IoT and OT Security and Cryptography
Technical Papers and White Papers

 

Learn more about Veridify’s quantum-resistant cryptography methods for IoT amd OT security. Read through our technical papers and white papers. If you have additional questions, Veridify’s engineering team and cryptographers can assist you. Contact us

White Papers

  • “A Future-Proof Authentication and Security Solution for Existing Industrial IoT Systems,” Derek Atkins, March 2019.
    • Summary: This paper describes an IoT security gateway solution that Intel PSG commissioned Veridify to develop.  Using an Intel MAX® 10 FPGA, Veridify created a solution that can be retrofitted to existing systems and provide secure communication, authentication, and authorization protection to legacy IoT devices by integrating into the communication stream between the device and its controller. The security add-on would sit as a bump-in-the-wire (BitW) between the legacy device and the other end of the communication link, protecting that link from attack. Access the Paper
  • “An Introduction to Cryptographic Security Methods and Their Role in Securing Low Resource Computing Devices," Updated May 2021.
    • Abstract: An overview of public-key cryptosystems based on RSA, Diffie-Hellman and Group Theoretic Cryptography, along with a review of next-generation of public-key cryptographic security for low-resource computing devices. Access the Paper
  • “An Introduction to the Mathematics of Braids,” Dr. Iris Anshel, Summer 2015.
    • Abstract: Braids are abstract mathematical objects. The connection between the braid group, which is infinite, and the collections of permutations, which is finite, facilitates the development of cryptographic applications of the braid group including the Algebraic Eraser. Access the Paper
  • “Colored Burau Matrices, E-multiplication, and the Algebraic Eraser Key Agreement Protocol: An introduction to the Algebraic Eraser,” Iris Anshel, Summer 2015. Access the Paper
  • “Security in Low Resource Environments,” January 2006. Abstract: A business paper that focuses on the difficulty current public key protocols have in addressing security issues in low resource environments. Access the Paper

Technical Papers by Veridify and Others

  • “WalnutDSA: A Quantum-Resistant Digital Signature Algorithm,” Iris Anshel, Derek Atkins, Dorian Goldfeld, and Paul E. Gunnells, Updated September 2020.  Accepted for publication. International Journal of Computer Mathematics: Computer Systems Theory.
    • Abstract: This paper presents an in depth discussion of WalnutDSA, a quantum resistant public-key digital signature method based on the one-way function E-multiplication. A key feature of WalnutDSA is that it provides very efficient means of validating digital signatures which is essential for low-powered and constrained devices. This paper presents an in-depth discussion of the construction of the digital signature algorithm, and delves deeply into the underlying mathematics that facilitates analyzing the security of the scheme. When implemented using parameters that defeat all known attacks, WalnutDSA is among the fastest quantum resistant signature verification methods; it performs orders of magnitude faster than ECC, even on low-end embedded hardware. WalnutDSA delivers a 12-25x speed improvement over ECDSA on most platforms, and a 31x speed improvement on a 16-bit microcontroller, making it an ideal solution for low-resource processors found in the Internet of Things (IoT). Access the paper.
  • “Ironwood Meta Key Agreement and Authentication Protocol,” Iris Anshel, Derek Atkins, Dorian Goldfeld, and Paul E. Gunnells,  Advances in Mathematics of Communications, 2020, doi: 10.3934/amc.2020073.
    • Abstract: Number theoretic public-key solutions, currently used in many applications worldwide, will be subject to various quantum attacks, making them less attractive for longer-term use. Certain group theoretic constructs are now showing promise in providing quantum-resistant cryptographic primitives, and may provide suitable alternatives for those looking to address known quantum attacks. In this paper, we introduce a new protocol called a Meta Key Agreement and Authentication Protocol (MKAAP) that has some characteristics of a public-key solution and some of a shared-key solution. Specifically it has the deployment benefits of a public-key system, allowing two entities that have never met before to authenticate without requiring real-time access to a third-party, but does require secure provisioning of key material from a trusted key distribution system (similar to a symmetric system) prior to deployment. We then describe a specific MKAAP instance, the Ironwood MKAAP, discuss its security, and show how it resists certain quantum attacks such as Shor's algorithm or Grover's quantum search algorithm. We also show Ironwood implemented on several "internet of things" (IoT devices), measure its performance, and show how it performs significantly better than ECC using fewer device resources. Access the Paper
  • “A System for Generating Group Elements for Cryptographic Applications” A Veridify provisional patent which expired June 5, 2019.  Access the spec and access the drawings.
  • “Defeating the Hart, et al, Buellens-Blackburn, Kotov-Menshov-Ushakov and Merz-Petit Attack on WalnutDSATM Iris Anshel, Derek Atkins, Dorian Goldfeld and Paul E. Gunnells, May 2019. Access the Paper.
  • “Defeating the Merz-Petit Attack on WalnutDSATM Iris Anshel, Derek Atkins, Dorian Goldfeld and Paul E. Gunnells, February 2019. Access the Paper
  • “Defeating the Kotov, Menshov, Ushakov Attack on WalnutDSATM Iris Anshel, Derek Atkins, Dorian Goldfeld and Paul E. Gunnells, January 2019. Access the Paper
  • “Defeating the Buellens-Blackburn Attacks on WalnutDSATM Iris Anshel, Derek Atkins, Dorian Goldfeld and Paul E. Gunnells, January 2019. Access the Paper
  • “Defeating the Hart, Kim, Micheli, Pascuel-Perez, Petit, Quek Attack on WalnutDSATM Iris Anshel, Derek Atkins, Dorian Goldfeld and Paul E. Gunnells, January 2019. Access the Paper
  • “Kayawood, a Key Agreement Protocol,” Iris Anshel, Derek Atkins, Dorian Goldfeld, and Paul E. Gunnells, November 2017.
    • Abstract: This paper introduces Kayawood Key Agreement ProtocolTM (Kayawood KAPTM), a new group-theoretic key agreement protocol, that leverages the known NP-Hard shortest word problem (among others) to provide an Elgamal-style, Diffie-Hellman-like method. This paper also (i) discusses the implementation of and behavioral aspects of Kayawood, (ii) introduces new methods to obfuscate braids using Stochastic Rewriting, and (iii) analyzes and demonstrates Kayawood’s security and resistance to known quantum attacks. Access the Paper
  • “Hickory Hash: Implementing an Instance of an Algebraic Eraser Hash Function on an MSP430 Microcontroller,” Iris Anshel, Derek Atkins, Dorian Goldfeld, and Paul E. Gunnells, November 2016.
    • Abstract: Recently a novel family of braid based cryptographic hash function candidates was published, claiming to be suitable for use in low resource environments. It was shown that the new hash function family performed extremely well on a range of cryptographic test suites. In this paper, we instantiate an instance of the hash family, called Hickory Hash, fix a set of parameters, implement it on a Texas Instruments MSP430 16-bit microcontroller, and compare its performance characteristics to SHA2. We show that the Hickory Hash can be a viable tool for low-power, constrained devices like those associated with the Internet of Things. Access the Paper
  • “Post Quantum Group Theoretic Cryptography,” Iris Anshel, Derek Atkins, Dorian Goldfeld and Paul E. Gunnells, November 2016.
    • Abstract: Thanks to Shor’s quantum factoring algorithm, the most prevalent asymmetric cryptographic systems (RSA, ECC) are now known to be vulnerable to attack by sufficiently powerful quantum computers. In this paper, we discuss three Group Theoretic cryptographic protocols known as WalnutDSA (a digital signature algorithm), Hickory (a cryptographic hash function), and IronwoodKAP (a key agreement protocol), in the context of post-quantum cryptography. Unlike the classical public key protocols, the algebra underlying Walnut, Hickory, and Ironwood is non-abelian. We present evidence that these protocols are not susceptible to the quantum attacks known to be effective on RSA and ECC, and conclude that Group Theoretic Cryptography is a viable candidate for post-quantum cryptography. Access the Paper
  • “A Class of Hash Functions Based on the Algebraic Eraser,” Iris Anshel, Derek Atkins, Dorian Goldfeld, and Paul E. Gunnells, Groups Complexity Cryptology, Volume 8, Issue 1, May 2016. View the Peer-Reviewed Article
  • “Defeating the Ben-Zvi, Blackburn, and Tsaban Attack on the Algebraic Eraser,” Iris Anshel, Derek Atkins, Dorian Goldfeld, and Paul E. Gunnells, Submitted on January 18, 2016. Access the Paper
  • “Defeating the Kalka–Teicher–Tsaban Linear Algebra Attack on the Algebraic Eraser,” Dorian Goldfeld and Paul E. Gunnells, Submitted on February 3, 2012. Access the Paper
  • “On the Cryptanalysis of the Generalized Simultaneous Conjugacy Search Problem and the Security of the Algebraic Eraser,” Paul E. Gunnells, Submitted on May 5, 2011. Access the Paper
  • “Short Expressions of Permutations as Products and Cryptanalysis of the Algebraic Eraser,” Arkadius Kalka, Mina Teicher, and Boaz Tsaban, Submitted on April 3, 2008 (last revised March 6, 2012). Also published in Advances in Applied Mathematics, Volume 49, Issue 1, July 2012, Pages 57-76. Access the Paper
  • “Cryptanalysis of Anshel-Anshel-Goldfeld-Lemieux Key Agreement Protocol,” Alex D. Myasnikov and Alexander Ushakov, Submitted on January 30, 2008. Access the Paper