A Secure Communication System for Constrained IoT Devices—Experiences and Recommendations

Goworko, Michał; Wytrębowicz, Jacek

doi:10.3390/s21206906

Cited by 8 publications

(2 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Goworko and Wytrebowicz [37] proposed IoT-Crypto, a secure communication system based on a custom self-signed certificate format inspired by both X. 509 In general, so far the state of the art proposals allow to reduce the size of X.509 certificates either by profiling or compressing the certificate.…”

Section: Related Workmentioning

confidence: 99%

L-ECQV: Lightweight ECQV Implicit Certificates for Authentication in the Internet of Things

et al. 2023

View full text Add to dashboard Cite

The vast expansion of the Internet of Things (IoT) devices and related applications has bridged the gap between the physical and digital world. Unfortunately, security remains a major challenge and the lack of secure links have fueled the increased attacks on IoT devices and networks. Due to its inherent scalability, Public Key Infrastructure (PKI) is the well-known and classic approach to bring public-key certificate based security to IoT. Even though the standard X.509 explicit certificates can be viable solution, they are inefficient and too large for resource constrained IoT networks and therefore, smaller, faster and more efficient Elliptic Curve Qu Vanstone (ECQV) implicit certificates can be employed for establishing authenticated connections in IoT. Moreover, the existing certificate-based authentication proposals in standardized IoT networks have either been deployed at the transport or physical layers. Thus, these proposals fail to provide true end-to-end security to messages at the application layer in the presence of intermediate CoAP proxies. This challenging aspect is addressed in this proposal by focusing on the certificate-based authentication at the application layer to ensure true end-to-end security of messages. Additionally, IoT application layer security protocols like EDHOC lacks mechanism for authenticated distribution of public keys and thus, there is a need for lightweight authentication based cryptographic primitive for establishing secure key agreement in IoT. This paper introduces a design and implementation of a lightweight ECQV implicit certificate and use them for authenticated key exchange in EDHOC at the application layer. We also design a lightweight profile with a novel encoding mechanism for ECQV implicit certificate, called L-ECQV. To prove its viability, L-ECQV has been implemented and evaluated on Contiki operating system. Our evaluation results show that the proposed L-ECQV certificate approach reduces energy consumption by 27%, message overhead of EDHOC handshake by 52%, and shows improvements in certificate validation time. The security analysis demonstrates that proposed L-ECQV certificates for EDHOC protocol is secure against a number of attack vectors present in the IoT network. This novel combination of ECQV certificates with EDHOC key exchange leads to a secure and lightweight authenticated key agreement in IoT networks.

show abstract

Section: Related Workmentioning

confidence: 99%

L-ECQV: Lightweight ECQV Implicit Certificates for Authentication in the Internet of Things

et al. 2023

View full text Add to dashboard Cite

show abstract

“…The common method of protecting data transmission in sensor systems is the Transport Layer Security (TLS) [ 5 ] or its datagram counterpart the Datagram Transport Layer Security (DTLS) [ 6 ]. (D)TLS is an incredibly powerful and flexible secure protocol to build secure communication channels between devices [ 7 ]. A secure channel ensures authentication of one of the entities or mutual-authentication, confidentiality and integrity of the data exchanged.…”

Section: Introductionmentioning

confidence: 99%

Enabling Secure Data Exchange through the IOTA Tangle for IoT Constrained Devices

Carelli

Palmieri

Vilei

et al. 2022

Sensors

View full text Add to dashboard Cite

Internet-of-Things (IoT) and sensor technologies have enabled the collection of data in a distributed fashion for analysis and evidence-based decision making. However, security concerns regarding the source, confidentiality and integrity of the data arise. The most common method of protecting data transmission in sensor systems is Transport Layer Security (TLS) or its datagram counterpart (DTLS) today, but exist an alternative option based on Distributed Ledger Technology (DLT) that promise strong security, ease of use and potential for large scale integration of heterogeneous sensor systems. A DLT such as the IOTA Tangle offers great potential to improve sensor data exchange. This paper presents L2Sec, a cryptographic protocol which is able to secure data exchanged over the IOTA Tangle. This protocol is suitable for implementation on constrained devices, such as common IoT devices, leading to greater scalability. The first experimental results evidence the effectiveness of the approach and advocate for the integration of an hardware secure element to improve the overall security of the protocol. The L2Sec source code is released as open source repository on GitHub.

show abstract

IoT Crypto Security Communication System

Kommineni

Madhu²,

Narayanamurthy

et al. 2022

Lecture Notes in Networks and Systems

View full text Add to dashboard Cite

A Secure Communication System for Constrained IoT Devices—Experiences and Recommendations

Cited by 8 publications

References 16 publications

L-ECQV: Lightweight ECQV Implicit Certificates for Authentication in the Internet of Things

L-ECQV: Lightweight ECQV Implicit Certificates for Authentication in the Internet of Things

Enabling Secure Data Exchange through the IOTA Tangle for IoT Constrained Devices

IoT Crypto Security Communication System

Contact Info

Product

Resources

About