, for the backward security proof we develop a new encryption scheme we call ``shifted-DHIES'' (``SDHIES'' for short), which generalizes DHIES. An interesting feature of SDHIES is that encryption is performed with a function of the public key rather than the public key itself.

Metadata

Available format(s): PDF
Publication info: Preprint.
Contact author(s): lirondavid @ gmail com
omer berkman @ gmail com
avinatan @ google com
dlazarov @ google com
yossi @ google com
moti @ google com
History: 2024-07-12: approved; 2024-07-11: received; See all versions
Short URL: https://ia.cr/2024/1128
License: CC BY

BibTeX

@misc{cryptoeprint:2024/1128,
      author = {Liron David and Omer Berkman and Avinatan Hassidim and David Lazarov and Yossi Matias and Moti Yung},
      title = {Cryptiny: Compacting Cryptography for Space-Restricted Channels and its Use-case for {IoT}-{E2EE}},
      howpublished = {Cryptology ePrint Archive, Paper 2024/1128},
      year = {2024},
      note = {\url{https://eprint.iacr.org/2024/1128}},
      url = {https://eprint.iacr.org/2024/1128}
}