Securing the IP-based internet of things with HIP and DTLS

García-Morchón, Óscar; Keoh, Sye Loong; Kumar, Sandeep; Moreno-Sanchez, Pedro; Vidal-Meca, Francisco; Ziegeldorf, Jan Henrik

doi:10.1145/2462096.2462117

Cited by 78 publications

(33 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…HIP introduces a cryptographic namespace of stable host identities (HIs) between the network and transport layer [23]. Unlike DTLS and minimal IKEv2, HIP supports node mobility and multi-homing, which are very important attributes of IoT [24]. Following is a concise overview of HIP BEX and HIP DEX protocols and other lightweight HIP variants.…”

Section: Background and Related Workmentioning

confidence: 99%

CHIP: Collaborative Host Identity Protocol with Efficient Key Establishment for Constrained Devices in Internet of Things

Porambage

Braeken

Kumar

et al. 2017

Wireless Pers Commun

View full text Add to dashboard Cite

The Internet of Things (IoT) is the next evolutionary paradigm of networking technologies that interconnects almost all the smart objects and intelligent sensors related to human activities, machineries, and environment. IoT technologies and Internet Protocol connectivity enable wide ranges of network devices to communicate irrespective of their resource capabilities and local networks. In order to provide seamless connectivity and interoperability, it is notable to maintain secure end-to-end (E2E) communication links in Part of this work has been published in IEEE Globecom, 2015 as 'Efficient Key Establishment for Constrained IoT Devices with Collaborative HIP-based Approach'. The proxy based key establishment component is taken from the paper which is entitled 'Proxy-based End-to-End Key Establishment Protocol for the Internet of Things' and presented at IEEE ICC Workshop on Security and Privacy for Internet of Things and CyberPhysical Systems, 2015. The extensions of these works include the derivation of entire CHIP protocol, implementation it on Waspmote sensors, the measurement of energy costs, and the discussion of performance and security features in detail.

show abstract

Section: Background and Related Workmentioning

confidence: 99%

CHIP: Collaborative Host Identity Protocol with Efficient Key Establishment for Constrained Devices in Internet of Things

Porambage

Braeken

Kumar

et al. 2017

Wireless Pers Commun

View full text Add to dashboard Cite

show abstract

“…Still, implicit certificates do not alleviate the need for public-key cryptography on constrained devices. Garcia-Morchon et al [31] propose a polynomial scheme as a replacement for public-key cryptography in the DTLS handshake. However, similar to the symmetric-key-based DTLS handshake, their approach depends on the secure provisioning of the polynomial shares before a DTLS connection can be established.…”

Section: Related Workmentioning

confidence: 99%

Delegation-based authentication and authorization for the IP-based Internet of Things

Hummen

Shafagh

Raza

et al. 2014

2014 Eleventh Annual IEEE International Conference on Sensing, Communication, and Networking (SECON)

117

View full text Add to dashboard Cite

Abstract-IP technology for resource-constrained devices enables transparent end-to-end connections between a vast variety of devices and services in the Internet of Things (IoT). To protect these connections, several variants of traditional IP security protocols have recently been proposed for standardization, most notably the DTLS protocol. In this paper, we identify significant resource requirements for the DTLS handshake when employing public-key cryptography for peer authentication and key agreement purposes. These overheads particularly hamper secure communication for memory-constrained devices. To alleviate these limitations, we propose a delegation architecture that offloads the expensive DTLS connection establishment to a delegation server. By handing over the established security context to the constrained device, our delegation architecture significantly reduces the resource requirements of DTLS-protected communication for constrained devices. Additionally, our delegation architecture naturally provides authorization functionality when leveraging the central role of the delegation server in the initial connection establishment. Hence, in this paper, we present a comprehensive, yet compact solution for authentication, authorization, and secure data transmission in the IP-based IoT. The evaluation results show that compared to a public-key-based DTLS handshake our delegation architecture reduces the memory overhead by 64 %, computations by 97 %, network transmissions by 68 %.

show abstract

“…As mentioned in [7], the code footprint of a DTLS implementation on a constrained device lies around 16 KB of ROM and 4 KB of RAM. Considering the capabilities of class 1 devices mentioned in the previous section, the large RAM footprint is problematic.…”

Section: A Security With Dtlsmentioning

confidence: 99%

“…In this case, a DTLS session has to be setup with every communicating host. Keoh et al [7] have determined the communication overhead for a single-hop network without any packet loss to be an additional 12 messages spanning four extra round trips. These extra messages can be attributed entirely to the complex DTLS handshake.…”

Section: A Security With Dtlsmentioning

confidence: 99%

Fine-grained management of CoAP interactions with constrained IoT devices

Abeele

Hoebeke

Moerman

et al. 2014

2014 IEEE Network Operations and Management Symposium (NOMS)

View full text Add to dashboard Cite

Abstract-As open standards for the Internet of Things gain traction, the current Intranet of Things will evolve to a truly open Internet of Things, where constrained devices are first class citizens of the public Internet. However, the large amount of control over constrained networks offered by today's vertically integrated platforms, becomes even more important in an open IoT considering its promise of direct end-to-end interactions with constrained devices. In this paper a set of challenges is identified for controlling interactions with constrained networks that arise due to their constrained nature and their integration with the public Internet. Furthermore, a number of solutions are presented for overcoming these challenges by means of an intercepting intermediary at the edge of the constrained network.

show abstract

Securing the IP-based internet of things with HIP and DTLS

Cited by 78 publications

References 5 publications

CHIP: Collaborative Host Identity Protocol with Efficient Key Establishment for Constrained Devices in Internet of Things

CHIP: Collaborative Host Identity Protocol with Efficient Key Establishment for Constrained Devices in Internet of Things

Delegation-based authentication and authorization for the IP-based Internet of Things

Fine-grained management of CoAP interactions with constrained IoT devices

Contact Info

Product

Resources

About