| 1. |
- Höglund, Joel, 1979-, et al.
(author)
-
AC-SIF : ACE Access Control for Standardized Secure IoT Firmware Updates
- 2022
-
In: SECURWARE 2022. - : International Academy, Research and Industry Association (IARIA). - 9781685580070 ; , s. 54-62
-
Conference paper (peer-reviewed)abstract
- Globally identifiable, internet-connected embedded systems can be found throughout critical infrastructures in modern societies. Many of these devices operate unattended for several years at a time, which means a remote software update mechanism should be available in order to patch vulnerabilities. However, this is most often not the case, largely due to interoperability issues endemic to the Internet of Things (IoT). Significant progress toward global IoT compatibility has been made in recent years. In this paper we build upon emerging IoT technologies and recommendations from IETF SUIT working group to design a firmware update architecture which (1) provides end-to-end security between authors and devices, (2) is agnostic to the underlying transport protocols, (3) does not require trust anchor provisioning by the manufacturer and (4) uses standard solutions for crypto and message encodings. This work presents the design of a firmware manifest (i.e., metadata) serialization scheme based on CBOR and COSE, and a profile of CBOR Web Token (CWT) to provide access control and authentication for update authors. We demonstrate that this architecture can be realized whether or not the recipient devices support asymmetric cryptography. We then encode these data structures and find that all required metadata and authorization information for a firmware update can be encoded in less than 600 bytes with this architecture.
|
|
| 2. |
- Höglund, Joel, 1979-, et al.
(author)
-
AutoPKI : public key infrastructure for IoT with automated trust transfer
- 2024
-
In: International Journal of Information Security. - : Springer Science and Business Media Deutschland GmbH. - 1615-5262 .- 1615-5270.
-
Journal article (peer-reviewed)abstract
- IoT deployments grow in numbers and size, which makes questions of long-term support and maintainability increasingly important. Without scalable and standard-compliant capabilities to transfer the control of IoT devices between service providers, IoT system owners cannot ensure long-term maintainability, and risk vendor lock-in. The manual overhead must be kept low for large-scale IoT installations to be economically feasible. We propose AutoPKI, a lightweight protocol to update the IoT PKI credentials and shift the trusted domains, enabling the transfer of control between IoT service providers, building upon the latest IoT standards for secure communication and efficient encodings. We show that the overhead for the involved IoT devices is small and that the overall required manual overhead can be minimized. We analyse the fulfilment of the security requirements, and for a subset of them, we demonstrate that the desired security properties hold through formal verification using the Tamarin prover.
|
|
| 3. |
- Höglund, Joel, 1979-, et al.
(author)
-
AutoPKI: Public Key Infrastructure for IoT with Automated Trust Transfer
-
Other publication (other academic/artistic)abstract
- IoT deployments grow in numbers and size which makes questions of long-time support and maintainability increasingly important. By offering standard-compliant capabilities to transfer the control of IoT devices between service providers, maintainability is improved and vendor lock-in can be prevented. We propose AutoPKI, a protocol for transferring control between IoT service providers. We show that the overhead for the involved IoT devices is small and that the overall required manual overhead can be minimized. We analyse the fulfilment of the security requirements, and for a subset of them, we demonstrate that the desired security properties hold through formal verification in the Tamarin prover.
|
|
| 4. |
- Höglund, Joel, 1979-, et al.
(author)
-
BLEND: Efficient and blended IoT data storage and communication with application layer security
- 2022
-
In: 2022 IEEE International Conference on Cyber Security and Resilience (CSR). - : IEEE. ; , s. 253-260
-
Journal article (peer-reviewed)abstract
- Many IoT use cases demand both secure storage and secure communication. Resource-constrained devices cannot afford having one set of crypto protocols for storage and another for communication. Lightweight application layer security standards are being developed for IoT communication. Extending these protocols for secure storage can significantly reduce communication latency and local processing.We present BLEND, combining secure storage and communication by storing IoT data as pre-computed encrypted network packets. Unlike local methods, BLEND not only eliminates separate crypto for secure storage needs, but also eliminates a need for real-time crypto operations, reducing the communication latency significantly. Our evaluation shows that compared with a local solution, BLEND reduces send latency from 630 µs to 110 µs per packet. BLEND enables PKI based key management while being sufficiently lightweight for IoT. BLEND doesn’t need modifications to communication standards used when extended for secure storage, and can therefore preserve underlying protocols’ security guarantees.
|
|
| 5. |
- Höglund, Joel, 1979-, et al.
(author)
-
Lightweight certificate revocation for low-power IoT with end-to-end security
- 2023
-
In: Journal of Information Security and Applications. - Amsterdam : Elsevier Ltd. - 2214-2134 .- 2214-2126. ; 73
-
Journal article (peer-reviewed)abstract
- Public key infrastructure (PKI) provides the basis of authentication and access control in most networked systems. In the Internet of Things (IoT), however, security has predominantly been based on pre-shared keys (PSK), which cannot be revoked and do not provide strong authentication. The prevalence of PSK in the IoT is due primarily to a lack of lightweight protocols for accessing PKI services. Principal among these services are digital certificate enrollment and revocation, the former of which is addressed in recent research and is being pushed for standardization in IETF. However, no protocol yet exists for retrieving certificate status information on constrained devices, and revocation is not possible unless such a service is available. In this work, we start with implementing the Online Certificate Status Protocol (OCSP), the de facto standard for certificate validation on the Web, on state-of-the-art constrained hardware. In doing so, we demonstrate that the resource overhead of this protocol is unacceptable for highly constrained environments. We design, implement and evaluate a lightweight alternative to OCSP, TinyOCSP, which leverages recently standardized IoT protocols, such as CoAP and CBOR. In our experiments, validating eight certificates with TinyOCSP required 41% less energy than validating just one with OCSP on an ARM Cortex-M3 SoC. Moreover, validation transactions encoded with TinyOCSP are at least 73% smaller than the OCSP equivalent. We design a protocol for compressed certificate revocation lists (CCRL) using Bloom filters which together with TinyOCSP can further reduce validation overhead. We derive a set of equations for computing the optimal filter parameters, and confirm these results through empirical evaluation. © 2023 The Authors
|
|
| 6. |
- Höglund, Joel, 1979-
(author)
-
Public Key Infrastructure and its applications for resource-constrained IoT
- 2023
-
Doctoral thesis (other academic/artistic)abstract
- The Internet of Things (IoT) is rapidly expanding and IoT devices are being deployed in security-critical scenarios, such as in critical infrastructure monitoring and within e-health, and privacy-sensitive applications in hospitals and homes. With this, questions of security and safety become paramount. The overall theme of the research presented here is to bridge some of the identified gaps in IoT security, with a particular focus on enabling Public Key Infrastructure (PKI) functionality for constrained IoT devices. The contributions of this dissertation are made through six research papers that address identified shortcomings and challenges. The focus is on protocols, mechanisms, and efficient encodings rather than specific cryptographic solutions. The work to improve the state-of-art regarding PKI for IoT includes enrollment, revocation and trust transfer. We design and implement integrated lightweight certificate enrollment solutions for IoT devices and new compact certificate formats. This brings the total communication costs of session establishment and enrollment operations down to feasible levels for constrained IoT devices. An improved design is made to benefit from application layer security, enabling end-to-end communication capable of proxy traversal. To handle revocation of trust, we propose and design lightweight certificate revocation. We show how significant performance improvements compared with existing solutions can be made without sacrificing functionality or compromising security. To address the long-time maintainability of IoT systems, we design a lightweight schema for trust transfer, which allows control of IoT deployments to shift between service providers in a highly automated manner.In addition to improving PKI functionality, we propose mechanisms for secure storage and updates, which complement and strengthen the overall IoT security landscape. We show that standard-based application-layer security mechanisms can be extended to enable secure storage and communication, reducing the memory required for cryptographic solutions and the latency when sending sensor data onto the network. In our last contribution, we propose a design for secure software updates. Based on the existing ACE framework, we use token-based access control to fulfil the need for both authentication and authorisation security services.We have been working with industry partners to share our work in the shape of new standards for a better potential for industrial impact. In summary, several new building blocks required to create, maintain and support secure PKIs capable of including constrained IoT devices are proposed, forming important steps towards making IoT devices first-class Internet citizens.
|
|
| 7. |
|
|
