Towards viable certificate-based authentication for the Internet of ThingsShow others and affiliations
2013 (English)In: HotWiSec 2013 - Proceedings of the 2013 ACM Workshop on Hot Topics on Wireless Network Security and Privacy, 2013, p. 37-41Conference paper, Published paper (Refereed)
Abstract [en]
The vision of the Internet of Things considers smart objects in the physical world as first-class citizens of the digital world. Especially IP technology and RESTful web services on smart objects promise simple interactions with Internet services in the Web of Things, e.g., for building automation or in e-health scenarios. Peer authentication and secure data transmission are vital aspects in many of these scenarios to prevent leakage of personal information and harmful actuating tasks. While standard security solutions exist for traditional IP networks, the constraints of smart objects demand for more lightweight security mechanisms. Thus, the use of certificates for peer authentication is predominantly considered impracticable. In this paper, we investigate if this assumption is valid. To this end, we present preliminary overhead estimates for the certificate-based DTLS handshake and argue that certificates - with improvements to the handshake - are a viable method of authentication in many network scenarios. We propose three design ideas to reduce the overheads of the DTLS handshake. These ideas are based on (i) pre-validation, (ii) session resumption, and (iii) handshake delegation. We qualitatively analyze the expected overhead reductions and discuss their applicability.
Place, publisher, year, edition, pages
2013. p. 37-41
Keywords [en]
Authentication, Certificates, Internet of Things, TLS, Building automation, Internet of Things (IOT), Lightweight securities, Overhead reductions, Personal information, RESTful Web services, Cost reduction, Intelligent buildings, Internet, Web services, Wireless networks, Network security
National Category
Engineering and Technology
Identifiers
URN: urn:nbn:se:ri:diva-48715DOI: 10.1145/2463183.2463193Scopus ID: 2-s2.0-84879548737ISBN: 9781450320030 (print)OAI: oai:DiVA.org:ri-48715DiVA, id: diva2:1468111
Conference
2013 2nd ACM Workshop on Hot Topics on Wireless Network Security and Privacy, HotWiSec 2013; Budapest; Hungary; 19 April 2013 through 19 April 2013
2020-09-172020-09-172023-06-08Bibliographically approved