rTLS: Lightweight TLS Session Resumption for Constrained IoT Devices

Tange, Koen; Howard, David M.; Shanahan, Travis; Pepe, Stefano; Fafoutis, Xenofon; Dragoni, Nicola

doi:10.1007/978-3-030-61078-4_14

Cited by 4 publications

(3 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…• Tiny physical area is required for the design of the assembly • Required less battery power • Required real-time processing and quick response IoT devices such as sensors and RFID tags are often small in size, have a limited amount of usable memory (RAM or ROM) for storing and running programs, and have limited processing power [5]. As well as limited physical space for the installation of the IoT devices [16].…”

Section: Significant Challenges Required To Implement Traditional Cry...mentioning

confidence: 99%

A Review of Lightweight Security and Privacy for Resource-Constrained IoT Devices

Kumar,

Dangi

et al. 2024

CMC

View full text Add to dashboard Cite

The widespread and growing interest in the Internet of Things (IoT) may be attributed to its usefulness in many different fields. Physical settings are probed for data, which is then transferred via linked networks. There are several hurdles to overcome when putting IoT into practice, from managing server infrastructure to coordinating the use of tiny sensors. When it comes to deploying IoT, everyone agrees that security is the biggest issue. This is due to the fact that a large number of IoT devices exist in the physical world and that many of them have constrained resources such as electricity, memory, processing power, and square footage. This research intends to analyse resource-constrained IoT devices, including RFID tags, sensors, and smart cards, and the issues involved with protecting them in such restricted circumstances. Using lightweight cryptography, the information sent between these gadgets may be secured. In order to provide a holistic picture, this research evaluates and contrasts well-known algorithms based on their implementation cost, hardware/software efficiency, and attack resistance features. We also emphasised how essential lightweight encryption is for striking a good cost-to-performance-to-security ratio. KEYWORDSIoT; a sensor device; lightweight; cryptography; block cipher; smart card; security and privacy Intelligent Power Grids: The transfer of data and control instructions between smart metres, grid equipment, and the centralised grid management system in smart grid systems is encrypted using lightweight cryptography. These low-power cryptographic systems protect data authenticity and privacy with little re-source drain. Inventory Control:To ensure the safety of data sent between GPS-enabled tracking devices and the main monitoring platform, asset tracking systems utilise lightweight encryption. In this way, pre-cious assets may be tracked in real-time, and their whereabouts can be kept secret from prying eyes.Linked Automobiles: Communications between the many Internet of Things (IoT) components in a car, such as the infotainment system, telematics, and sensors, are encrypted using lightweight cryptography in connected vehicle systems. These lightweight cryptographic methods help keep vehicle data secure and private without slowing down response times.Intelligent Farming: Soil moisture sensors, drones, and controlled irrigation systems are only a few ex-amples of the Internet of Things devices that benefit from lightweight cryptography in precision agriculture. These gadgets provide information on the state of crops and their surrounding environments, while also saving electricity and protecting the privacy of crucial agricultural records.Environmental Monitoring: Lightweight cryptography is employed in Internet of Things sensors for environmental monitoring applications in uninhabited areas like woods and seas. Even in lowpower settings, these sensors may gather information about the weather, air quality, or animals, and send it on to a central monitoring system. Management of Retai...

show abstract

Section: Significant Challenges Required To Implement Traditional Cry...mentioning

confidence: 99%

A Review of Lightweight Security and Privacy for Resource-Constrained IoT Devices

Kumar,

Dangi

et al. 2024

CMC

View full text Add to dashboard Cite

show abstract

“…Additionally, in our previous work [ 5 ], we introduced rTLS, a TLS 1.3 protocol extension that focuses specifically on the 0-RTT session resumption protocol, with the goal of making it more usable for the IoT. In our original work, we presented the protocol and included numerical estimates on its performance but did not include a thorough analysis of its security properties.…”

Section: Related Workmentioning

confidence: 99%

“…In previous work, we introduced rTLS [ 5 ], a TLS extension that can authenticate two endpoints and set up a secure connection with minimal additional overhead, given that the client and server have initiated a session in the past. We described how the extension changes the 0-RTT session resumption protocol to reduce overhead compared to the standard protocol, while adding new security features including replay protection, forward secrecy, and break-in protection.…”

Section: Introductionmentioning

confidence: 99%

rTLS: Secure and Efficient TLS Session Resumption for the Internet of Things

Tange

Mödersheim

Lalos

et al. 2021

Sensors

Self Cite

View full text Add to dashboard Cite

In recent years, the Transport Layer Security (TLS) protocol has enjoyed rapid growth as a security protocol for the Internet of Things (IoT). In its newest iteration, TLS 1.3, the Internet Engineering Task Force (IETF) has standardized a zero round-trip time (0-RTT) session resumption sub-protocol, allowing clients to already transmit application data in their first message to the server, provided they have shared session resumption details in a previous handshake. Since it is common for IoT devices to transmit periodic messages to a server, this 0-RTT protocol can help in reducing bandwidth overhead. Unfortunately, the sub-protocol has been designed for the Web and is susceptible to replay attacks. In our previous work, we adapted the 0-RTT protocol to strengthen it against replay attacks, while also reducing bandwidth overhead, thus making it more suitable for IoT applications. However, we did not include a formal security analysis of the protocol. In this work, we address this and provide a formal security analysis using OFMC. Further, we have included more accurate estimates on its performance, as well as making minor adjustments to the protocol itself to reduce implementation ambiguity and improve resilience.

show abstract

Performance Evaluation of TLS Session Establishments on an ARM Cortex-M4 Platform

Göppert,

Chomel,

et al. 2023

2023 IEEE 12th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applicat

View full text Add to dashboard Cite

rTLS: Lightweight TLS Session Resumption for Constrained IoT Devices

Cited by 4 publications

References 13 publications

A Review of Lightweight Security and Privacy for Resource-Constrained IoT Devices

A Review of Lightweight Security and Privacy for Resource-Constrained IoT Devices

rTLS: Secure and Efficient TLS Session Resumption for the Internet of Things

Performance Evaluation of TLS Session Establishments on an ARM Cortex-M4 Platform

Contact Info

Product

Resources

About