October 4, 2019
Nippon Telegraph and Telephone Corporation
ISO adopts LightMAC as data authentication technology in their lightweight cryptography standard
Tokyo, Japan - Oct. 4, 2019 - Nippon Telegraph and Telephone Corporation (hereinafter "NTT") is pleased to announce that the data authentication technology LightMAC has been adopted and published in ISO/IEC 29192-6, the international standard for lightweight cryptography. NTT has worked with Katholieke Universiteit Leuven and the Technical University of Denmark to develop and standardize LightMAC. This technology is suitable for resource-constrained IoT devices used in various fields, including agriculture, healthcare and smart houses. By applying LightMAC to small sensors and controllers that constitute IoT systems, we can, for example, improve the security of the entire agricultural IoT platform that realizes cultivation management and harvest prediction, and we can make the entire smart house more secure and robust.
Technical details of LightMAC
Conventional data authentication technology has a problem that, when using a lightweight block cipher having a short block length, the security is degraded when large data is processed. LightMAC solved this problem by using a unique iteration method for block ciphers. This allows LightMAC to take advantage of existing implementations of lightweight block ciphers while still providing the necessary security. In other words, new development costs can be kept to a minimum, data authentication can be performed without imposing a heavy load in a resource-restricted environment, and the security is not compromised even when relatively large data is processed.
Today more and more IoT devices are connected to the Internet for greater convenience, but at the same time security risks due to impersonation of the IoT devices are increased. In order to operate an IoT system securely, it is particularly important that both the control signals and the sensor data are not altered, because the latter is used to decide which control signal should be sent. Accordingly, NTT has been working on the development of data authentication technology, as part of lightweight cryptography, to ensure that control signals and sensor data have not been tampered with. Lightweight cryptography consists of algorithms that are more suitable for environments with limited resources, such as memory and CPU, than general-purpose cryptographic algorithms. However, if the security parameters such as the block length are simply made smaller in order to reduce the processing load, then the security would be degraded accordingly. Hence it has been difficult to utilize lightweight cryptographic algorithms while ensuring the necessary security. NTT has collaborated with Katholieke Universiteit Leuven and the Technical University of Denmark to develop lightweight data authentication technology LightMAC. After developing the technology, we worked together to promote standardization and proposed LightMAC to ISO/IEC 29192, the standard for lightweight cryptography.
NTT will continue to work on research and development to realize secure IoT platforms in various fields. NTT will also promote standardization of lightweight block ciphers that are optimal for use with LightMAC.
* ISO: International Organization for Standardization
* IEC: International Electrotechnical Commission
* Block length: Data input size (i.e. processing unit) of a block cipher. Today the mainstream is 128 bits, but many of the lightweight ciphers have shorter block lengths, e.g. 64 bits.
Nippon Telegraph and Telephone Corporation Service Innovation Laboratory Group Public Relations