Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Entropy as a Service

Project Links

Project Overview

Cryptography is critical for securing data at rest or in transit over the IoT. But cryptography fails when a device uses easy-to-guess (weak) keys generated from low-entropy random data. Standard deterministic computers have trouble producing good randomness, especially resource-constrained IoT-class devices that have little opportunity to collect local entropy before they begin network communications. The best sources of true randomness are based on unpredictable physical phenomena, such as quantum effects, but they can be impractical to include in IoT devices.

We research novel Internet service architectures providing secure entropy sources to IoT devices. Our research covers also the problem of trust on the Internet, which is particularly relevant for services of such fundamental importance.

We work on a service architecture that is designed to distribute and aggregate trust across a scalable collective of diverse participants, yielding a collective authority. By combining known cryptographic techniques in novel ways, this architecture will provide fresh entropy to IoT devices when needed. The architecture will distribute trust across thousands of servers scattered around the world: scalable enough that every country’s government and every technology company in the world could participate directly in the decentralized root of trust, each actively and independently ensuring that all others “stay honest.”

EaaS Overview (PDF)

Created September 02, 2016, Updated December 13, 2017