Top

Published in:

2017 | OriginalPaper | Chapter

Two-Way Authentication for the Internet-of-Things

Authors : Corinna Schmitt, Thomas Kothmayr, Wen Hu, Burkhard Stiller

Published in: Internet of Things: Novel Advances and Envisioned Applications

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

This chapter introduces the first fully implemented two-way authentication security scheme for Internet-of-Things (IoT) based on existing Internet standards, specifically the Datagram Transport Layer Security (DTLS) protocol. By relying on an established standard, existing implementations, engineering techniques, and security infrastructure can be reused, which enables an easy security uptake. The proposed security scheme uses two public key cryptography algorithms, RSA (Rivest, Shamir und Adleman) and Elliptic Curve Cryptography (ECC), tailored for the resource heterogeneous nature of IoT devices. The two-way authentication solution presented is designed to work over standard communication stacks that offer UDP/IPv6 networking for Low power Wireless Personal Area Networks (LoWPANs). A prototype implementation of DTLS is presented here in the context of a system architecture, and the scheme’s feasibility (low overheads and high interoperability) is demonstrated through extensive evaluations on the DTLS-supporting platform OPAL as clusterhead with children of different IoT hardware platforms.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Relay Technology for 5G Networks and IoT Applications

next chapter Mobility Support and Service Discovery for Industrial Process Monitoring

Lehong, H., Velosa, A.: Hype cycle for the internet of things. White Paper, Stamford CT, Gartner Inc (2012)

European Telecommunications Standards Institute: Machine-to-machine communications (M2M); Smart Metering Use Cases (2010)

Leontiadi, I., Efstratiou, C., Mascolo, C., and Crowcroft, J.: SenShare: transforming sensor networks into multi-application sensing infrastructures. In: Proceedings of European Conference on Wireless Sensor Networks, pp. 65–81, Springer, Heidelberg (2012)

Shelby, Z., Bormann, C.: 6LoWPAN: The Wireless Embedded Internet. Wiley, United Kingdom (2009)CrossRef

Shelby, Z., Hartke, K., Bormann, C.: The constrained application protocol (CoAP). Req. Comments 7252, 1–112 (2014)

Dawson-Haggerty, S., Tavakoli, A., and Culler, D: Hydro: A hybrid routing protocol for low-power and lossy networks. In: Proceedings of 1st IEEE International Conference on Smart Grid Communications, pp. 268–273 (2010)

Kothmayr, T., Schmitt, C., Hu, W., Brünig, M., Carle, G.: DTLS based security and two-way authentication for the internet of things. Ad Hoc Netw. 11(8), 2710–2723 (2013)CrossRef

Noack, M.: Optimization of two-way authentication protocol in internet of things. Master thesis, University of Zurich, Communication Systems Group, Department of Informatics, Zurich, Switzerland (2014)

Bellare, M., Canetti, R., and Krawczyk, H.: Keyed hash functions and message authentication. In: Proceedings of Advances in Cryptology, pp. 1–15 (1996)

10.

Karl, H., Willig, A.: Protocols and Architectures for Wireless Sensor Networks. Wiley, England (2007)

11.

Miorande, D., Siciari, S., De Pellegrini, F., Chlamtac, I.: Internet of things: vision, applications and research challenges. Ad Hoc Netw. 10(7), 1497–1516 (2012)CrossRef

12.

Atzori, L., Iera, A., Morabito, G.: The internet of things: a survey. Comput. Netw. 54(15), 2787–2805 (2010)CrossRefMATH

13.

Bormann, C., Ersue, M., Keranen, A.: Terminology for constrained-node networks. Req. Comments 7228, 1–17 (2014)

14.

Akyildiz, I.F., Su, W., Sankarasubramaniam, Y., Cayirci, E.: Wireless sensor networks: a survey. Comput. Netw. 38(4), 393–422 (2002)CrossRef

15.

Raymond, D.R., Midkiff, S.F.: Denial-of-service in wireless sensor networks: attacks and defenses. IEEE Pervasive Comput. 7(1), 74–81 (2008)CrossRef

16.

Luk, M., Mezzour, G., Perrig, A., Gligor, V.: MiniSec: A secure sensor network communication architecture. In: Proceedings of 6th ACM International Conference on Information Processing in Sensor Networks, pp. 470–488 (2007)

17.

Gupta, V., Wurm, M., Zhu, Y., Millard, M., Fung, S., Gura, N., Eberle, H., Shantz, S.C.: Sizzle: a standards-based end-to-end security architecture for the embedded internet. Pervasive Mob. Comput. 1(4), 425–445 (2005)CrossRef

18.

Hu, W., Tan, H., Corke, P., Shih, W.C., Jha, S.: Toward trusted wireless sensorn networks. ACM Trans. Sens. Netw. 7(1), 5 (2010)CrossRef

19.

Chan, H., Perrig, A., Song, D.: Random key predistribution schemes for sensor networks. In: Proccedings of IEEE Symposium on Security and Privacy, pp. 197–213 (2003)

20.

Jung, W., Hong, S., Ha, M., Kim, Y.J., Kim, D.: SSL-based lightweight security of IP-based wireless sensor networks. In: Proceedings of IEEE International Conference on Advanced Information Networking and Applications Workshops, pp. 1112–1117 (2009)

21.

Raza, S., Voigt, T., Rödig, U.: 6LoWPAN extension for IPsec. In: Proceedings of Workshop Interconnecting Smart Objects with the Internet, IAB, pp. 1–3 (2011)

22.

Raza, S., Voigt, T., and Jutvik, V.: Lightweight IKEv2: a key management solution for both the compressed IPsec and the IEEE 802.15.4 security. In: Proceedings of the IETF Workshop on Smart Object Security, pp. 1–2 (2012)

23.

Raza, S., Trabalza, D., Voigt, T.: 6LoWPAN compressed DTLS for CoAP. In: Proceedings of 8th IEEE International Conference on Distributed Computing in Sensor Systems, pp. 287–289 (2012)

24.

Winter, T., Thubert, P., Brandt, A., Hui, J., Kelsey, P., Levis, K., Pister, K., Struik, R., Vasseur, J.P., Alexander, R.: RPL: IPv6 routing protocol for low-power and lossy networks. Req. Comments 6550, 1–157 (2012)

25.

Schmitt, C.: Secure data transmission in wireless sensor networks. Ph.D. thesis, Technische Universität München, Institut für Informatik, pp. 1–190 (2013)

26.

Schmitt, C., Stiller, B., Noack, M.: Two-way authentication for internet of things. White Paper, IETF ser. ACE Working. Group 14, 1–19 (2014)

27.

Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., Polk, W.: Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile. Request for Comments, 5280, pp. 1–151 (2008)

28.

Watro, R., Kong, D., Cuti, S., Gardiner, C., Lynn, C., Kruus, P.: TinyPK: securing sensor networks with public key technology. In: Proceedings of 2nd ACM Workshop on Security of AdHoc and Sensor Networks, pp. 59–64 (2004)

29.

Modadugu, N., Rescorla, E.: The design and implementation of datagram TLS. In: Proccedings of Network and Distributed System Security Symposium, pp. 1–13 (2004)

30.

Ning, P., Liu, A., Wenliang, D.: Mitigating DoS attacks against broadcast authentication in wireless sensor networks. ACM Trans. Sens. Netw. 4(1), 1–35 (2008). doi:10.1145/1325651.1325652 CrossRef

31.

Schmitt, C., Kothmayr, T., Benjamin, E., Wen, H., Braun, L., Carle, G.: TinyIPFIX: an efficient application protocol for data exchange in cyber physical systems. Comput. Commun. 74(2), 63–76 (2016)CrossRef

32.

Blake-Wilson, S., Menezes, A.: Authenticated Diffie-Hellman key agreement protocols. In: Proceedings of the Selected Areas in Cryptography, pp. 339–361 (1998)

33.

Advantic: CM5000-Datasheet. White Paper, pp. 1–20 (2015). http://www.epssilon.cl/files/EPS5000.pdf

34.

Jurdak, R., Klues, K., Kusy, B., Richter, C., Langendoen, K., Brunig, M.: OPAL: a multiradio platform for high throughput wireless sensor networks. IEEE Embed. Syst. Lett. 3(4), 121–124 (2011)CrossRef

35.

Kothmayr, T.: A security architecture for wireless sensor networks based on DTLS. Master’s thesis, Technische Universität München, pp. 1–83 (2011)

36.

Atmel: Smart ARM-based flash MCU - Datasheet. White Paper, pp. 1–1163 (2015). www.atmel.com

37.

Atmel Corporation: The atmel trusted platform module. White Paper, pp. 1–4 (2007). http://www.atmel.com/images/doc5128.pdf

38.

Grossschaedl, J., Tillich, S., Rechberger, C., Hofmann, M., Medwed, M.: Energy evaluation of software implementations of block ciphers under memory constraints. In: Proceedings of Conference on Design, Automation and Test in Europe, pp. 1110–1115 (2007)

39.

Barker, E., Barker, W., Burr, W., Polk, W., Smid, M.: Recommendation for key management - Part 1: General (Revised). White Paper, National Institute of Standards and Technology, pp. 1–143 (2007)

40.

McGrew, D.A., Viega, J.: The galois/counter mode of operation (GCM). White Paper, National Institute of Standards and Technology, pp. 1–43 (2005)

41.

yaSSL: Implementation and performance of AES-NI in CyaSSL embedded SSL. White Paper, pp. 1–14 (2010). http://www.yassl.com/files/whitepapers/whitepaper_883_cyassl_aesni.pdf

42.

Liu, A., Ning, P.: TinyECC: a configurable library for elliptic curve cryptography in wireless sensor networks. In: Proceedings of 5th International Conference on Information Processing in Sensor Networks, pp. 245–256 (2008)

43.

Kothmayr, T., Schmitt, C.: Tiny pkc implementation. http://www.corinna-schmitt.de/tinypkc.html Check the reference (year, page number)

44.

GNU: The GNU general public license version 2. White Paper (1991). http://www.gnu.org/licenses/gpl-2.0.html

45.

NIST: Recommended elliptic curves for federal government use. White Paper, pp. 1–43 (1999)

46.

Fouladgar, S., Mainaud, B., Masmoudi, K., Afifi, H.: Tiny 3-TLS: a trust delegation protocol for wireless sensor networks. In: Levente, B., Gligor, V.D., Westhoff, D. (eds.) Proceedings of the Third European Conference on Security and Privacy in Ad-Hoc and Sensor Networks, pp. 32–42. Springer, Heidelberg (2006)CrossRef

47.

Raza, S., Chung, T., Duquennoy, S., Dogan, Y., Voigt, T., Rodig, U.: Securing internet of things with lightweight IPsec. SICS Technical report, 1–27 (2011)

Title: Two-Way Authentication for the Internet-of-Things
Authors: Corinna Schmitt
Thomas Kothmayr
Wen Hu
Burkhard Stiller
Publisher: Springer International Publishing
Book: Internet of Things: Novel Advances and Envisioned Applications
Print ISBN: 978-3-319-53470-1

Electronic ISBN: 978-3-319-53472-5

Copyright Year: 2017
DOI: https://doi.org/10.1007/978-3-319-53472-5_2

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner