Next-Generation Data Security Architectures

Lead Research Organisation: Queen's University of Belfast
Department Name: Electronics Electrical Eng and Comp Sci

Abstract

Dramatic advances in digital wireless technology over the past two decades have led to many exciting developments including the rapid growth of mobile and ubiquitous computing. In the future, through the use of mobile applications and devices embedded in the surrounding environment, users will be offered transparent computing and communication services at all times and in all places. Applications of wireless mobile and ubiquitous computing, such as smart homes and smart automobiles, have already begun to emerge. Security is an important factor that must be taken into consideration if the uptake of this new computing paradigm is to be successful. The capability of digital devices to autonomously interact brings with it significant security and privacy risks for the end user. Therefore, research into data security for next-generation wireless communications applications is essential. This 5-year proposed project involves nearer term and longer term research into the data security requirements associated with emerging applications of mobile and ubiquitous computing: - The realisation of mobile and ubiquitous computing technology will require secure wireless ad hoc networks. An ad hoc network is a collection of wireless mobile nodes forming a temporary network without the aid of any established infrastructure. Security in ad hoc networks is difficult to achieve due to the unique characteristics associated with such networks over traditional wireless networks. Research into the provision of adequate security techniques for homogenous ad hoc networks will be addressed within the proposed research. - The development of resource constrained security architectures that can be integrated into mobile devices is also an essential requirement. Low-cost hardware security designs will be researched since hardware offers real-time security, lower power and is inherently more tamper-proof than software. These advantages are vital if security is to be provided in next-generation wireless applications so that end-users are provided with effective security with little or no overhead cost. - A major problem with hardware security designs implemented on current CMOS-based technology is the fact that the security keys can be uncovered by monitoring the power consumption and applying statistical analysis techniques. Thus, research is required into low-cost and effective countermeasures against such attacks that are suitable for resource constrained applications. - Looking further ahead, CMOS scaling is approaching its limits and the International Technology Roadmap for Semiconductors 2007 forecasts that by the end of the next decade, the introduction of new technologies will be necessary to augment the capabilities of the CMOS process. The longer term research will focus on quantum-dot cellular automata (QCA) nanotechnology, which is being considered as a possible alternative to CMOS. The PI believes that this will be a very attractive technology from which to develop security architectures since it has extremely low power dissipation and therefore, QCA security designs would be immune to power analysis attack.The proposed research into security for homogeneous networks will also be applicable to body sensor network security and security for remote healthcare, both of which are important aspects of the 'Towards next generation healthcare' EPSRC strategic priority. The research into the development of QCA-based security architectures with resistance to DPA attacks falls within the 'Nanosciences through engineering to application' theme. The overall research project also meets the 'Digital Economy' strategic priority. The ability to provided effective low-cost security architectures that fit seamlessly into emerging ICT applications will significantly impact the early adoption and uptake of such applications by end-users who want guaranteed privacy of personal information at no extra cost.
 
Description •A novel framework for cognitive radio networks.
•Novel lightweight security protocols and architectures for RFID. Showed the first time that public-key cryptography can be implemented on low-cost RFID tags.
•Novel side channel analysis (SCA) attack techniques and lightweight SCA countermeasures. The novel application of phase-sensitive detector to pre-process power traces in power analysis-based SCA won best paper at IEEE HOST 2013.
•Novel quantum-dot cellular automata (QCA) circuit design methodologies. Findings to show that QCA security designs could be immune to power analysis attacks.
•A novel Physical Unclonable Function design, which is more compact than previous work.
Exploitation Route In general, we have developed a range of security techniques that can be used to provide the security requirements of lightweight embedded devices.

Some of the lightweight security protocols and designs have been used in a security architecture for an Electric Vehicle Charging Infrastructure.

The PUF design can be used in anti-counterfeiting/anti-cloning applications
Sectors Digital/Communication/Information Technologies (including Software)

 
Description • A spin-out, Sirona Technologies Ltd, was established in 2016 to commercialise the Physical Unclonable Function (PUF) technology. In 2018, a decision was made to not pursue the spin-out root for this IP and to continue efforts in licensing the technology. • Successfully licensed technology to LG-CNS, a subsidiary of the LG electronics group as part of a joint research project (2010-2013) with ETRI, South Korea on Security architectures for an Electric Vehicle (EV) Charging System. • The Physical Unclonable Function technology was licensed for evaluation by a UK Defence company, 2014. • The Physical Unclonable Function technology was used in a demonstrator by Thales to address electronic component counterfeiting. • Collaborative research with University College Cork, Ireland on a hardware performance evaluation of Round 2 SHA-3 Candidates (SHA-3 was a public competition run by the US National Institute of Standards and Technology (NIST) to develop a new cryptographic hash algorithm) was considered in the SHA-3 selection process and presented at the NIST Second SHA-3 Candidate Conference, US, August 2010.
First Year Of Impact 2010
Sector Digital/Communication/Information Technologies (including Software)
Impact Types Societal,Economic

 
Description GCHQ PhD studentship funding
Amount £112,000 (GBP)
Organisation Government Communications Headquarters (GCHQ) 
Sector Public
Country United Kingdom
Start 09/2013 
End 09/2017
 
Description GCHQ PhD studentship funding
Amount £109,000 (GBP)
Organisation Government Communications Headquarters (GCHQ) 
Sector Public
Country United Kingdom
Start 01/2015 
End 01/2019
 
Description InvestNI Proof-of-Concept Funding
Amount £106,000 (GBP)
Organisation Invest Northern Ireland 
Sector Public
Country United Kingdom
Start 10/2013 
End 01/2015
 
Description ETRI Collaboration 
Organisation Electronics and Telecommunications Research Institute (ETRI)
Country Korea, Republic of 
Sector Public 
PI Contribution Jointly involved in the development of a security archtiecture for an Electric Vehicle Charging Infrastructure System - contributed security algorithm and protocol designs.
Collaborator Contribution Contributed to the the development of a security archtiecture for an Electric Vehicle Charging Infrastructure System and contributed an EV demo.
Impact Successfully licensed technology to LG-CNS, a subsidiary of the LG electronics group as part of this joint research project.
Start Year 2010
 
Title Security Architecture for EV Charging Infrastructure 
Description Lightweight security protocols and lightweight crypto primitive hardware designs 
IP Reference  
Protection Protection not required
Year Protection Granted
Licensed Yes
Impact This work has led to the research on PUF design which has significant potential for commercialisation in the future.
 
Description ICT Knowledge Transfer Network (KTN) Cyber Security Summit - talk on Data Security 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Professional Practitioners
Results and Impact Raised significant interest in some aspects of the research.

Interest in collaborative opportunities
Year(s) Of Engagement Activity 2012
 
Description JS Bell Festival - Security in a Post-Quantum World 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach National
Primary Audience Public/other audiences
Results and Impact A lively Q&A session on the topic

Media interest
Year(s) Of Engagement Activity 2014
URL http://www.naughtongallery.org/sites/NaughtonGallery/Exhibitions/
 
Description • Keynote speaker at Cyber Security Technology Research Summit on 'Cryptography in a post quantum computing world', Belfast, March 2014 
Form Of Engagement Activity A talk or presentation
Part Of Official Scheme? No
Geographic Reach International
Primary Audience Professional Practitioners
Results and Impact Raised significant interest in topic

Invitation to organise a panel session at Intel Workshop held in conjunction with Eurocrypt'14
Year(s) Of Engagement Activity 2014