Encryption can be used to send a secure message from the network device
to the server. The necessary encryption key must be programmed into the
network device in a secure production facility.
Two types of encryption are available: symmetric key and asymmetric
(public/ private) key. Symmetric-key systems depend on a shared secret
between the server and the network device (Figure 3 below).
3. In asymmetric-key authentication, a random challenge prevents a
replay of the response for the communication sequence.
This implementation is straightforward on a microprocessor, but is
more involved than the simple password approach. It offers a strong
form of authentication, because communications between the server and
network devices are encrypted, and cannot be emulated.
On the other hand, the cost is moderate because symmetric-key
encryption often uses simple arithmetic operations such as the OR
function and shifting, which are easily implemented even in a
microprocessor (Table 2 below).
2. Symmetric-key attributes
Network device and server must have an agreed upon symmetric secret
key. If the network device has a unique identifier, that identifier can
be the unique secret for that device.
4. Public-key authentication has the advantage of no shared secret.
Asymmetric-key systems (public/private) do not share a secret, but
instead each contains one private key and one public key. A certificate
can be installed on the network device to prove its authenticity.
Because a public/private key algorithm involves large calculations,
its implementation is usually expensive in terms of memory and CPU
cycles (Figure 4 above and Table 3 below). RSA public-key
encryption, for example, requires modular exponentiation. As another
caveat, the export of encryption out of the US may be restricted.
The network device must be loaded with a certificate that contains the
network device public key, encrypted with the server private key. By
decrypting the server public key, anyone can then prove the validity of
the network device.
3. Public-key attributes
Hashing is the transformation of a string of characters into a usually
shorter, fixed-length value or key that represents the original string.
A cryptographic hash (specifically, a cryptographically secure hash
that has part of its input as a shared secret) can also be used to
perform authentication (Figure 5 below).
5. A unique ID in the network device allows unique secrets for hash
authentication. The unique secret can be derived from a master secret
and the unique ID.
When part of the input is secret, the result is called a Message
Authentication Code (MAC). A cryptographic hash suitable for
cryptography has three main attributes: It must have a high avalanche
effect, in which the output changes significantly even for minor input
It must be a good one-way hash, so that nothing about the input can
be derived by looking at the output. Finally, it must be collision
resistant?two different hash inputs are unlikely to produce the same
hash output. Typical hash implementations (bitwise shifts, XORs, and
ANDs) have low intrinsic cost because they are easily implemented (Table 4 below).
4. Hash-authentication attributes
The network devices and server must have an agreed-upon secret to be
used in the MAC cryptographic hash calculation. If the network device
has a unique identifier (ID), then the ID can serve as a unique secret
for that device.