Article Preview
TopIntroduction
Random numbers play an essential role in cryptographic applications. The journey started long back in 1983 when the scientists from the University of California presented their work on random number generation. This work is commonly known as the Blum Sub generator (Blum, 1986). IoT is also known as the constrained environment because devices used in this network are low powered. These devices are not capable of performing complex mathematical calculations because of the large number of Circuit Gates, more than 2000 Gate Equivalent (GE), used. The EPCglobal® restricts the GE to be less than 2000 for the use in constrained devices (GS1, 2013). Hence the researcher needs some sort of less complicated procedure for their calculations. Mathematicians find that the computational power required for shift operations needs much lower power than the other mathematical operations. The researcher can use any of the listed shift operations (left shift, right shift, circular shift, etc.) to permute their bit sequences (GUPTA et al., 2020).
Some test suites are there to examine the randomness of generator functions. One can test RNG work on Diehard battery designed by Marsaglia or on TestU01 suite with 6 test batteries (Small Crush, Crush, Big Crush, Alphabit, and Rabbit batteries and a pseudo-NIST battery) designed by L'ecuyer and Simard, or on the NIST test suite having 15 tests. The National Institute of Statistics and Technology released SP800-90 (a, b, c) recently (Rukhin et al., 2010).
Here, the authors are following the specifications given by the National Institute of Standards and Technology. A uniform and independent distribution of both the digits (zero and one), is the prime requirement from an ideal random number generator. A random number generator used in current cryptographic applications is a sequence of 26-bit or 32-bit discrete values. One can further divide random number generators into two parts; True Random Number Generators (TRNGs) and Pseudo Random Number Generators (PRNGs). The natural source of randomnesses like oscillators or thermal noise is in use for the generation of exact random numbers. These sources are unpredictable because of entropy. This variation produces a random output. Pseudo Random Number Generators (PRNGs) or Deterministic Random Number Generators (DRNGs) are purely based on programming (Gupta & Kumar, 2019).
Peris et al. presented their work in 2007 in which they generated some random numbers and then applied genetic programming on them to create a large number of sequences. They, however, are not that efficient in terms of circuit gate count but somehow manage to be less than 2000 GE (minimum requirement to name any algorithm lightweight) (Peris-Lopez et al., 2009). In 2008, Che et al. proposed a new method of generating random numbers by using valid random physical sources, like low-frequency oscillators and thermal noise generators. As they create output bits using very little power, one can use it as a component in his/her RNG design (Che et al., 2008). Electronic Product Code (EPCglobal®) issues some specifications regarding the manufacturing details of tags and readers. One should follow these restrictions to make their security design compatible with lightweight cryptographic applications. Any random number generator should go through the NIST suite to test their randomness. Many other tests are also available like the ENT test, David Sexton’s battery, Diehard suite to check the randomness in obtained sequences.
IoT devices are having many constraints related to computation power and memory etc. Many existing cryptographic algorithms of security could not work with IoT devices because of these constraints. Since the sensors are used in large amounts to collect the relevant data in an IoT environment, and different sensor devices transmit these data as useful information, the first thing that needs to be secure is the identity of devices. The second most important thing is the reliable information transmission between a sensor node and a sink node. While designing the cryptographic method in the IoT environment, programmers need to keep in mind the power limitation of the constraint devices. Mutual authentication between devices and encryption-decryption of messages need some sort of secure key. In the proposed cryptographic environment, there will be a hierarchical clustering, and devices will get registered by the authentication center at the time they enter the cluster. The devices will get mutually authenticated before initiating any conversation and will have to follow the public key protocol.