Skip to main content
SpringerLink
Log in
Book cover

Internet of Things: Novel Advances and Envisioned Applications pp 27–56Cite as

Two-Way Authentication for the Internet-of-Things

  • Chapter
  • First Online:

Part of the book series: Studies in Big Data ((SBD,volume 25))

Abstract

This chapter introduces the first fully implemented two-way authentication security scheme for Internet-of-Things (IoT) based on existing Internet standards, specifically the Datagram Transport Layer Security (DTLS) protocol. By relying on an established standard, existing implementations, engineering techniques, and security infrastructure can be reused, which enables an easy security uptake. The proposed security scheme uses two public key cryptography algorithms, RSA (Rivest, Shamir und Adleman) and Elliptic Curve Cryptography (ECC), tailored for the resource heterogeneous nature of IoT devices. The two-way authentication solution presented is designed to work over standard communication stacks that offer UDP/IPv6 networking for Low power Wireless Personal Area Networks (LoWPANs). A prototype implementation of DTLS is presented here in the context of a system architecture, and the scheme’s feasibility (low overheads and high interoperability) is demonstrated through extensive evaluations on the DTLS-supporting platform OPAL as clusterhead with children of different IoT hardware platforms.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Lehong, H., Velosa, A.: Hype cycle for the internet of things. White Paper, Stamford CT, Gartner Inc (2012)

    Google Scholar 

  2. European Telecommunications Standards Institute: Machine-to-machine communications (M2M); Smart Metering Use Cases (2010)

    Google Scholar 

  3. Leontiadi, I., Efstratiou, C., Mascolo, C., and Crowcroft, J.: SenShare: transforming sensor networks into multi-application sensing infrastructures. In: Proceedings of European Conference on Wireless Sensor Networks, pp. 65–81, Springer, Heidelberg (2012)

    Google Scholar 

  4. Shelby, Z., Bormann, C.: 6LoWPAN: The Wireless Embedded Internet. Wiley, United Kingdom (2009)

    Book  Google Scholar 

  5. Shelby, Z., Hartke, K., Bormann, C.: The constrained application protocol (CoAP). Req. Comments 7252, 1–112 (2014)

    Google Scholar 

  6. Dawson-Haggerty, S., Tavakoli, A., and Culler, D: Hydro: A hybrid routing protocol for low-power and lossy networks. In: Proceedings of 1st IEEE International Conference on Smart Grid Communications, pp. 268–273 (2010)

    Google Scholar 

  7. Kothmayr, T., Schmitt, C., Hu, W., Brünig, M., Carle, G.: DTLS based security and two-way authentication for the internet of things. Ad Hoc Netw. 11(8), 2710–2723 (2013)

    Article  Google Scholar 

  8. Noack, M.: Optimization of two-way authentication protocol in internet of things. Master thesis, University of Zurich, Communication Systems Group, Department of Informatics, Zurich, Switzerland (2014)

    Google Scholar 

  9. Bellare, M., Canetti, R., and Krawczyk, H.: Keyed hash functions and message authentication. In: Proceedings of Advances in Cryptology, pp. 1–15 (1996)

    Google Scholar 

  10. Karl, H., Willig, A.: Protocols and Architectures for Wireless Sensor Networks. Wiley, England (2007)

    Google Scholar 

  11. Miorande, D., Siciari, S., De Pellegrini, F., Chlamtac, I.: Internet of things: vision, applications and research challenges. Ad Hoc Netw. 10(7), 1497–1516 (2012)

    Article  Google Scholar 

  12. Atzori, L., Iera, A., Morabito, G.: The internet of things: a survey. Comput. Netw. 54(15), 2787–2805 (2010)

    Article  MATH  Google Scholar 

  13. Bormann, C., Ersue, M., Keranen, A.: Terminology for constrained-node networks. Req. Comments 7228, 1–17 (2014)

    Google Scholar 

  14. Akyildiz, I.F., Su, W., Sankarasubramaniam, Y., Cayirci, E.: Wireless sensor networks: a survey. Comput. Netw. 38(4), 393–422 (2002)

    Article  Google Scholar 

  15. Raymond, D.R., Midkiff, S.F.: Denial-of-service in wireless sensor networks: attacks and defenses. IEEE Pervasive Comput. 7(1), 74–81 (2008)

    Article  Google Scholar 

  16. Luk, M., Mezzour, G., Perrig, A., Gligor, V.: MiniSec: A secure sensor network communication architecture. In: Proceedings of 6th ACM International Conference on Information Processing in Sensor Networks, pp. 470–488 (2007)

    Google Scholar 

  17. Gupta, V., Wurm, M., Zhu, Y., Millard, M., Fung, S., Gura, N., Eberle, H., Shantz, S.C.: Sizzle: a standards-based end-to-end security architecture for the embedded internet. Pervasive Mob. Comput. 1(4), 425–445 (2005)

    Article  Google Scholar 

  18. Hu, W., Tan, H., Corke, P., Shih, W.C., Jha, S.: Toward trusted wireless sensorn networks. ACM Trans. Sens. Netw. 7(1), 5 (2010)

    Article  Google Scholar 

  19. Chan, H., Perrig, A., Song, D.: Random key predistribution schemes for sensor networks. In: Proccedings of IEEE Symposium on Security and Privacy, pp. 197–213 (2003)

    Google Scholar 

  20. Jung, W., Hong, S., Ha, M., Kim, Y.J., Kim, D.: SSL-based lightweight security of IP-based wireless sensor networks. In: Proceedings of IEEE International Conference on Advanced Information Networking and Applications Workshops, pp. 1112–1117 (2009)

    Google Scholar 

  21. Raza, S., Voigt, T., Rödig, U.: 6LoWPAN extension for IPsec. In: Proceedings of Workshop Interconnecting Smart Objects with the Internet, IAB, pp. 1–3 (2011)

    Google Scholar 

  22. Raza, S., Voigt, T., and Jutvik, V.: Lightweight IKEv2: a key management solution for both the compressed IPsec and the IEEE 802.15.4 security. In: Proceedings of the IETF Workshop on Smart Object Security, pp. 1–2 (2012)

    Google Scholar 

  23. Raza, S., Trabalza, D., Voigt, T.: 6LoWPAN compressed DTLS for CoAP. In: Proceedings of 8th IEEE International Conference on Distributed Computing in Sensor Systems, pp. 287–289 (2012)

    Google Scholar 

  24. Winter, T., Thubert, P., Brandt, A., Hui, J., Kelsey, P., Levis, K., Pister, K., Struik, R., Vasseur, J.P., Alexander, R.: RPL: IPv6 routing protocol for low-power and lossy networks. Req. Comments 6550, 1–157 (2012)

    Google Scholar 

  25. Schmitt, C.: Secure data transmission in wireless sensor networks. Ph.D. thesis, Technische Universität München, Institut für Informatik, pp. 1–190 (2013)

    Google Scholar 

  26. Schmitt, C., Stiller, B., Noack, M.: Two-way authentication for internet of things. White Paper, IETF ser. ACE Working. Group 14, 1–19 (2014)

    Google Scholar 

  27. Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., Polk, W.: Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile. Request for Comments, 5280, pp. 1–151 (2008)

    Google Scholar 

  28. Watro, R., Kong, D., Cuti, S., Gardiner, C., Lynn, C., Kruus, P.: TinyPK: securing sensor networks with public key technology. In: Proceedings of 2nd ACM Workshop on Security of AdHoc and Sensor Networks, pp. 59–64 (2004)

    Google Scholar 

  29. Modadugu, N., Rescorla, E.: The design and implementation of datagram TLS. In: Proccedings of Network and Distributed System Security Symposium, pp. 1–13 (2004)

    Google Scholar 

  30. Ning, P., Liu, A., Wenliang, D.: Mitigating DoS attacks against broadcast authentication in wireless sensor networks. ACM Trans. Sens. Netw. 4(1), 1–35 (2008). doi:10.1145/1325651.1325652

    Article  Google Scholar 

  31. Schmitt, C., Kothmayr, T., Benjamin, E., Wen, H., Braun, L., Carle, G.: TinyIPFIX: an efficient application protocol for data exchange in cyber physical systems. Comput. Commun. 74(2), 63–76 (2016)

    Article  Google Scholar 

  32. Blake-Wilson, S., Menezes, A.: Authenticated Diffie-Hellman key agreement protocols. In: Proceedings of the Selected Areas in Cryptography, pp. 339–361 (1998)

    Google Scholar 

  33. Advantic: CM5000-Datasheet. White Paper, pp. 1–20 (2015). http://www.epssilon.cl/files/EPS5000.pdf

  34. Jurdak, R., Klues, K., Kusy, B., Richter, C., Langendoen, K., Brunig, M.: OPAL: a multiradio platform for high throughput wireless sensor networks. IEEE Embed. Syst. Lett. 3(4), 121–124 (2011)

    Article  Google Scholar 

  35. Kothmayr, T.: A security architecture for wireless sensor networks based on DTLS. Master’s thesis, Technische Universität München, pp. 1–83 (2011)

    Google Scholar 

  36. Atmel: Smart ARM-based flash MCU - Datasheet. White Paper, pp. 1–1163 (2015). www.atmel.com

  37. Atmel Corporation: The atmel trusted platform module. White Paper, pp. 1–4 (2007). http://www.atmel.com/images/doc5128.pdf

  38. Grossschaedl, J., Tillich, S., Rechberger, C., Hofmann, M., Medwed, M.: Energy evaluation of software implementations of block ciphers under memory constraints. In: Proceedings of Conference on Design, Automation and Test in Europe, pp. 1110–1115 (2007)

    Google Scholar 

  39. Barker, E., Barker, W., Burr, W., Polk, W., Smid, M.: Recommendation for key management - Part 1: General (Revised). White Paper, National Institute of Standards and Technology, pp. 1–143 (2007)

    Google Scholar 

  40. McGrew, D.A., Viega, J.: The galois/counter mode of operation (GCM). White Paper, National Institute of Standards and Technology, pp. 1–43 (2005)

    Google Scholar 

  41. yaSSL: Implementation and performance of AES-NI in CyaSSL embedded SSL. White Paper, pp. 1–14 (2010). http://www.yassl.com/files/whitepapers/whitepaper_883_cyassl_aesni.pdf

  42. Liu, A., Ning, P.: TinyECC: a configurable library for elliptic curve cryptography in wireless sensor networks. In: Proceedings of 5th International Conference on Information Processing in Sensor Networks, pp. 245–256 (2008)

    Google Scholar 

  43. Kothmayr, T., Schmitt, C.: Tiny pkc implementation. http://www.corinna-schmitt.de/tinypkc.html Check the reference (year, page number)

  44. GNU: The GNU general public license version 2. White Paper (1991). http://www.gnu.org/licenses/gpl-2.0.html

  45. NIST: Recommended elliptic curves for federal government use. White Paper, pp. 1–43 (1999)

    Google Scholar 

  46. Fouladgar, S., Mainaud, B., Masmoudi, K., Afifi, H.: Tiny 3-TLS: a trust delegation protocol for wireless sensor networks. In: Levente, B., Gligor, V.D., Westhoff, D. (eds.) Proceedings of the Third European Conference on Security and Privacy in Ad-Hoc and Sensor Networks, pp. 32–42. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  47. Raza, S., Chung, T., Duquennoy, S., Dogan, Y., Voigt, T., Rodig, U.: Securing internet of things with lightweight IPsec. SICS Technical report, 1–27 (2011)

    Google Scholar 

Download references

Acknowledgements

The DTLS solution presented was supported partially by the German Federal Ministry of Education and Research: the SODA Project under Grant Agreement No. 01IS09040A and the AutHoNe Project under Grant Agreement No. 01BN070[25]. The standardization activity within IETF was supported partially by FLAMINGO and SmartenIT, funded by the EU FP7 Program under Contract No. FP7-2012-ICT-318488 and No. FP7-2012-ICT317846, respectively.

Author information

Authors and Affiliations

  1. Communication Systems Group CSG, Department of Informatics IfI, University of Zurich, Binzmühlestrasse 14, 8050, Zurich, Switzerland

    Corinna Schmitt & Burkhard Stiller

  2. Fakultät Für Informatik, Technische Universität München, Boltzmannstrasse 3, 85748, Garching, Germany

    Thomas Kothmayr

  3. School of Computer Science and Engineering, The University of New South Wales, Sydney, NSW, 2052, Australia

    Wen Hu

Authors
  1. Corinna Schmitt
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Thomas Kothmayr
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Wen Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Burkhard Stiller
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Corinna Schmitt .

Editor information

Editors and Affiliations

  1. School of Computer Science and Engg., VIT University School of Computer Science and Engg., Vellore, India

    D. P. Acharjya

  2. Department of Computer Science and Engineering, Annamalai University Faculty of Engineering and Technology, Chidambaram, India

    M. Kalaiselvi Geetha

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this chapter

Cite this chapter

Schmitt, C., Kothmayr, T., Hu, W., Stiller, B. (2017). Two-Way Authentication for the Internet-of-Things. In: Acharjya, D., Geetha, M. (eds) Internet of Things: Novel Advances and Envisioned Applications. Studies in Big Data, vol 25. Springer, Cham. https://doi.org/10.1007/978-3-319-53472-5_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-53472-5_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-53470-1

  • Online ISBN: 978-3-319-53472-5

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation