Establishing confidentiality between communicating peers is still an issue in contexts where solutions based on asymmetric keys are not viable, such as in dynamic Internet of Things (IoT) systems made up of heterogeneous and resource constrained devices. From the current literature, channel anonymity emerges as a promising methodology able to support key-establishment protocols. But, to the best of authors’ knowledge, no works already demonstrated its practical adoption over a concrete communication technology. To bridge this gap, we experimentally show that a lightweight key-establishment protocol based on channel anonymity is viable. The contributions of this work are mainfold. First, we introduce EXCHANge, a protocol that achieves key-establishment exploiting channel anonymity despite the presence of either a passive or active global-eavesdropper adversary. Second, we evaluate the performance of EXCHANge through an extensive experimental campaign involving real world IoT devices (OpenMote-CC2538). Our results demonstrate that the proposed solution introduces a limited overhead, thus being able to meet the requirements of resource constrained devices Finally, we experimentally demonstrate the security of the EXCHANge protocol against passive and active adversaries. Overall, this paper proves that channel anonymity can be a powerful tool in the IoT setting, to achieve a secure, effective, and efficient key-establishment.
EXCHANge: Securing IoT via Channel Anonymity / Sciancalepore, S.; Oligeri, G.; Piro, G.; Boggia, G.; Di Pietro, R.. - In: COMPUTER COMMUNICATIONS. - ISSN 0140-3664. - ELETTRONICO. - 134:(2019), pp. 14-29. [10.1016/j.comcom.2018.11.003]
EXCHANge: Securing IoT via Channel Anonymity
Sciancalepore, S.
;Piro, G.
;Boggia, G.;
2019-01-01
Abstract
Establishing confidentiality between communicating peers is still an issue in contexts where solutions based on asymmetric keys are not viable, such as in dynamic Internet of Things (IoT) systems made up of heterogeneous and resource constrained devices. From the current literature, channel anonymity emerges as a promising methodology able to support key-establishment protocols. But, to the best of authors’ knowledge, no works already demonstrated its practical adoption over a concrete communication technology. To bridge this gap, we experimentally show that a lightweight key-establishment protocol based on channel anonymity is viable. The contributions of this work are mainfold. First, we introduce EXCHANge, a protocol that achieves key-establishment exploiting channel anonymity despite the presence of either a passive or active global-eavesdropper adversary. Second, we evaluate the performance of EXCHANge through an extensive experimental campaign involving real world IoT devices (OpenMote-CC2538). Our results demonstrate that the proposed solution introduces a limited overhead, thus being able to meet the requirements of resource constrained devices Finally, we experimentally demonstrate the security of the EXCHANge protocol against passive and active adversaries. Overall, this paper proves that channel anonymity can be a powerful tool in the IoT setting, to achieve a secure, effective, and efficient key-establishment.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.