A highlight for me in 2011 was sitting down with a legend – Dr. Whitfield Diffie, inventor of public key cryptography. Today, he’s working on a new algorithm, and his insights in this video interview are worth watching.
Why do we need something other than AES? It’s secure and widely supported. According to Dr. Diffie:
AES is probably the best evaluated cryptographic algorithm of all time …. The degree of confidence in AES has to be higher than in any upstart algorithm … We’re not in any sense trying to supplant AES. We believe there are very important niche markets where it is by no means optimal.
That “niche” market is powered by billions of low power microcontrollers. The primary strategy for battery life in an ultra lower power system is to come out of sleep mode, perform necessary computations, and go back to sleep. AES is simply too heavy to be efficient in that type of operation.
Dr. Diffie’s new algorithm, Hummingbird, uses 5% of the power of AES at the same security level. That should turn the heads of designers working with microcontrollers who have avoided implementing stronger security in a trade-off for battery life.
Hummingbird traces its origin to the rotor machines of the 20th century, and is really designed specifically for the Internet of Things. It could change how designers view security on devices, and make stronger security achievable for many more things.
What do you think of Dr. Diffie’s ideas, or the state of security on embedded devices today?