2,868 research outputs found
Performance Evaluation of Cryptographic Algorithms over IoT Platforms and Operating Systems
The deployment of security services over Wireless Sensor Networks (WSN) and IoT devices brings significant processing and energy consumption overheads. These overheads are mainly determined by algorithmic efficiency, quality of implementation, and operating system. Benchmarks of symmetric primitives exist in the literature for WSN platforms but they are mostly focused on single platforms or single operating systems. Moreover, they are not up to date with respect to implementations and/or operating systems versions which had significant progress. Herein, we provide time and energy benchmarks of reference implementations for different platforms and operating systems and analyze their impact. Moreover, we not only give the first benchmark results of symmetric cryptography for the Intel Edison IoT platform but also describe a methodology of how to measure energy consumption on that platform
An IoT Endpoint System-on-Chip for Secure and Energy-Efficient Near-Sensor Analytics
Near-sensor data analytics is a promising direction for IoT endpoints, as it
minimizes energy spent on communication and reduces network load - but it also
poses security concerns, as valuable data is stored or sent over the network at
various stages of the analytics pipeline. Using encryption to protect sensitive
data at the boundary of the on-chip analytics engine is a way to address data
security issues. To cope with the combined workload of analytics and encryption
in a tight power envelope, we propose Fulmine, a System-on-Chip based on a
tightly-coupled multi-core cluster augmented with specialized blocks for
compute-intensive data processing and encryption functions, supporting software
programmability for regular computing tasks. The Fulmine SoC, fabricated in
65nm technology, consumes less than 20mW on average at 0.8V achieving an
efficiency of up to 70pJ/B in encryption, 50pJ/px in convolution, or up to
25MIPS/mW in software. As a strong argument for real-life flexible application
of our platform, we show experimental results for three secure analytics use
cases: secure autonomous aerial surveillance with a state-of-the-art deep CNN
consuming 3.16pJ per equivalent RISC op; local CNN-based face detection with
secured remote recognition in 5.74pJ/op; and seizure detection with encrypted
data collection from EEG within 12.7pJ/op.Comment: 15 pages, 12 figures, accepted for publication to the IEEE
Transactions on Circuits and Systems - I: Regular Paper
Design and analysis of adaptive hierarchical low-power long-range networks
A new phase of evolution of Machine-to-Machine (M2M) communication has started where vertical Internet of Things (IoT) deployments dedicated to a single application domain gradually change to multi-purpose IoT infrastructures that service different applications across multiple industries. New networking technologies are being deployed operating over sub-GHz frequency bands that enable multi-tenant connectivity over long distances and increase network capacity by enforcing low transmission rates to increase network capacity. Such networking technologies allow cloud-based platforms to be connected with large numbers of IoT devices deployed several kilometres from the edges of the network. Despite the rapid uptake of Long-power Wide-area Networks (LPWANs), it remains unclear how to organize the wireless sensor network in a scaleable and adaptive way. This paper introduces a hierarchical communication scheme that utilizes the new capabilities of Long-Range Wireless Sensor Networking technologies by combining them with broadly used 802.11.4-based low-range low-power technologies. The design of the hierarchical scheme is presented in detail along with the technical details on the implementation in real-world hardware platforms. A platform-agnostic software firmware is produced that is evaluated in real-world large-scale testbeds. The performance of the networking scheme is evaluated through a series of experimental scenarios that generate environments with varying channel quality, failing nodes, and mobile nodes. The performance is evaluated in terms of the overall time required to organize the network and setup a hierarchy, the energy consumption and the overall lifetime of the network, as well as the ability to adapt to channel failures. The experimental analysis indicate that the combination of long-range and short-range networking technologies can lead to scalable solutions that can service concurrently multiple applications
On the feasibility of attribute-based encryption on Internet of Things devices
Attribute-based encryption (ABE) could be an effective cryptographic tool for the secure management of Internet of Things (IoT) devices, but its feasibility in the IoT has been under-investigated thus far. This article explores such feasibility for well-known IoT platforms, namely, Intel Galileo Gen 2, Intel Edison, Raspberry pi 1 model B, and Raspberry pi zero, and concludes that adopting ABE in the IoT is indeed feasible
Recommended from our members
Post-quantum blockchain for internet of things domain
This thesis was submitted for the award of Doctor of Philosophy and was awarded by Brunel University LondonIn the evolving realm of quantum computing, emerging advancements reveal substantial challenges and threats to existing cryptographic infrastructures, particularly impacting blockchain technologies. These are pivotal for securing the Internet of Things (IoT) ecosystems. The traditional blockchain structures, integral to myriad IoT applications, are susceptible to potential quantum computations, emphasizing an urgent need for innovations in post-quantum blockchain solutions to reinforce security in the expansive domain of IoT.
This PhD thesis delves into the crucial exploration and meticulous examination of the development and implementation of post-quantum blockchain within the IoT landscape, focusing on the incorporation of advanced post-quantum cryptographic algorithms in Hyperledger Fabric, a forefront blockchain platform renowned for its versatility and robustness. The primary aim is to discern viable post-quantum cryptographic solutions capable of fortifying blockchain systems against impending quantum threats enhancing security and reliability in IoT applications.
The research comprehensively evaluates various post-quantum public-key generation and digital signature algorithms, performing detailed analyses of their computational time and memory usage to identify optimal candidates. Furthermore, the thesis proposes an innovative lattice-based digital signature scheme Fast-Fourier Lattice-based Compact Signature over NTRU (Falcon), which leverages the Monte Carlo Markov Chain (MCMC) algorithm as a trapdoor sampler to augment its security attributes.
The research introduces a post-quantum version of the Hyperledger Fabric blockchain that integrates post-quantum signatures. The system utilizes the Open Quantum Safe (OQS) library, rigorously tested against NIST round 3 candidates for optimal performance. The study highlights the capability to manage IoT data securely on the post-quantum Hyperledger Fabric blockchain through the Message Queue Telemetry Transport (MQTT) protocol. Such a configuration ensures safe data transfer from IoT sensors directly to the blockchain nodes, securing the processing and recording of sensor data within the node ledger. The research addresses the multifaceted challenges of quantum computing advancements and significantly contributes to establishing secure, efficient, and resilient post-quantum blockchain infrastructures tailored explicitly for the IoT domain. These findings are instrumental in elevating the security paradigms of IoT systems against quantum vulnerabilities and catalysing innovations in post-quantum cryptography and blockchain technologies.
Furthermore, this thesis introduces strategies for the optimization of performance and scalability of post-quantum blockchain solutions and explores alternative, energy-efficient consensus mechanisms such as the Raft and Stellar Consensus Protocol (SCP), providing sustainable alternatives to the conventional Proof-of-Work (PoW) approach.
A critical insight emphasized throughout this thesis is the imperative of synergistic collaboration among academia, industry, and regulatory bodies. This collaboration is pivotal to expedite the adoption and standardization of post-quantum blockchain solutions, fostering the development of interoperable and standardized technologies enriched with robust security and privacy frameworks for end users.
In conclusion, this thesis furnishes profound insights and substantial contributions to implementing post-quantum blockchain in the IoT domain. It delineates original contributions to the knowledge and practices in the field, offering practical solutions and advancing the state-of-the-art in post-quantum cryptography and blockchain research, thereby paving the way for a secure and resilient future for interconnected IoT systems
The future of Cybersecurity in Italy: Strategic focus area
This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management
A Framework for Facilitating Secure Design and Development of IoT Systems
The term Internet of Things (IoT) describes an ever-growing ecosystem of physical objects
or things interconnected with each other and connected to the Internet. IoT devices
consist of a wide range of highly heterogeneous inanimate and animate objects. Thus, a
thing in the context of the IoT can even mean a person with blood pressure or heart rate
monitor implant or a pet with a biochip transponder. IoT devices range from ordinary
household appliances, such as smart light bulbs or smart coffee makers, to sophisticated
tools for industrial automation. IoT is currently leading a revolutionary change in many
industries and, as a result, a lot of industries and organizations are adopting the paradigm
to gain a competitive edge. This allows them to boost operational efficiency and optimize
system performance through real-time data management, which results in an optimized
balance between energy usage and throughput. Another important application area is
the Industrial Internet of Things (IIoT), which is the application of the IoT in industrial
settings. This is also referred to as the Industrial Internet or Industry 4.0, where Cyber-
Physical Systems (CPS) are interconnected using various technologies to achieve wireless
control as well as advanced manufacturing and factory automation. IoT applications
are becoming increasingly prevalent across many application domains, including smart
healthcare, smart cities, smart grids, smart farming, and smart supply chain management.
Similarly, IoT is currently transforming the way people live and work, and hence
the demand for smart consumer products among people is also increasing steadily. Thus,
many big industry giants, as well as startup companies, are competing to dominate the
market with their new IoT products and services, and hence unlocking the business value
of IoT.
Despite its increasing popularity, potential benefits, and proven capabilities, IoT is still in
its infancy and fraught with challenges. The technology is faced with many challenges, including
connectivity issues, compatibility/interoperability between devices and systems,
lack of standardization, management of the huge amounts of data, and lack of tools for
forensic investigations. However, the state of insecurity and privacy concerns in the IoT
are arguably among the key factors restraining the universal adoption of the technology.
Consequently, many recent research studies reveal that there are security and privacy issues
associated with the design and implementation of several IoT devices and Smart Applications
(smart apps). This can be attributed, partly, to the fact that as some IoT device
makers and smart apps development companies (especially the start-ups) reap business
value from the huge IoT market, they tend to neglect the importance of security. As a
result, many IoT devices and smart apps are created with security vulnerabilities, which
have resulted in many IoT related security breaches in recent years.
This thesis is focused on addressing the security and privacy challenges that were briefly
highlighted in the previous paragraph. Given that the Internet is not a secure environ ment even for the traditional computer systems makes IoT systems even less secure due
to the inherent constraints associated with many IoT devices. These constraints, which are
mainly imposed by cost since many IoT edge devices are expected to be inexpensive and
disposable, include limited energy resources, limited computational and storage capabilities,
as well as lossy networks due to the much lower hardware performance compared
to conventional computers. While there are many security and privacy issues in the IoT
today, arguably a root cause of such issues is that many start-up IoT device manufacturers
and smart apps development companies do not adhere to the concept of security by
design. Consequently, some of these companies produce IoT devices and smart apps with
security vulnerabilities.
In recent years, attackers have exploited different security vulnerabilities in IoT infrastructures
which have caused several data breaches and other security and privacy incidents
involving IoT devices and smart apps. These have attracted significant attention
from the research community in both academia and industry, resulting in a surge of proposals
put forward by many researchers. Although research approaches and findings may
vary across different research studies, the consensus is that a fundamental prerequisite for
addressing IoT security and privacy challenges is to build security and privacy protection
into IoT devices and smart apps from the very beginning. To this end, this thesis investigates
how to bake security and privacy into IoT systems from the onset, and as its main
objective, this thesis particularly focuses on providing a solution that can foster the design
and development of secure IoT devices and smart apps, namely the IoT Hardware Platform
Security Advisor (IoT-HarPSecA) framework. The security framework is expected to
provide support to designers and developers in IoT start-up companies during the design
and implementation of IoT systems. IoT-HarPSecA framework is also expected to facilitate
the implementation of security in existing IoT systems.
To accomplish the previously mentioned objective as well as to affirm the aforementioned
assertion, the following step-by-step problem-solving approach is followed. The first step
is an exhaustive survey of different aspects of IoT security and privacy, including security requirements in IoT architecture, security threats in IoT architecture, IoT application domains
and their associated cyber assets, the complexity of IoT vulnerabilities, and some
possible IoT security and privacy countermeasures; and the survey wraps up with a brief
overview of IoT hardware development platforms. The next steps are the identification of
many challenges and issues associated with the IoT, which narrowed down to the abovementioned
fundamental security/privacy issue; followed by a study of different aspects of
security implementation in the IoT. The remaining steps are the framework design thinking
process, framework design and implementation, and finally, framework performance
evaluation.
IoT-HarPSecA offers three functionality features, namely security requirement elicitation security best practice guidelines for secure development, and above all, a feature that recommends
specific Lightweight Cryptographic Algorithms (LWCAs) for both software and
hardware implementations. Accordingly, IoT-HarPSecA is composed of three main components,
namely Security Requirements Elicitation (SRE) component, Security Best Practice
Guidelines (SBPG) component, and Lightweight Cryptographic Algorithms Recommendation
(LWCAR) component, each of them servicing one of the aforementioned features.
The author has implemented a command-line tool in C++ to serve as an interface
between users and the security framework. This thesis presents a detailed description,
design, and implementation of the SRE, SBPG, and LWCAR components of the security
framework. It also presents real-world practical scenarios that show how IoT-HarPSecA
can be used to elicit security requirements, generate security best practices, and recommend
appropriate LWCAs based on user inputs. Furthermore, the thesis presents performance
evaluation of the SRE, SBPG, and LWCAR components framework tools, which
shows that IoT-HarPSecA can serve as a roadmap for secure IoT development.O termo Internet das coisas (IoT) é utilizado para descrever um ecossistema, em expansão,
de objetos fÃsicos ou elementos interconetados entre si e à Internet. Os dispositivos
IoT consistem numa gama vasta e heterogénea de objetos animados ou inanimados e,
neste contexto, podem pertencer à IoT um indivÃduo com um implante que monitoriza a
frequência cardÃaca ou até mesmo um animal de estimação que tenha um biochip. Estes
dispositivos variam entre eletrodomésticos, tais como máquinas de café ou lâmpadas inteligentes,
a ferramentas sofisticadas de uso na automatização industrial. A IoT está a
revolucionar e a provocar mudanças em várias indústrias e muitas adotam esta tecnologia
para incrementar as suas vantagens competitivas. Este paradigma melhora a eficiência
operacional e otimiza o desempenho de sistemas através da gestão de dados em tempo
real, resultando num balanço otimizado entre o uso energético e a taxa de transferência.
Outra área de aplicação é a IoT Industrial (IIoT) ou internet industrial ou Indústria 4.0,
ou seja, uma aplicação de IoT no âmbito industrial, onde os sistemas ciberfÃsicos estão interconectados
a diversas tecnologias de forma a obter um controlo de rede sem fios, bem
como fabricações avançadas e automatização fabril. As aplicações da IoT estão a crescer
e a tornarem-se predominantes em muitos domÃnios de aplicação inteligentes como sistemas
de saúde, cidades, redes, agricultura e sistemas de fornecimento. Da mesma forma,
a IoT está a transformar estilos de vida e de trabalho e assim, a procura por produtos inteligentes
está constantemente a aumentar. As grandes indústrias e startups competem
entre si de forma a dominar o mercado com os seus novos serviços e produtos IoT, desbloqueando
o valor de negócio da IoT.
Apesar da sua crescente popularidade, benefÃcios e capacidades comprovadas, a IoT está
ainda a dar os seus primeiros passos e é confrontada com muitos desafios. Entre eles,
problemas de conectividade, compatibilidade/interoperabilidade entre dispositivos e sistemas,
falta de padronização, gestão das enormes quantidades de dados e ainda falta de
ferramentas para investigações forenses. No entanto, preocupações quanto ao estado de
segurança e privacidade ainda estão entre os fatores adversos à adesão universal desta
tecnologia. Estudos recentes revelaram que existem questões de segurança e privacidade
associadas ao design e implementação de vários dispositivos IoT e aplicações inteligentes
(smart apps.), isto pode ser devido ao facto, em parte, de que alguns fabricantes e empresas
de desenvolvimento de dispositivos (especialmente startups) IoT e smart apps., recolham
o valor de negócio dos grandes mercados IoT, negligenciando assim a importância
da segurança, resultando em dispositivos IoT e smart apps. com carências e violações de
segurança da IoT nos últimos anos.
Esta tese aborda os desafios de segurança e privacidade que foram supra mencionados.
Visto que a Internet e os sistemas informáticos tradicionais são por vezes considerados inseguros,
os sistemas IoT tornam-se ainda mais inseguros, devido a restrições inerentes a tais dispositivos. Estas restrições são impostas devido ao custo, uma vez que se espera que
muitos dispositivos de ponta sejam de baixo custo e descartáveis, com recursos energéticos
limitados, bem como limitações na capacidade de armazenamento e computacionais,
e redes com perdas devido a um desempenho de hardware de qualidade inferior, quando
comparados com computadores convencionais. Uma das raÃzes do problema é o facto
de que muitos fabricantes, startups e empresas de desenvolvimento destes dispositivos e
smart apps não adiram ao conceito de segurança por construção, ou seja, logo na conceção,
não preveem a proteção da privacidade e segurança. Assim, alguns dos produtos e
dispositivos produzidos apresentam vulnerabilidades na segurança.
Nos últimos anos, hackers maliciosos têm explorado diferentes vulnerabilidades de segurança
nas infraestruturas da IoT, causando violações de dados e outros incidentes de
privacidade envolvendo dispositivos IoT e smart apps. Estes têm atraÃdo uma atenção significativa
por parte das comunidades académica e industrial, que culminaram num grande
número de propostas apresentadas por investigadores cientÃficos. Ainda que as abordagens
de pesquisa e os resultados variem entre os diferentes estudos, há um consenso e
pré-requisito fundamental para enfrentar os desafios de privacidade e segurança da IoT,
que buscam construir proteção de segurança e privacidade em dispositivos IoT e smart
apps. desde o fabrico. Para esta finalidade, esta tese investiga como produzir segurança
e privacidade destes sistemas desde a produção, e como principal objetivo, concentra-se
em fornecer soluções que possam promover a conceção e o desenvolvimento de dispositivos
IoT e smart apps., nomeadamente um conjunto de ferramentas chamado Consultor
de Segurança da Plataforma de Hardware da IoT (IoT-HarPSecA). Espera-se que o conjunto
de ferramentas forneça apoio a designers e programadores em startups durante a
conceção e implementação destes sistemas ou que facilite a integração de mecanismos de
segurança nos sistemas préexistentes.
De modo a alcançar o objetivo proposto, recorre-se à seguinte abordagem. A primeira fase
consiste num levantamento exaustivo de diferentes aspetos da segurança e privacidade na
IoT, incluindo requisitos de segurança na arquitetura da IoT e ameaças à sua segurança,
os seus domÃnios de aplicação e os ativos cibernéticos associados, a complexidade das
vulnerabilidades da IoT e ainda possÃveis contramedidas relacionadas com a segurança e
privacidade. Evolui-se para uma breve visão geral das plataformas de desenvolvimento
de hardware da IoT. As fases seguintes consistem na identificação dos desafios e questões
associadas à IoT, que foram restringidos às questões de segurança e privacidade. As demais
etapas abordam o processo de pensamento de conceção (design thinking), design e
implementação e, finalmente, a avaliação do desempenho.
O IoT-HarPSecA é composto por três componentes principais: a Obtenção de Requisitos
de Segurança (SRE), Orientações de Melhores Práticas de Segurança (SBPG) e a recomendação
de Componentes de Algoritmos Criptográficos Leves (LWCAR) na implementação de software e hardware. O autor implementou uma ferramenta em linha de comandos
usando linguagem C++ que serve como interface entre os utilizadores e a IoT-HarPSecA.
Esta tese apresenta ainda uma descrição detalhada, desenho e implementação das componentes
SRE, SBPG, e LWCAR. Apresenta ainda cenários práticos do mundo real que
demostram como o IoT-HarPSecA pode ser utilizado para elicitar requisitos de segurança,
gerar boas práticas de segurança (em termos de recomendações de implementação) e recomendar
algoritmos criptográficos leves apropriados com base no contributo dos utilizadores.
De igual forma, apresenta-se a avaliação do desempenho destes três componentes,
demonstrando que o IoT-HarPSecA pode servir como um roteiro para o desenvolvimento
seguro da IoT
A Guideline on Pseudorandom Number Generation (PRNG) in the IoT
Random numbers are an essential input to many functions on the Internet of
Things (IoT). Common use cases of randomness range from low-level packet
transmission to advanced algorithms of artificial intelligence as well as
security and trust, which heavily rely on unpredictable random sources. In the
constrained IoT, though, unpredictable random sources are a challenging desire
due to limited resources, deterministic real-time operations, and frequent lack
of a user interface.
In this paper, we revisit the generation of randomness from the perspective
of an IoT operating system (OS) that needs to support general purpose or
crypto-secure random numbers. We analyse the potential attack surface, derive
common requirements, and discuss the potentials and shortcomings of current IoT
OSs. A systematic evaluation of current IoT hardware components and popular
software generators based on well-established test suits and on experiments for
measuring performance give rise to a set of clear recommendations on how to
build such a random subsystem and which generators to use.Comment: 43 pages, 11 figures, 11 table
- …