[Cryptography] Simple IoT sensor encryption ?

[Andrew Donoho]

> On Apr 14, 2016, at 14:50 , Henry Baker <hbaker1 at pipeline.com> wrote:
> 
> Should we just "bite the bullet" and brute force PK-encrypt all the sensor data?  This works, although it may use a heck of a lot more power, and may doom this scheme to quite low-bandwidth signals.



Henry,



	I think you should unpack this concern a bit. First, what is a sensor reading? For our purposes, lets say it is a single 32 bit int32_t/float32_t and a monotonically increasing “time” int32_t. What else would you have the payload contain? It could contain more identifying info but lets put those burdens on the servers.



Does using PK require a "heck of a lot more power?”

	Is this a wireless device?
		If so, what is the relative power consumption of encryption with PK or AES versus turning on the radios?
		If so, what is the marginal increase of power consumption due to using PK over AES?
	Is this a battery operated device?
		If so, what is the integrated energy consumption of the data reporting event? 
		Can you even measure the power consumption contributed by the PK? Is it material?



If the device is wired, say with Power over Ethernet, then just use the PK and be done with it.



	I suspect that with modern embedded 8 bit processors, encrypting a sensor reading, 64 bits, with PK, is just not that expensive. The power cost of turning on the radios is so much larger than the encryption power cost as to not be a real concern. Only the power consumption numbers will tell the tale.

	I’m betting that PK is all that is needed.



Anon,
Andrew
____________________________________
Andrew W. Donoho
Donoho Design Group, L.L.C.
awd at DDG.com, +1 (512) 750-7596, twitter.com/adonoho

Essentially, all models are wrong, but some are useful.
	— George E.P. Box