The idea of an Internet of Things (IoT) is quickly material- izing through the adoption of RFID as a replacement for bar code along with the introduction of Near Field Communication (NFC). We are able to interface with our daily-life objects over the Internet. However, the next steps towards a global network of smart objects will drive us through several large-scale, interdisciplinary efforts.
In particular, security and privacy are issues that must be consistently addressed before IoT can make its way into people’s lives. Things in IoT interact with each other and with human beings through a myriad of communication technologies, often wirelessly, and subject to interference, corruption, eavesdropping, and all kinds of attacks.
Most of encryption and authentication techniques were developed for the original Internet— the Internet of People that we use today—to handle attacks can in theory be applied to the IoT. However, the microcontrollers used in smart objects will seldom be able to put up with their requirements.
Furthermore, IoT will be subject to particular conditions not so often faced by today’s Internet devices. Things will send messages that will trigger immediate reactions from the environment. Capturing and reproducing one such valid message, even if it is encrypted and signed, could lead complex systems such as roadways, factories, and even future cities to misbehave.
Some Things will harvest energy from the environment for hours before they can say something to the world. And when they talk, one will have to decide whether or not to believe in what they say without having a chance to further discuss the subject (at least not for a couple of hours). Solutions such as transaction authentication and channel masking are of little help in this context.
In this article, we describe the design, implementation, and evaluation of a trustful infrastructure for the Internet of Things based on EPOSMote. The infrastructure was built around EPOS’ second generation of motes, which features an ARM processor and an IEEE 802.15.4 radio transceiver. It is presented to end users through a trustful communication protocol stack compatible with TCP/IP.
Trustfulness was tackled at MAC level by extending the C-MAC, EPOS native MAC protocol, with AES capabilities that were used to encrypt and authenticate IP datagrams packets. Our authentication mechanism encompasses temporal information to protect the network against replay attacks. The prototype implementation was assessed for processing, memory, and energy consumption with positive results.
To read more of this external content, download the complete paper from the online archives at the Federal University of Santa Catarina.