research-article

Securing the IP-based internet of things with HIP and DTLS

Authors:

Oscar Garcia-Morchon,

Sye Loong Keoh,

Pedro Moreno-Sanchez,

Francisco Vidal-Meca,

Jan Henrik ZiegeldorfAuthors Info & Claims

WiSec '13: Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks

Pages 119 - 124

https://doi.org/10.1145/2462096.2462117

Published: 17 April 2013 Publication History

Abstract

The IP-based Internet of Things (IoT) refers to the pervasive interaction of smart devices and people enabling new applications by means of new IP protocols such as 6LoWPAN and CoAP. Security is a must, and for that we need a secure architecture in which all device interactions are protected, from joining an IoT network to the secure management of keying materials. However, this is challenging because existing IP security protocols do not offer all required functionalities and typical Internet solutions do not lead to the best performance.

We propose and compare two security architectures providing secure network access, key management and secure communication. The first solution relies on a new variant of the Host Identity Protocol (HIP) based on pre-shared keys (PSK), while the second solution is based on the standard Datagram Transport Layer Security (DTLS). Our evaluation shows that although the HIP solution performs better, the currently limited usage of HIP poses severe limitations. The DTLS architecture allows for easier interaction and interoperability with the Internet, but optimizations are needed due to its performance issues.

References

[1]

R. Alexander and T. Tsao. Adapted Multimedia Internet KEYing (AMIKEY): An extension of Multimedia Internet KEYing Methods for Generic LLN Environments. Internet-draft, IETF, 2012.

[2]

O. Bergmann. tinydtls - a basic dtls server template.

[3]

L. Chen. Recommendation for key derivation using pseudorandom functions. SP-800-108, Computer Security Division. Information Technology Laboratory. US Department of Commerce, 2009.

[4]

M. Dworkin. Recommendation for block cipher modes of operation: The ccm mode for authentication and confidentiality. SP-800-38c, NIST. Technology Administration. US Department of Commerce, 2007.

[5]

P. Eronen and H. Tschofenig. Pre-Shared Key Ciphersuites for Transport Layer Security (TLS). RFC 4279 (Proposed Standard), December 2005.

[6]

A. Dunkels et al. Contiki - a lightweight and flexible operating system for tiny networked sensors. In 29th Annual IEEE International Conference on Local Computer Networks, pages 455--462. IEEE, 2004.

Digital Library

[7]

A. Perrig et al. Spins: security protocols for sensor networks. Wireless Networks, 8(5), 2002.

Digital Library

[8]

A.J. Menezes et al. Handbook of Applied Cryptography. 5 edition, Aug. 2001.

[9]

C. Blundo et al. Perfectly-secure key distribution for dynamic conferences. Advances in cryptology, 1993.

Digital Library

[10]

J. Arkko et al. MIKEY: Multimedia Internet KEYing. RFC 3830, August 2004. Updated by RFCs 4738, 6309.

[11]

R. Moskowitz et al. Host Identity Protocol Version 2 (HIPv2). Internet-draft, IETF, 2012.

[12]

V. Gupta et al. Sizzle: A standards-based end-to-end security architecture for the embedded internet. Pervasive and Mobile Computing, 1:425--445, 2005.

Digital Library

[13]

Z. Shelby et al. Constrained Application Protocol (CoAP). Internet-Draft draft-ietf-core-coap-12, IETF, October 2012.

[14]

D. Liu and P. Ning. Establishing pairwise keys in distributed sensor networks. In Proceedings of the 10th ACM Conference on Computer and Communications Security, CCS '03. ACM, 2003.

Digital Library

[15]

R. Moskowitz. HIP Diet EXchange (DEX). Internet Draft draft-moskowitz-hip-rg-dex-06, IETF, 2012.

[16]

E. Rescorla and B. Korver. Guidelines for Writing RFC Text on Security Considerations. RFC 3552 (Best Current Practice), July 2003.

Digital Library

[17]

E. Rescorla and N. Modadugu. Datagram Transport Layer Security. RFC 4347, April 2006. Obsoleted by RFC 6347, updated by RFC 5746.

Cited By

Yalli JHasan MJung LAl-Selwi S(2025)Authentication schemes for Internet of Things (IoT) networks: A systematic review and security assessmentInternet of Things10.1016/j.iot.2024.10146930(101469)Online publication date: Mar-2025
https://doi.org/10.1016/j.iot.2024.101469
Hossain MKayas GHasan RSkjellum ANoor SIslam S(2024)A Holistic Analysis of Internet of Things (IoT) Security: Principles, Practices, and New PerspectivesFuture Internet10.3390/fi1602004016:2(40)Online publication date: 24-Jan-2024
https://doi.org/10.3390/fi16020040
Changazi SBakhshi AYousaf MMohsin SAkber SAbazeed MAli M(2024)Optimization of network topology robustness in IoTs: A systematic reviewComputer Networks10.1016/j.comnet.2024.110568250(110568)Online publication date: Aug-2024
https://doi.org/10.1016/j.comnet.2024.110568
Show More Cited By

Index Terms

Securing the IP-based internet of things with HIP and DTLS
1. Networks
  1. Network protocols

Recommendations

Internet of Things security

The Internet of things (IoT) has recently become an important research topic because it integrates various sensors and objects to communicate directly with one another without human intervention. The requirements for the large-scale deployment of the IoT ...
DTLS based security and two-way authentication for the Internet of Things

In this paper, we introduce the first fully implemented two-way authentication security scheme for the Internet of Things (IoT) based on existing Internet standards, specifically the Datagram Transport Layer Security (DTLS) protocol. By relying on an ...
Security Challenges in the IP-based Internet of Things

A direct interpretation of the term Internet of Things refers to the use of standard Internet protocols for the human-to-thing or thing-to-thing communication in embedded networks. Although the security needs are well-recognized in this domain, it is ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

WiSec '13: Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks

April 2013

230 pages

ISBN:9781450319980

DOI:10.1145/2462096

General Chair:
Levente Buttyán
Budapest University of Technology and Economics, Hungary
,
Program Chairs:
Ahmad-Reza Sadeghi
Technische Universitaet Darmstadt, Fraunhofer SIT, Intel-CRISC, Germany
,
Marco Gruteser
Rutgers University, USA

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

In-Cooperation

SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 April 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

WISEC'13

Sponsor:

SIGSAC

WISEC'13: Sixth ACM Conference on Security and Privacy in Wireless and Mobile Networks

April 17 - 19, 2013

Budapest, Hungary

Acceptance Rates

WiSec '13 Paper Acceptance Rate 26 of 70 submissions, 37%;

Overall Acceptance Rate 98 of 338 submissions, 29%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

70
Total Citations
View Citations
1,062
Total Downloads

Downloads (Last 12 months)13
Downloads (Last 6 weeks)0

Reflects downloads up to 03 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Yalli JHasan MJung LAl-Selwi S(2025)Authentication schemes for Internet of Things (IoT) networks: A systematic review and security assessmentInternet of Things10.1016/j.iot.2024.10146930(101469)Online publication date: Mar-2025
https://doi.org/10.1016/j.iot.2024.101469
Hossain MKayas GHasan RSkjellum ANoor SIslam S(2024)A Holistic Analysis of Internet of Things (IoT) Security: Principles, Practices, and New PerspectivesFuture Internet10.3390/fi1602004016:2(40)Online publication date: 24-Jan-2024
https://doi.org/10.3390/fi16020040
Changazi SBakhshi AYousaf MMohsin SAkber SAbazeed MAli M(2024)Optimization of network topology robustness in IoTs: A systematic reviewComputer Networks10.1016/j.comnet.2024.110568250(110568)Online publication date: Aug-2024
https://doi.org/10.1016/j.comnet.2024.110568
Rustambekov IGulyamov SAllahrakha NAbdikhakimov IErgashev SSaidov BKan E(2024)Ensuring Data Transmission Security Through Wi-Fi 6, ZigBee, and Li-Fi Technologies in Smart City IntegrationInventive Communication and Computational Technologies10.1007/978-981-97-7710-5_73(935-946)Online publication date: 15-Dec-2024
https://doi.org/10.1007/978-981-97-7710-5_73
Abrar SUllah KZahid SUllah MKhan IHaq M(2023)Security in Internet of ThingsProtecting User Privacy in Web Search Utilization10.4018/978-1-6684-6914-9.ch011(215-233)Online publication date: 3-Mar-2023
https://doi.org/10.4018/978-1-6684-6914-9.ch011
García Carrillo DPérez SInglés EPapadopoulos GMontavont NSkarmeta A(2023)Authentication and Authorization Frameworks for IoTSpringer Handbook of Internet of Things10.1007/978-3-031-39650-2_12(247-288)Online publication date: 28-Nov-2023
https://doi.org/10.1007/978-3-031-39650-2_12
Rajmohan TNguyen PFerry N(2022)A decade of research on patterns and architectures for IoT securityCybersecurity10.1186/s42400-021-00104-75:1Online publication date: 5-Jan-2022
https://doi.org/10.1186/s42400-021-00104-7
Choukhairi MFakhri YAmnai M(2022)TTIDS : A Time-Driven Trust Based Intrusion Detection System for IoT Networks2022 9th International Conference on Wireless Networks and Mobile Communications (WINCOM)10.1109/WINCOM55661.2022.9966466(1-8)Online publication date: 26-Oct-2022
https://doi.org/10.1109/WINCOM55661.2022.9966466
Ahanger TAljumah AAtiquzzaman M(2022)State-of-the-art survey of artificial intelligent techniques for IoT securityComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2022.108771206:COnline publication date: 7-Apr-2022
https://dl.acm.org/doi/10.1016/j.comnet.2022.108771
Khan AAhmad AAhmed MSessa JAnisetti M(2022)Authorization schemes for internet of things: requirements, weaknesses, future challenges and trendsComplex & Intelligent Systems10.1007/s40747-022-00765-y8:5(3919-3941)Online publication date: 19-May-2022
https://doi.org/10.1007/s40747-022-00765-y
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten