Researchers at MIT have created an incredibly effective microchip that can enable wireless biomedical devices, such as insulin pumps and pacemakers, to use post-quantum cryptography techniques. These wearable, ingestible, or implantable devices typically have insufficient power to carry out these computationally intensive security measures.
The new chip could enable next-generation wireless medical devices to maintain strong security even as quantum computing becomes more prevalent. Image Credit: Courtesy of the researchers, MIT
As quantum computers continue to develop, they are expected to compromise established security schemes that currently protect most sensitive data from attackers. Scientists and policymakers are therefore working to develop and deploy post-quantum cryptography to guard against these emerging threats.
The tiny chip, roughly the size of a fine needle tip, also incorporates built-in safeguards against physical hacking attempts that can circumvent encryption to access user data, such as a patient’s Social Security number or device credentials. The new technique is more than an order of magnitude more energy-efficient than previous designs.
As quantum computing becomes more common, the new chip may eventually make it possible for next-generation wireless medical equipment to maintain robust security. It could also be used for a variety of resource-constrained edge devices, such as smart inventory tags and industrial sensors.
Tiny edge devices are everywhere, and biomedical devices are often the most vulnerable attack targets because power constraints prevent them from having the most advanced levels of security. We’ve demonstrated a very practical hardware solution to secure the privacy of patients.
Seoyoon Jang, Study Lead Author and Electrical Engineering and Computer Science (EECS) Graduate Student, Massachusetts Institute of Technology
Jang is joined on the study by Saurav Maji; visiting scholar Rashmi Agrawal; EECS graduate students Hyemin Stella Lee and Eunseok Lee; Giovanni Traverso, an associate professor of mechanical engineering at Massachusetts Institute of Technology, a gastroenterologist at Brigham and Women's Hospital, and an associate member of the Broad Institute of MIT and Harvard; and senior author Anantha Chandrakasan, MIT provost and the Vannevar Bush Professor of Electrical Engineering and Computer Science. The study was recently presented at the IEEE Custom Integrated Circuits Conference.
Stronger Security
Due to the computational needs of current security protocols, a significant portion of wireless biomedical equipment, such as ingestible biosensors for health monitoring, currently lacks robust protection, according to Jang.
However, power consumption might rise by two or three orders of magnitude due to the complexity of post-quantum cryptography (PQC).
Since organizations like the National Institute of Standards and Technology (NIST) will soon start replacing outdated cryptographic protocols with more robust PQC algorithms, PQC implementation is crucial. Furthermore, some industry executives feel that the introduction of PQC is even more important due to the rapid advancements in quantum technology.
The MIT researchers created an application-specific integrated circuit (ASIC), a specialized semiconductor that significantly lowers energy overhead while ensuring the highest level of security, to bring these power-hungry PQC protocols to wireless biomedical equipment.
PQC is very secure algorithmically, but making a device resilient against physical attacks usually requires additional countermeasures that pump up the energy consumption at least two or three times. We want our chip to be robust to both security threats in a very lightweight manner.
Seoyoon Jang, Study Lead Author and Electrical Engineering and Computer Science (EECS) Graduate Student, Massachusetts Institute of Technology
A Multi-Pronged Approach
The researchers added a number of design elements to the device in order to achieve these objectives.
To improve robustness and "future-proof" their device in the event that one PQC method turns out to be insecure, they first designed two distinct techniques. They used strategies that allow the PQC algorithms to share as much of the chip's computational resources as possible in order to increase energy efficiency.
Second, a very effective on-chip true random number generator was created by the researchers. In order to implement PQC, this gadget continuously generates random numbers for secret keys.
Compared to conventional methods that often obtain random numbers from an external chip, their on-chip architecture increases security and energy efficiency.
Third, they put in place defenses against a kind of physical hacking attempt known as a power side-channel attack, but only on the PQC protocols' weakest points.
By examining a device's power usage during data processing, hackers can obtain confidential information through power side-channel attacks. To make sure the chip is safe from these kinds of attacks, the MIT researchers added precisely the right amount of redundancy to the PQC operations.
Fourth, if the chip detects a voltage glitch, it will halt operations early, thanks to an early fault-detection system.
Since wireless biomedical devices frequently have unreliable power supplies, they are prone to malfunctions that can lead to the failure of a whole security protocol. By preventing the chip from completing a doomed process, the MIT method conserves energy.
“At the end of the day, because of the techniques we utilized, we can apply these post-quantum cryptography primitives while adding nothing to the overhead, with the added benefit of robustness to side-channel attacks,” Jang says.
Their device outperformed all other PQC security methods by 20 to 60 times in terms of energy efficiency, and it was smaller than many current processors.
“As we transition into post-quantum approaches, providing strong security for even the most resource-limited devices is essential. This work shows that robust cryptographic protection for biomedical and edge devices can be achieved alongside energy efficiency and programmability,” says Chandrakasan.
The researchers hope to use these methods in the future for energy-constrained gadgets and other susceptible applications.
The United States Advanced Research Projects Agency for Health contributed to the funding of this study.