skip to main content
10.1145/3345768.3355924acmconferencesArticle/Chapter ViewAbstractPublication PagesmswimConference Proceedingsconference-collections
research-article

A Comprehensive Empirical Analysis of TLS Handshake and Record Layer on IoT Platforms

Published: 25 November 2019 Publication History

Abstract

The Transport Layer Security (TLS) protocol has been considered as a promising approach to secure Internet of Things (IoT) applications. The different cipher suites offered by the TLS protocol play an essential role in determining communication security level. Each cipher suite encompasses a set of cryptographic algorithms, which can vary in terms of their resource consumption and significantly influence the lifetime of IoT devices. Based on these considerations, in this paper, we present a comprehensive study of the widely used cryptographic algorithms by annotating their source codes and running empirical measurements on two state-of-the-art, low-power wireless IoT platforms. Specifically, we present fine-grained resource consumption of the building blocks of the handshake and record layer algorithms and formulate tree structures that present various possible combinations of ciphers as well as individual functions. Depending on the parameters, a path is selected and traversed to calculate the corresponding resource impact. Our studies enable IoT developers to change cipher suite parameters and immediately observe the resource costs. Besides, these findings offer guidelines for choosing the most appropriate cipher suites for different application scenarios.

References

[1]
Behnam Dezfouli, Marjan Radi, and Octav Chipara. relaxREWIMO: A real-time and reliable low-power wireless mobile network. ACM Transactions on Sensor Networks (TOSN), 13 (3): 17, 2017.
[2]
Habib Ur Rehman, Muhammad Asif, and Mudassar Ahmad. Future applications and research challenges of iot. In International Conference on Information and Communication Technologies (ICICT), pages 68--74. IEEE, 2017.
[3]
One trillion new iot devices will be produced by 2035. URL https://learn.arm.com/route-to-trillion-devices.html.
[4]
Jorge Granjal, Edmundo Monteiro, and Jorge Sá Silva. Security for the internet of things: a survey of existing protocols and open research issues. IEEE Communications Surveys and Tutorials, 17 (3): 1294--1312, 2015.
[5]
Nachiketh R Potlapally, Srivaths Ravi, Anand Raghunathan, and Niraj K Jha. A study of the energy consumption characteristics of cryptographic algorithms and security protocols. IEEE Transactions on mobile computing, 5 (2): 128--143, 2006.
[6]
URL https://transparencyreport.google.com/https/overview.
[7]
Klint Finley. Half the web is now encrypted. that makes everyone safer, Jun 2017. URL https://www.wired.com/2017/01/half-web-now-encrypted-makes-everyone-safer/.
[8]
Arcangelo Castiglione, Alfredo De Santis, Aniello Castiglione, Francesco Palmieri, and Ugo Fiore. An energy-aware framework for reliable and secure end-to-end ubiquitous data communications. In 5th International Conference on Intelligent Networking and Collaborative Systems (INCoS), pages 157--165. IEEE, 2013.
[9]
Tim Dierks and Eric Rescorla. The transport layer security (tls) protocol version 1.2. 2008.
[10]
Fitzgerald Shawn Sarkar, Pratik Guha. Attacks on ssl a comprehensive study of beast, crime, time, breach, lucky 13 and rc4 biases. iSecPartners, pages 1--23, 2013.
[11]
Lily Chen and Dustin Moody. relaxElliptic Curve Cryptography, 2017. URL https://csrc.nist.gov/Projects/Elliptic-Curve-Cryptography.
[12]
E. Rescorla T. Dierks. The transport layer security (tls) protocol version 1.2. https://tools.ietf.org/html/rfc5246, Aug 2008.
[13]
Zhe Liu, Xinyi Huang, Zhi Hu, Muhammad Khurram Khan, Hwajeong Seo, and Lu Zhou. On emerging family of elliptic curves to secure internet of things: Ecc comes of age. IEEE Transactions on Dependable and Secure Computing, 14 (3): 237--248, 2017.
[14]
018 a )]CYWCypress Semiconductor. relaxCYW943907AEVAL1F Evaluation Kit, 2018 a . URL http://www.cypress.com/documentation/development-kitsboards/cyw943907aeval1f-evaluation-kit.
[15]
018)]BCMAvnet Inc. relaxAvnet BCM4343W IoT Starter Kit, 2018. URL http://cloudconnectkits.org/product/avnet-bcm4343w-iot-starter-kit.
[16]
Behnam Dezfouli, Immanuel Amirtharaj, and Chia-Chi Chelsey Li. relaxEMPIOT: An energy measurement platform for wireless IoT devices. Journal of Network and Computer Applications, 121: 135--148, 2018.
[17]
018 b )]cypresswicedCypress Semiconductor. relaxWICED Studio, Mar 2018 b . URL http://www.cypress.com/products/wiced-software.
[18]
S. Blake-Wilson, N. Bolyard, V. Gupta, C. Hawk, and B. Moeller. relaxElliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS). https://tools.ietf.org/html/rfc4492, May 2006.
[19]
Pedro Sanchez Munoz, Nam Tran, Brandon Craig, Behnam Dezfouli, and Yuhong Liu. Analyzing the resource utilization of aes encryption on iot devices. In Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA), pages 1--8, 2018.
[20]
Diaa Salama Abd Elminaam, Hatem Mohamed Abdual-Kader, and Mohiy Mohamed Hadhoud. Evaluating the performance of symmetric encryption algorithms. IJ Network Security, 10 (3): 216--222, 2010.
[21]
Anton Biasizzo, Marko Mali, and Frank Novak. Hardware implementation of aes algorithm. Journal of Electrical Engineering, 56 (9--10): 265--269, 2005.
[22]
William Freeman and Ethan Miller. An experimental analysis of cryptographic overhead in performance-critical systems. In 7th International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems, pages 348--357. IEEE, 1999.
[23]
Neil Daswani and Dan Boneh. Experimenting with electronic commerce on the palmpilot. In International Conference on Financial Cryptography, pages 1--16. Springer, 1999.
[24]
Abdullah Almuhaideb, Mohammed Alhabeeb, Phu Dung Le, and Bala Srinivasan. Beyond fixed key size: Classifications toward a balance between security and performance. In 24th IEEE International Conference on Advanced Information Networking and Applications (AINA), pages 1047--1053, 2010.
[25]
George Apostolopoulos, Vinod Peris, Prashant Pradhan, and Debanjan Saha. Securing electronic commerce: reducing the ssl overhead. IEEE Network, 14 (4): 8--16, 2000.
[26]
Krzysztof Piotrowski, Peter Langendoerfer, and Steffen Peter. How public key cryptography influences wireless sensor node lifetime. In Proceedings of the fourth ACM workshop on Security of ad hoc and sensor networks, pages 169--176, 2006.
[27]
Lin-Shung Huang, Shrikant Adhikarla, Dan Boneh, and Collin Jackson. An experimental study of tls forward secrecy deployments. IEEE Internet Computing, 18 (6): 43--51, 2014.
[28]
Alejandro Hernandez Gerez, Kavin Kamaraj, Ramzi Nofal, Yuhong Liu, and Behnam Dezfouli. Energy and processing demand analysis of tls protocol in internet of things applications. In 2018 IEEE International Workshop on Signal Processing Systems (SiPS), pages 312--317, 2018.
[29]
E. Rescorla. The transport layer security (tls) protocol version 1.3. https://tools.ietf.org/html/rfc8446, Aug 2018.

Cited By

View all
  • (2022)Resource tradeoffs for TLS-secured MQTT-based IoT ManagementNOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium10.1109/NOMS54207.2022.9789806(1-6)Online publication date: 25-Apr-2022
  • (2021)A Performance Study of Crypto-Hardware in the Low-end IoTProceedings of the 2021 International Conference on Embedded Wireless Systems and Networks10.5555/3451271.3451279(79-90)Online publication date: 20-Feb-2021
  • (2021)A Framework for Managing Device Association and Offloading the Transport Layer’s Security Overhead of WiFi Device to Access PointsSensors10.3390/s2119643321:19(6433)Online publication date: 26-Sep-2021
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
MSWIM '19: Proceedings of the 22nd International ACM Conference on Modeling, Analysis and Simulation of Wireless and Mobile Systems
November 2019
340 pages
ISBN:9781450369046
DOI:10.1145/3345768
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 November 2019

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. elliptic curve
  2. encryption
  3. energy
  4. key exchange
  5. wireless

Qualifiers

  • Research-article

Funding Sources

  • Cypress Semiconductor

Conference

MSWiM '19
Sponsor:

Acceptance Rates

Overall Acceptance Rate 398 of 1,577 submissions, 25%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)32
  • Downloads (Last 6 weeks)7
Reflects downloads up to 13 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2022)Resource tradeoffs for TLS-secured MQTT-based IoT ManagementNOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium10.1109/NOMS54207.2022.9789806(1-6)Online publication date: 25-Apr-2022
  • (2021)A Performance Study of Crypto-Hardware in the Low-end IoTProceedings of the 2021 International Conference on Embedded Wireless Systems and Networks10.5555/3451271.3451279(79-90)Online publication date: 20-Feb-2021
  • (2021)A Framework for Managing Device Association and Offloading the Transport Layer’s Security Overhead of WiFi Device to Access PointsSensors10.3390/s2119643321:19(6433)Online publication date: 26-Sep-2021
  • (2021)Performance Analysis of Secure Elements for IoTIoT10.3390/iot30100013:1(1-28)Online publication date: 21-Dec-2021
  • (2021)Online Advertising Security: Issues, Taxonomy, and Future DirectionsIEEE Communications Surveys & Tutorials10.1109/COMST.2021.311827123:4(2494-2524)Online publication date: Dec-2022
  • (2020)TempoCode-IoT: temporal codebook-based encoding of flow features for intrusion detection in Internet of ThingsCluster Computing10.1007/s10586-020-03153-8Online publication date: 2-Sep-2020

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media