Top

Published in:

2024 | OriginalPaper | Chapter

IoTDisco: Strong yet Lightweight End-to-End Security for the Internet of Constrained Things

Authors : Hao Cheng, Georgios Fotiadis, Johann Großschädl, Peter Y. A. Ryan

Published in: Mobile, Secure, and Programmable Networking

Publisher: Springer Nature Switzerland

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Most widely-used protocols for end-to-end security, such as TLS and its datagram variant DTLS, are highly computation-intensive and introduce significant communication overheads, which makes them impractical for resource-restricted IoT devices. The recently-introduced Disco protocol framework provides a clean and well-documented basis for the design of strong end-to-end security with lower complexity than the (D)TLS protocol and no legacy baggage. Disco consists of two sub-protocols, namely Noise (known from e.g., WhatsApp) and Strobe, and is rather minimalist in terms of cryptography since it requires only an elliptic curve in Montgomery form and a cryptographic permutation as basic building blocks. In this paper, we present IoTDisco, an optimized implementation of the Disco protocol for 16-bit TI MSP430 microcontrollers. IoTDisco is based on David Wong’s EmbeddedDisco software and contains hand-written Assembly code for the prime-field arithmetic of Curve25519. However, we decided to replace the Keccak permutation of EmbeddedDisco by Xoodoo to reduce both the binary code size and RAM footprint. The experiments we conducted on a Zolertia Z1 device (equipped with a MSP430F2617 microcontroller) show that IoTDisco is able to perform the computational part of a full Noise NK handshake in 26.2 million clock cycles, i.e., 1.64 s when the MSP430 is clocked at 16 MHz. IoTDisco’s RAM footprint amounts to 1.4 kB, which is less than 17% of the overall RAM capacity (8 kB) of the Zolertia Z1.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

next chapter StrucTemp-GNN: An Intrusion Detection Framework in IoT Networks Using Dynamic Heterogeneous Graph Neural Networks

Depending on the application, signatures (e.g., in the form of certificates) may still be necessary to confirm a cryptographically-secure binding between a static public key and the identity of an entity. However, in such case, a Noise-based protocol has to support only signature verification, but not the signing operation. Note that the provision of evidence for the binding of an identity to a static public key is outside the scope of the Noise specification. More concretely, [25, Sect. 14] states that “it is up to the application to determine whether the remote party’s static public key is acceptable.” Sect. 14 of [25] also outlines some methods to ensure a static public key is genuine and trustworthy: certificates (which may be passed in a handshake payload), pre-configured lists of public keys, or pinning/key-continuity approaches where parties remember the public keys they encounter.

AlFardan, N.J., Bernstein, D.J., Paterson, K.G., Poettering, B., Schuldt, J.C.: On the security of RC4 in TLS. In: King, S.T. (ed.) Proceedings of the 22th USENIX Security Symposium (USS 2013), pp. 305–320. USENIX Association (2013)

Bernstein, D.J.: Curve25519: new Diffie-Hellman speed records. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 207–228. Springer, Heidelberg (2006). https://doi.org/10.1007/11745853_14CrossRef

Bernstein, D.J., Birkner, P., Joye, M., Lange, T., Peters, C.: Twisted Edwards curves. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 389–405. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-68164-9_26CrossRef

Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.Y.: High-speed high-security signatures. J. Cryptogr. Eng. 2(2), 77–89 (2012)CrossRef

Bernstein, D.J., van Gastel, B., Janssen, W., Lange, T., Schwabe, P., Smetsers, S.: TweetNaCl: a crypto library in 100 tweets. In: Aranha, D.F., Menezes, A. (eds.) LATINCRYPT 2014. LNCS, vol. 8895, pp. 64–83. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-16295-9_4CrossRef

Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: The Keccak reference, version 3.0 (2011). http://keccak.team/files/Keccak-reference-3.0.pdf

Bormann, C., Ersue, M., Keranen, A.: Terminology for constrained-node networks. IETF, Light-Weight Implementation Guidance Working Group, RFC 7228 (2014)

Costello, C., Smith, B.: Montgomery curves and their arithmetic. J. Cryptogr. Eng. 8(3), 227–240 (2018)CrossRef

Daemen, J., Hoffert, S., Peeters, M., Van Assche, G., Van Keer, R.: Xoodyak, a lightweight cryptographic scheme. IACR Trans. Symmetric Cryptol. 2020(S1), 60–87 (2020)CrossRef

10.

Düll, M., et al.: High-speed Curve25519 on 8-bit, 16-bit and 32-bit microcontrollers. Des. Codes Crypt. 77(2–3), 493–514 (2015)MathSciNetCrossRef

11.

Durumeric, Z., et al.: The matter of Heartbleed. In: Williamson, C., Akella, A., Taft, N. (eds.) Proceedings of the 14th Internet Measurement Conference (IMC 2014), pp. 475–488. ACM (2014)

12.

Giesen, F., Kohlar, F., Stebila, D.: On the security of TLS renegotiation. In: Sadeghi, A., Gligor, V.D., Yung, M. (eds.) Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS 2013), pp. 387–398. ACM (2013)

13.

Guha Sarkar, P., Fitzgerald, S.: Attacks on SSL: a comprehensive study of BEAST, CRIME, TIME, BREACH, Lucky 13 & RC4 biases. Technical report, iSEC Partners Inc. (Part of NCC Group) (2013). http://www.nccgroup.com/globalassets/our-research/us/whitepapers/ssl_attacks_survey.pdf

14.

Hamburg, M.: The STROBE protocol framework. Cryptology ePrint Archive, Report 2017/003 (2017). http://eprint.iacr.org

15.

Hankerson, D.R., Menezes, A.J., Vanstone, S.A.: Guide to Elliptic Curve Cryptography. Springer, Heidelberg (2004). https://doi.org/10.1007/b97644CrossRef

16.

Hisil, H., Wong, K.K.-H., Carter, G., Dawson, E.: Twisted Edwards curves revisited. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 326–343. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-89255-7_20CrossRef

17.

Hristozov, S., Huber, M., Xu, L., Fietz, J., Liess, M., Sigl, G.: The cost of OSCORE and EDHOC for constrained devices. In: Joshi, A., Carminati, B., Verma, R.M. (eds.) Proceedings of the 11th ACM Conference on Data and Application Security and Privacy (CODASPY 2021), pp. 245–250. ACM (2021)

18.

Krawczyk, H.: SIGMA: the ‘SIGn-and-MAc’ approach to authenticated Diffie-Hellman and its use in the IKE protocols. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 400–425. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_24CrossRef

19.

LaMacchia, B., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 1–16. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-75670-5_1CrossRef

20.

Law, L., Menezes, A., Qu, M., Solinas, J.A., Vanstone, S.A.: An efficient protocol for authenticated key agreement. Des. Codes Crypt. 28(2), 119–134 (2003)MathSciNetCrossRef

21.

Liu, Z., Großschädl, J., Li, L., Xu, Q.: Energy-efficient elliptic curve cryptography for MSP430-based wireless sensor nodes. In: Liu, J.K., Steinfeld, R. (eds.) ACISP 2016. LNCS, vol. 9722, pp. 94–112. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-40253-6_6CrossRef

22.

Menezes, A.J., Stebila, D.: End-to-end security: when do we have it? IEEE Secur. Priv. 19(4), 60–64 (2021)CrossRef

23.

Moskowitz, R., Hummen, R., Komu, M.: HIP Diet EXchange (DEX). IETF, Internet draft draft-ietf-hip-dex-24 (2021)

24.

Nie, P., Vähä-Herttua, J., Aura, T., Gurtov, A.V.: Performance analysis of HIP diet exchange for WSN security establishment. In: Chen, H., Ben-Othman, J., Cesana, M. (eds.) Proceedings of the 7th ACM Symposium on QoS and Security for Wireless and Mobile Networks (Q2SWinet 2011), pp. 51–56. ACM (2011)

25.

Perrin, T.: The Noise protocol framework (revision 34). Specification (2018). http://noiseprotocol.org/noise.pdf

26.

Rescorla, E.K.: The transport layer security (TLS) protocol version 1.3. IETF, Network Working Group, RFC 8446 (2018)

27.

Restuccia, G., Tschofenig, H., Baccelli, E.: Low-power IoT communication security: on the performance of DTLS and TLS 1.3. In: Proceedings of the 9th IFIP International Conference on Performance Evaluation and Modeling in Wireless Networks (PEMWN 2020), pp. 1–6. IEEE (2020)

28.

Selander, G., Preuß Mattsson, J., Palombini, F.: Ephemeral Diffie-Hellman over COSE (EDHOC). IETF, Internet draft draft-ietf-lake-edhoc-22 (2023)

29.

Stallings, W.: Cryptography and Network Security: Principles and Practice, 7th edn. Pearson (2016)

30.

Texas Instruments Inc: MSP430x2xx Family User’s Guide (Rev. J). Manual (2013). http://www.ti.com/lit/ug/slau144j/slau144j.pdf

31.

The OpenSSL Project: OpenSSL: Cryptography and SSL/TLS Toolkit (2021). http://www.openssl.org

32.

WhatsApp LLC: WhatsApp encryption overview. Technical white paper (2020). http://www.whatsapp.com/security/WhatsApp-Security-Whitepaper.pdf

33.

Wong, D.: Noise extension: disco (revision 6). Specification (2018). http://www.discocrypto.com/disco.pdf

34.

Wong, D.: Disco: modern session encryption. Cryptology ePrint Archive, Report 2019/180 (2019). http://eprint.iacr.org

35.

Wong, D.: EmbeddedDisco (2020). http://embeddeddisco.com

Title: IoTDisco: Strong yet Lightweight End-to-End Security for the Internet of Constrained Things
Authors: Hao Cheng
Georgios Fotiadis
Johann Großschädl
Peter Y. A. Ryan
Publisher: Springer Nature Switzerland
Book: Mobile, Secure, and Programmable Networking
Print ISBN: 978-3-031-52425-7

Electronic ISBN: 978-3-031-52426-4

Copyright Year: 2024
DOI: https://doi.org/10.1007/978-3-031-52426-4_1

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner