nach oben

Erschienen in:

2016 | OriginalPaper | Buchkapitel

ECDSA on Things: IoT Integrity Protection in Practise

verfasst von : Johannes Bauer, Ralf C. Staudemeyer, Henrich C. Pöhls, Alexandros Fragkiadakis

Erschienen in: Information and Communications Security

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

This paper documents some experiences and lessons learned during the development of an IoT security application for the EU-funded project RERUM. The application provides sensor data with end-to-end integrity protection through elliptic curve digital signatures (ECDSA). Here, our focus is on the cost in terms of hardware, runtime and power-consumption in a real-world trials scenario. We show that providing signed sensor data has little impact on the overall power consumption. We present the experiences that we made with different ECDSA implementations. Hardware accelerated signing can further reduce the costs in terms of runtime, however, the differences were not significant. The relevant aspect in terms of hardware is memory: experiences made with MSP430 and ARM Cortex M3 based hardware platforms revealed that the limiting factor is RAM capacity. Our experiences made during the trials show that problems typical for low-power and lossy networks can be addressed by the chosen network stack of CoAP, UDP, 6LoWPAN and 802.15.4; while still being lightweight enough to drive the application on the constrained devices investigated.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nächstes Kapitel Identity in the Internet-of-Things (IoT): New Challenges and Opportunities

EU-funded project RERUM ict-rerum.eu (last accessed 03 Oct 2016).

BMBF-funded project FORSEC bayforsec.de (last accessed 03 Oct 2016).

zolertia.io/product/hardware/z1-platform (last accessed 02 Oct 2016).

zolertia.io/product/hardware/re-mote (last accessed 02 Oct 2016).

ti.com/product/cc2538 (last accessed 02 Oct 2016).

contiki-os.org (last accessed 02 Oct 2016).

iot-a.eu/public/terminology (last accessed 02 Oct 2016).

RFC7518 [14] actually does not provide an identifier for SHA-256 hashing in combination with secp192r1 signing. However, it does for SHA-256 hashing in combination with P-256 signing (ES256). Therefore we use ES192 analogue to this convention.

github.com/nist-emntg/ecc-light-certificate (last accessed 02 Oct 2016).

nonce: arbitrary number only used once.

github.com/kmackay/micro-ecc (last accessed 02 Oct 2016).

tweetnacl.cr.yp.to.

TweetNaCl fits into 100 Twitter Tweets.

people.inf.ethz.ch/mkovatsc/copper.php (accessed 23 Aug 2016).

github.com/contiki-os/contiki/blob/master/tools/tunslip6.c.

wireshark.org.

Pöhls, H.C., Angelakis, V., Suppan, S., Fischer, K., Oikonomou, G., Tragos, E.Z., Diaz Rodriguez, R., Mouroutis, T.: RERUM: building a reliable IoT upon privacy- and security-enabled smart objects. In: Wireless Communications and Networking Conference Workshop on IoT Communications and Technologies (WCNC 2014), pp. 122–127 (2014)

Staudemeyer, R.C., Pöhls, H.C., Watson, B.W.: Security & privacy for the internet-of-things communication in the SmartCity. In: Angelakis, V., Tragos, E., Pöhls, H.C., Kapovits, A., Bassi, A. (eds.) Designing, Developing, Facilitating Smart Cities: Urban Design to IoT Solutions, 30 p. Springer, Heidelberg (2016)

Mössinger, M., Petschkuhn, B., Bauer, J., Staudemeyer, R.C., Wojcik, M., Pöhls, H.C.: Towards quantifying the cost of a secure IoT: overhead and energy consumption of ECC signatures on an ARM-based device. In: Proceedings of the 5th Workshop on the Internet of Things Smart Objects and Services (IoTSoS 2016), 6 p. (2016)

Pöhls, H.C.: JSON sensor signatures (JSS): end-to-end integrity protection from constrained device to IoT application. In: Proceedings of the Workshop on Extending Seamlessly to the Internet of Things (esIoT 2015), pp. 306–312 (2015)

Zolertia, “Z1 datasheet,” 20 p. (2010)

Montenegro, G., Kushalnagar, N., Hui, J., Culler, D.: RFC4944 – transmission of IPv6 packets over IEEE 802.15.4 networks. Requests for Comments (2007)

IEEE Standards Association, Part 15.4g: Low-Rate Wireless Personal Area Networks (LR-WPANs) Amendment 3: Physical Layer (PHY) specifications for low-data-rate, wireless, smart metering utility networks. IEEE (2012)

Olsson, J.: “6LoWPAN demystified,” Texas Instruments, 13 p. (2014)

Zolertia, “RE-Mote datasheet,” 2 p. (2015)

10.

Texas Instruments, “CC2538 datasheet,” 32 p. (2015)

11.

Dunkels, A., Grönvall, B., Voigt, T.: Contiki – a lightweight and flexible operating system for tiny networked sensors. In: 29th Annual IEEE International Conference on Local Computer Networks (LCN 2004), pp. 455–462 (2004)

12.

Angelakis, V., Cuellar, J., Fischer, K., Fowler, S., Gessner, J., Gundlegård, D., Helgesson, D., Konios, G., Lioumpas, A., Lunggren, M., Mardiak, M., Moldovan, G., Mouroutis, T., Nechifor, S., Oikonomou, G., Pöhls, H.C., Ruiz, D., Siris, V., Suppan, S., Stamatakis, G., Stylianou, Y., Traganitis, A., Tragos, E.Z.: The RERUM system architecture (RERUM Deliverable D2.3). Technical report (2014)

13.

Fielding, R.T.: Architectural styles and the design of network-based software architectures. Ph.D. dissertation, Department of Information and Computer Science (2000)

14.

Jones, M.: RFC7518 – JSON Web Algorithms (JWA). Technical report, Requests for Comments, Internet Engineering Task Force (2015)

15.

Josefsson, S.: RFC4648 – The Base16, Base32, and Base64 data encodings. Technical report, Requests for Comments, Network Working Group (2006)

16.

Dang, Q.H.: Secure hash standard. National Institute of Standards and Technology, Gaithersburg, MD, Technical report, August 2015

17.

European Network of Excellence in Cryptology II: ECRYPT II Yearly Report on Algorithms and Keysizes (2011–2012). Katholieke Universiteit Leuven, Technical report (2012)

18.

MacKay, K.: micro-ecc. http://kmackay.ca/micro-ecc/

19.

fail0verflow (bushing, marcan, segher, sven), “Console Hacking 2010 - PS3 Epic Fail (slides),” 27th Chaos Communications Congress (27C3) (2010). http://events.ccc.de/congress/2010/Fahrplan/attachments/1780_27c3_console_hacking_2010.pdf

20.

Klyubin, A.: Some SecureRandom Thoughts (2013). http://android-developers.blogspot.de/2013/08/some-securerandom-thoughts.html

21.

Brumley, B.B., Tuveri, N.: Remote timing attacks are still practical. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 355–371. Springer, Heidelberg (2011). doi:10.1007/978-3-642-23822-2_20 CrossRef

22.

Bernstein, D.J., Gastel, B., Janssen, W., Lange, T., Schwabe, P., Smetsers, S.: TweetNaCl: a crypto library in 100 tweets. In: Aranha, D.F., Menezes, A. (eds.) LATINCRYPT 2014. LNCS, vol. 8895, pp. 64–83. Springer, Heidelberg (2015). doi:10.1007/978-3-319-16295-9_4

23.

Turner, S., Brown, D., Yiu, K., Housley, R., Polk, T.: RFC5480 - elliptic curve cryptography subject public key information. Technical report, Requests for Comments, Network Working Group (2009)

24.

Brandt, A., Hui, J., Kelsey, R., Levis, P., Pister, K., Struik, R., Alexander, R.: RFC6550 – RPL: IPv6 routing protocol for low-power and lossy networks. Technical report, Requests for Comments, Internet Engineering Task Force (2012)

25.

López, D.R., Cuellar, J., Staudemeyer, R.C., Charalampidis, P., Fragkiadakis, A., Kasinathan, P., Pöhls, H.C., Suppan, S., Tragos, E., Weber, R.: Modelling the trustworthiness of the IoT (RERUM Deliverable D3.3), Technical report (2016)

26.

Tragos, E.Z., Bernabe, J.B., Staudemeyer, R.C., Luis, J., Ramos, H., Fragkiadakis, A., Skarmeta, A., Nati, M., Gluhak, A.: Trusted IoT in the complex landscape of governance, security, privacy, availability and safety. In: Digitising the Industry – Internet of Things Connecting the Physical, Digital and Virtual Worlds. River Publishers Series in Communications, pp. 210–239 (2016)

27.

Shelby, Z., Hartke, K., Bormann, C.: RFC7252 – The Constrained Application Protocol (CoAP). Technical report, Requests for Comments, Internet Engineering Task Force (2014)

28.

Bormann, C., Shelby, Z.: Block-wise transfers in CoAP. Working Draft, IETF, Internet-Draft (2016)

29.

Shelby, Z., Hartke, K., Bormann, C.: RFC7228 – terminology for constrained-node networks. Technical report, Requests for Comments, Internet Engineering Task Force (2014)

30.

Kovatsch, M.: Demo abstract: human-CoAP interaction with Copper. In: International Conference on Distributed Computing in Sensor Systems and Workshops (DCOSS 2011), pp. 1–2, Barcelona, Spain (2011)

31.

Romkey, J.: RFC1055 – Nonstandard for transmission of IP datagrams over serial lines: SLIP. Technical report, Requests for Comments, Network Working Group (1988)

32.

Postel, J.: RFC768 – User Datagram Protocol. Technical report, Requests for Comments, Internet Engineering Task Force (1980)

Titel: ECDSA on Things: IoT Integrity Protection in Practise
verfasst von: Johannes Bauer
Ralf C. Staudemeyer
Henrich C. Pöhls
Alexandros Fragkiadakis
Verlag: Springer International Publishing
Buch: Information and Communications Security
Print ISBN: 978-3-319-50010-2

Electronic ISBN: 978-3-319-50011-9

Copyright-Jahr: 2016
DOI: https://doi.org/10.1007/978-3-319-50011-9_1

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"