University develops timer-based encryption to secure device data
Self-powered chips with tiny clocks could be the next step in securing internet-connected devices with stronger encryption, according to research from Washington University in St. Louis.
Instead of using mathematical functions, the chips use millions of timers to create an encryption key for data transmission, which could be more secure as high-powered computing becomes more accessible, said Shantanu Chakrabartty, a vice dean at Washington University’s engineering school.
“The most popular one is the RSA technique that relies on prime factorization,” Chakrabartty said. “It’s very difficult to factorize a number into two primes and [RSA keys] use this difficulty to do high-end encryption. Now, this problem is difficult for a classical computer. But if quantum computing becomes a reality, then these problems become relatively easy.”
The research, which presents the chips as a possible low-cost solution for securing sensors and other internet-connected devices, is set to appear in a journal published by the Institute of Electrical and Electronics Engineers.
Because the chips use a set of timer readings, even if an “eavesdropper” obtains the key, it won’t work because time has passed, Chakrabartty said. The chips will instead self-destruct.
The chips developed by the Washington University team are much smaller than traditional encryption key devices, and are also self-powered. The chip’s timers represent the movement of electrons on the chip through “quantum tunneling.” The movement of those electrons creates power.
Internet-connected devices are used to transmit all sorts of sensitive information, including medical data. Local governments and college campuses are also increasingly using environmental sensors to monitor potentially hazardous conditions.
Despite transmitting large amounts of information, these devices are often left unencrypted, according to a 2020 Palo Alto Networks report. The cybersecurity company found that 98% of all traffic from 1.2 million devices was unencrypted.