TY - GEN
T1 - A Symmetric Cipher Response-Based Cryptography Engine Accelerated Using GPGPU
AU - Wright, Jordan
AU - Fink, Zane
AU - Gowanlock, Michael
AU - Philabaum, Christopher
AU - Donnelly, Brian
AU - Cambou, Bertrand
N1 - Funding Information:
This material is based upon the work funded by the Information Directorate under AFRL award number FA8750-19-2-0503. Acknowledgment of support and disclaimer: (a) Contractor acknowledges Government’s support in the publication of this paper. This material is partially based upon the work funded by the Information Directorate, under AFRL (b) Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of AFRL.
Publisher Copyright:
© 2021 IEEE.
PY - 2021
Y1 - 2021
N2 - Many low-powered devices, such as those in the Internet of Things (IoT), require high levels of security. One shortfall of cryptographic systems is the storage of private key information in non-volatile memory that an opponent can read. Client devices can generate private keys on-demand using a physically unclonable function (PUF) to obviate this problem. However, low-powered devices may not have the computational resources to correct for the error in the PUF relative to the initially recorded PUF challenge. Response-based cryptography (RBC), when combined with encrypting schemes such as the Advanced Encryption Standard (AES), addresses this problem by having a secure server perform a search over the key space starting from a client device's initially recorded challenge. We propose an RBC engine based on symmetric ciphers that uses graphics processing units (GPUs). We use the GPU to perform a massively parallel search over the key space to authenticate the client's key(s). The computational requirements for executing the search and authenticating the user within a time threshold, T, increase exponentially. This limits the classes of computers that are able to perform the search. To address this problem, we employ a scheme that generates subkeys from the PUF. This increases the granularity of computational capabilities that are able to perform the RBC search within the selected T=5 s authentication threshold. We compare our algorithm, GRBC, to an OpenSSL-based MPI reference implementation executed on up to 512 CPU cores. Our approach using the GPU achieves superior key search throughput over the CPU.
AB - Many low-powered devices, such as those in the Internet of Things (IoT), require high levels of security. One shortfall of cryptographic systems is the storage of private key information in non-volatile memory that an opponent can read. Client devices can generate private keys on-demand using a physically unclonable function (PUF) to obviate this problem. However, low-powered devices may not have the computational resources to correct for the error in the PUF relative to the initially recorded PUF challenge. Response-based cryptography (RBC), when combined with encrypting schemes such as the Advanced Encryption Standard (AES), addresses this problem by having a secure server perform a search over the key space starting from a client device's initially recorded challenge. We propose an RBC engine based on symmetric ciphers that uses graphics processing units (GPUs). We use the GPU to perform a massively parallel search over the key space to authenticate the client's key(s). The computational requirements for executing the search and authenticating the user within a time threshold, T, increase exponentially. This limits the classes of computers that are able to perform the search. To address this problem, we employ a scheme that generates subkeys from the PUF. This increases the granularity of computational capabilities that are able to perform the RBC search within the selected T=5 s authentication threshold. We compare our algorithm, GRBC, to an OpenSSL-based MPI reference implementation executed on up to 512 CPU cores. Our approach using the GPU achieves superior key search throughput over the CPU.
KW - AES
KW - ChaCha20
KW - GPGPU
KW - Physical Unclonable Function
KW - Response-based Cryptography
KW - SPECK
UR - http://www.scopus.com/inward/record.url?scp=85125650959&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85125650959&partnerID=8YFLogxK
U2 - 10.1109/CNS53000.2021.9705019
DO - 10.1109/CNS53000.2021.9705019
M3 - Conference contribution
AN - SCOPUS:85125650959
T3 - 2021 IEEE Conference on Communications and Network Security, CNS 2021
SP - 146
EP - 154
BT - 2021 IEEE Conference on Communications and Network Security, CNS 2021
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2021 IEEE Conference on Communications and Network Security, CNS 2021
Y2 - 4 October 2021 through 6 October 2021
ER -